Report Overview

  1. Visited public
    2025-01-28 13:53:18
    Tags
    Submit Tags
  2. URL

    pc-lsw6.lenovomm.cn/bd43c874fc81ebc8bec18627856c383a/1737999643/dlserver/fileman/pcstore/ali/pcsd-pcmgr-appstore/appstore/normal/apps/3331-2022-08-19050310-1660899790462.exe?v=5&order=0&uuid=46d3955a02a34471816574e9b147a367&cmd5=false&sorder=0&group=&ts=1737913243978&cpn=-1&cid=8848&__bc=10101&__cid=8848&__ip=0.0.0.0&__ept=1&dck=1

  3. Finishing URL

    about:privatebrowsing

  4. IP / ASN
    154.85.69.12

    #139057 LEGEND DYNASTY PTE. LTD.

    Title
    about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
pc-lsw6.lenovomm.cnunknown2009-11-052025-01-282025-01-28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules
SeverityIndicatorAlert
mediumpc-lsw6.lenovomm.cn/bd43c874fc81ebc8bec18627856c383a/1737999643/dlserver/fileman/pcstore/ali/pcsd-pcmgr-appstore/appstore/normal/apps/3331-2022-08-19050310-1660899790462.exe?v=5&order=0&uuid=46d3955a02a34471816574e9b147a367&cmd5=false&sorder=0&group=&ts=1737913243978&cpn=-1&cid=8848&__bc=10101&__cid=8848&__ip=0.0.0.0&__ept=1&dck=1Detects an SFX archive with automatic script execution

OpenPhish

No alerts detected


PhishTank

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    pc-lsw6.lenovomm.cn/bd43c874fc81ebc8bec18627856c383a/1737999643/dlserver/fileman/pcstore/ali/pcsd-pcmgr-appstore/appstore/normal/apps/3331-2022-08-19050310-1660899790462.exe?v=5&order=0&uuid=46d3955a02a34471816574e9b147a367&cmd5=false&sorder=0&group=&ts=1737913243978&cpn=-1&cid=8848&__bc=10101&__cid=8848&__ip=0.0.0.0&__ept=1&dck=1

  2. IP

    154.85.69.14

  3. ASN

    #139057 LEGEND DYNASTY PTE. LTD.

  1. File type

    PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

    Size

    740 kB (739721 bytes)

  2. Hash

    787aa514850cd670a5b22c039df79aa1

    f6cb87e4be3c38ae584774c31c021cac05395009

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    Detects an SFX archive with automatic script execution
    VirusTotalmalicious
    ClamAVmalicious
    Win.Ransomware.Msilzilla-10014498-0

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
GET pc-lsw6.lenovomm.cn/bd43c874fc81ebc8bec18627856c383a/1737999643/dlserver/fileman/pcstore/ali/pcsd-pcmgr-appstore/appstore/normal/apps/3331-2022-08-19050310-1660899790462.exe?v=5&order=0&uuid=46d3955a02a34471816574e9b147a367&cmd5=false&sorder=0&group=&ts=1737913243978&cpn=-1&cid=8848&__bc=10101&__cid=8848&__ip=0.0.0.0&__ept=1&dck=1
154.85.69.14200 OK740 kB