Report - 37.49.230.152/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll

Report Overview

Visitedpublic

2024-03-01 12:52:44

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
37.49.230.152	unknown	unknown	No data	No data	425 B	2.0 MB	37.49.230.152

Timestamp	Severity	Source IP	Destination IP	Alert
2024-03-01 11:19:33	high	Client IP	37.49.230.152	ThreatFox Raccoon botnet C2 traffic (ip:port - confidence level: 100%)
2024-03-01 11:19:33	high	Client IP	37.49.230.152	ThreatFox Raccoon botnet C2 traffic (ip:port - confidence level: 100%)
2024-03-01 11:19:33	medium	Client IP	37.49.230.152	ET INFO Dotted Quad Host DLL Request
2024-03-01 11:19:33	medium	Client IP	37.49.230.152	ET HUNTING HTTP GET Request for nss3.dll - Possible Infostealer Activity
2024-03-01 11:19:33	high	Client IP	37.49.230.152	URLhaus Known malware download URL detected (2736216)
2024-03-01 11:19:33	high	Client IP	37.49.230.152	ThreatFox botnet C2 traffic (url - confidence level: 100%)
2024-03-01 11:19:33	high	Client IP	37.49.230.152	ThreatFox botnet C2 traffic (url - confidence level: 100%)
2024-03-01 11:19:33	medium	Client IP	37.49.230.152	ET INFO Dotted Quad Host DLL Request
2024-03-01 11:19:33	medium	Client IP	37.49.230.152	ET HUNTING HTTP GET Request for nss3.dll - Possible Infostealer Activity
2024-03-01 11:19:33	high	Client IP	37.49.230.152	URLhaus Known malware download URL detected (2736216)
2024-03-01 11:19:33	high	Client IP	37.49.230.152	ThreatFox botnet C2 traffic (url - confidence level: 100%)
2024-03-01 11:19:33	high	Client IP	37.49.230.152	ThreatFox botnet C2 traffic (url - confidence level: 100%)
2024-03-01 11:19:33	high	37.49.230.152	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP
2024-03-01 11:19:33	high	37.49.230.152	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP

No alerts detected

No alerts detected

No alerts detected

No alerts detected

Scan Date	Severity	Indicator	Alert
2024-03-01	medium	37.49.230.152	Sinkholed

No alerts detected

URL

37.49.230.152/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll

IP / ASN

37.49.230.152

#213371 ABC Consultancy

File Overview

File TypePE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

Size2.0 MB (2042296 bytes)

MD5f67d08e8c02574cbc2f1122c53bfb976

SHA16522992957e7e4d074947cad63189f308a80fcf2

SHA256c65b7afb05ee2b2687e6280594019068c3d3829182dfe8604ce4adf2116cc46e

	URL	IP	Response	Size