Report Overview
- Visited public2025-01-28 13:53:18TagsSubmit Tags
- URL
pc-lsw6.lenovomm.cn/bd43c874fc81ebc8bec18627856c383a/1737999643/dlserver/fileman/pcstore/ali/pcsd-pcmgr-appstore/appstore/normal/apps/3331-2022-08-19050310-1660899790462.exe?v=5&order=0&uuid=46d3955a02a34471816574e9b147a367&cmd5=false&sorder=0&group=&ts=1737913243978&cpn=-1&cid=8848&__bc=10101&__cid=8848&__ip=0.0.0.0&__ept=1&dck=1
- Finishing URL
about:privatebrowsing
- IP / ASN
154.85.69.12
#139057 LEGEND DYNASTY PTE. LTD.
Titleabout:privatebrowsing
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
pc-lsw6.lenovomm.cn | unknown | 2009-11-05 | 2025-01-28 | 2025-01-28 | 786 B | 740 kB | ![]() |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2025-01-28 | medium | pc-lsw6.lenovomm.cn/bd43c874fc81ebc8bec18627856c383a/1737999643/dlserver/fileman/pcstore/ali/pcsd-pcmgr-appstore/appstore/normal/apps/3331-2022-08-19050310-1660899790462.exe?v=5&order=0&uuid=46d3955a02a34471816574e9b147a367&cmd5=false&sorder=0&group=&ts=1737913243978&cpn=-1&cid=8848&__bc=10101&__cid=8848&__ip=0.0.0.0&__ept=1&dck=1 | Detects an SFX archive with automatic script execution |
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
pc-lsw6.lenovomm.cn/bd43c874fc81ebc8bec18627856c383a/1737999643/dlserver/fileman/pcstore/ali/pcsd-pcmgr-appstore/appstore/normal/apps/3331-2022-08-19050310-1660899790462.exe?v=5&order=0&uuid=46d3955a02a34471816574e9b147a367&cmd5=false&sorder=0&group=&ts=1737913243978&cpn=-1&cid=8848&__bc=10101&__cid=8848&__ip=0.0.0.0&__ept=1&dck=1
IP
154.85.69.14
ASN
#139057 LEGEND DYNASTY PTE. LTD.
File type
PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections
Size
740 kB (739721 bytes)
Hash
787aa514850cd670a5b22c039df79aa1
f6cb87e4be3c38ae584774c31c021cac05395009
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | Detects an SFX archive with automatic script execution |
VirusTotal | malicious | |
ClamAV | malicious | Win.Ransomware.Msilzilla-10014498-0 |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET pc-lsw6.lenovomm.cn/bd43c874fc81ebc8bec18627856c383a/1737999643/dlserver/fileman/pcstore/ali/pcsd-pcmgr-appstore/appstore/normal/apps/3331-2022-08-19050310-1660899790462.exe?v=5&order=0&uuid=46d3955a02a34471816574e9b147a367&cmd5=false&sorder=0&group=&ts=1737913243978&cpn=-1&cid=8848&__bc=10101&__cid=8848&__ip=0.0.0.0&__ept=1&dck=1 | ![]() | 200 OK | 740 kB | |||||||||||||
Detections
HTTP Headers
| ||||||||||||||||