Report - 89.106.19.201/c/msdownload/update/software/defu/2025/12/am_delta_patch_1.443.8.0_b81d5c19913c2008f16a92b95a061dc70c4b393a.exe?cacheHostOrigin=au.download.windowsupdate.com

Report Overview

Visitedpublic

2025-12-10 16:40:29

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
89.106.19.201	unknown	unknown	No data	No data	1.2 kB	589 kB	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-12-10 16:40:06	medium	89.106.19.201	172.18.0.20	ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response

Threat Detection Systems

Detection System	Indicator	Verdict	Alert
YARAhub by abuse.ch	89.106.19.201/c/msdownload/update/software/defu/2025/12/am_delta_patch_1.443.8.0_b81d5c19913c2008f16a92b95a061dc70c4b393a.exe?cacheHostOrigin=au.download.windowsupdate.com	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	89.106.19.201/c/msdownload/update/software/defu/2025/12/am_delta_patch_1.443.8.0_b81d5c19913c2008f16a92b95a061dc70c4b393a.exe?cacheHostOrigin=au.download.windowsupdate.com	malware	meth_stackstrings

File detected

URL

89.106.19.201/c/msdownload/update/software/defu/2025/12/am_delta_patch_1.443.8.0_b81d5c19913c2008f16a92b95a061dc70c4b393a.exe?cacheHostOrigin=au.download.windowsupdate.com

IP / ASN

89.106.19.201

#39582 Grid Telekomunikasyon Hizmetleri AS

File Overview

File TypePE32+ executable (GUI) x86-64, for MS Windows, 6 sections

Size588 kB (588240 bytes)

MD54068f6f42af18a04762c3c391dc4129d

SHA1b81d5c19913c2008f16a92b95a061dc70c4b393a

SHA256fa95a8319fc2a82355e55ef677f2689dd0a0061479e9fea2abe2a5bff06b9073

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size