Report Overview
Visitedpublic
2024-02-13 19:25:25
Tags
Submit Tags
URL
threerosesbeauty.com/mise/Contratto.zip
Finishing URL
about:privatebrowsing
IP / ASN
79.98.104.6
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
threerosesbeauty.com 3 alert(s) on this Host | unknown | 2016-09-07 | 2016-09-29 12:12:36 | 2024-02-13 17:34:38 | 493 B | 685 B | 79.98.104.6 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-02-13 | medium | threerosesbeauty.com | Sinkholed |
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-02-13 | medium | threerosesbeauty.com | Sinkholed |
ThreatFox
No alerts detected
File detected
URL
threerosesbeauty.com/mise/Contratto.zip
IP / ASN
79.98.104.6
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=store
Size474 B (474 bytes)
MD5ae11fb4c90ebbb01ea14e4410beedb74
SHA144c4e67d2865f3180a67c7b7724d4b8da9a2a1df
Archive (1)
| Filename | MD5 | File type |
|---|---|---|
| Contratto.url | 6bbce3224d51716918724a26773d1568 | MS Windows 95 Internet shortcut text (URL=<file://46.8.19.32/mise/server.exe>), ASCII text, with CRLF line terminators |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public Nextron YARA rules | malware | Detects remote SMB path for .URL persistence |
| VirusTotal | malicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|