Report - www.mailnavigator.com/DbxBackup.exe

Report Overview

Visited public
2024-01-19 07:36:10
Tags
URL
www.mailnavigator.com/DbxBackup.exe
Finishing URL
about:privatebrowsing
IP / ASN
94.249.192.241
#12586 GHOSTnet GmbH
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.mailnavigator.com	unknown	1999-09-29	2012-05-26 07:08:43	2024-01-12 01:34:01	896 B	615 kB	94.249.192.241

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.mailnavigator.com/DbxBackup16.exe
IP
94.249.192.241
ASN
#12586 GHOSTnet GmbH

File type
PE32 executable (GUI) Intel 80386, for MS Windows
Size
614 kB (613776 bytes)
Hash
4c8b6e6fbeb9e715e9daa74cbab7ca8a
41a2c59b38b15e118f7a9f44cd84bfad5559323f
b9d128faef1909d8f41def850d2d0f08d4e06650f672e8e489991d6ae0acb352

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/55

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

www.mailnavigator.com/DbxBackup.exe

94.249.192.241

302 Found

304 B

URL User Request GET HTTP/2
www.mailnavigator.com/DbxBackup.exe
IP
94.249.192.241:443
ASN
#12586 GHOSTnet GmbH

Certificate
IssuerLet's Encrypt
Subjectmailnavigator.com
Fingerprint62:0F:5B:17:6E:60:DC:88:B5:67:A4:96:C9:E2:83:4C:7D:1A:9E:39
ValidityFri, 19 Jan 2024 02:12:57 GMT - Thu, 18 Apr 2024 02:12:56 GMT

File type
HTML document, ASCII text
Size
304 B (304 bytes)
Hash
4113b03c9ba935b65d4f2045eec17c41
1cad9347eababd099c35e1baf33a539457260fc5
25e4a1d509ecb5228bed350d6922bc7ef8b3a281233ebea36472bd4609aef87c

HTTP Headers

GET /DbxBackup.exe HTTP/1.1
Host: www.mailnavigator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=iso-8859-1
date: Fri, 19 Jan 2024 07:35:45 GMT
location: http://www.mailnavigator.com/DbxBackup16.exe
server: Apache/2.2
content-length: 304
X-Firefox-Spdy: h2

www.mailnavigator.com/DbxBackup16.exe

94.249.192.241

200 OK

614 kB

URL User Request GET HTTP/1.1
www.mailnavigator.com/DbxBackup16.exe
IP
94.249.192.241:80
ASN
#12586 GHOSTnet GmbH

File type
PE32 executable (GUI) Intel 80386, for MS Windows
Size
614 kB (613776 bytes)
Hash
4c8b6e6fbeb9e715e9daa74cbab7ca8a
41a2c59b38b15e118f7a9f44cd84bfad5559323f
b9d128faef1909d8f41def850d2d0f08d4e06650f672e8e489991d6ae0acb352

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/55

HTTP Headers

GET /DbxBackup16.exe HTTP/1.1
Host: www.mailnavigator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Jan 2024 07:35:45 GMT
Server: Apache/2.2
Last-Modified: Sat, 22 Apr 2017 21:31:51 GMT
ETag: "187d147d3-95d90-54dc81a335526"
Accept-Ranges: bytes
Content-Length: 613776
Connection: close
Content-Type: application/x-msdownload

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers