Report - www.xtb.com/de/mt/mt4setup.exe

Report Overview

Visitedpublic

2023-12-27 04:56:20

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
www.xtb.com	658548	1995-09-16	2012-10-01 06:32:57	2023-10-14 18:42:14	496 B	1.3 kB	107.162.227.7
xtb.scdn5.secure.raxcdn.com	unknown	2014-10-28	2018-06-07 13:11:52	2023-08-04 12:24:44	537 B	1.3 MB	104.110.10.194

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

xtb.scdn5.secure.raxcdn.com/file/0043/35/xtrade_fixsetup_aca2c557ad.exe

IP / ASN

104.110.10.194

#16625 AKAMAI-AS

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Size1.3 MB (1294336 bytes)

MD5ad88c1577fc76d960fc73142845f5f53

SHA1282af18d1af97b5bfbba7f8b1f44cd7ecc0793f8

SHA256f4eb88147eb18d904512c2c37ba990d0486683535e16c1a4ceb6476ff675e852

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/72

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

GET www.xtb.com/de/mt/mt4setup.exe

107.162.227.7

302 Found

562 B

URL

www.xtb.com/de/mt/mt4setup.exe

IP / ASN

107.162.227.7

#55002 DEFENSE-NET

Requested byN/A

Resource Info

File typeHTML document, ASCII text

First Seen2024-08-20

Last Seen2024-08-20

Times Seen1

Size562 B (562 bytes)

MD5c87b704be2fe4edcffff316b151222a9

SHA11e338865db9d97120e655d472c8dccd43b668952

SHA256d321213a0ccc586526ef88afa0e5c4f0655d2907dfa79d787e50abfbba36da61

Certificate Info

IssuerSectigo Limited

Subject*.xtb.com

Fingerprint76:30:CA:18:F8:6B:53:1A:5F:7B:0E:8E:55:93:86:DD:EE:AB:68:3C

ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

HTTP Headers

GET /de/mt/mt4setup.exe HTTP/1.1
Host: www.xtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, private
Date: Wed, 27 Dec 2023 04:55:54 GMT
Location: https://xtb.scdn5.secure.raxcdn.com/file/0043/35/xtrade_fixsetup_aca2c557ad.exe
Access-Control-Allow-Origin: *
X-Varnish: 14717614
Age: 0
X-Varnish-Cache: MISS
Content-Length: 562
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 fra1-bit16018
Set-Cookie: SERVERID=web3; path=/; HttpOnly; Secure
TS5b68a4e1027=08fb12a1f5ab2000b2297fe4281edf2e2359aacb079d81eb27655cbb0b1a185e4e662385eac2bd7d086ab97f4a1130009227a9474cbcbff6a2cf2d39d244db0dec02cd56562e857d13ef4df6979a6422ea4ba47a5f16207b2151bbac6a6b8045; Path=/

GET xtb.scdn5.secure.raxcdn.com/file/0043/35/xtrade_fixsetup_aca2c557ad.exe

104.110.10.194

200 OK

1.3 MB

URL

xtb.scdn5.secure.raxcdn.com/file/0043/35/xtrade_fixsetup_aca2c557ad.exe

IP / ASN

104.110.10.194

#16625 AKAMAI-AS

Requested byN/A

Resource Info

File typePE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

First Seen2023-12-27

Last Seen2024-08-20

Times Seen12

Size1.3 MB (1294336 bytes)

MD5ad88c1577fc76d960fc73142845f5f53

SHA1282af18d1af97b5bfbba7f8b1f44cd7ecc0793f8

SHA256f4eb88147eb18d904512c2c37ba990d0486683535e16c1a4ceb6476ff675e852

Certificate Info

IssuerDigiCert Inc

Subject*.scdn5.secure.raxcdn.com

Fingerprint04:E3:C4:F1:78:70:92:00:ED:32:29:36:B3:CD:25:3D:CA:D0:1E:5E

ValiditySat, 26 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/72

HTTP Headers

GET /file/0043/35/xtrade_fixsetup_aca2c557ad.exe HTTP/1.1
Host: xtb.scdn5.secure.raxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: oylt/PezXZTeAOWTZ3HMCNWCy/YnDg5aeIMWV3IuibHIeknczGS0rs9aKfpLcWxRvwLUQJIvrUOHQc3AhpkSKQ==
x-amz-request-id: V3G0X0XJJXKWYN0P
last-modified: Fri, 04 Feb 2022 22:52:10 GMT
etag: "ad88c1577fc76d960fc73142845f5f53"
accept-ranges: bytes
content-type: application/octet-stream
server: AmazonS3
content-length: 1294336
cache-control: public, max-age=86400
date: Wed, 27 Dec 2023 04:55:55 GMT
X-Firefox-Spdy: h2