Report - download2.showmypc.com/ShowMyPCSSH.exe

Report Overview

Visitedpublic

2024-07-21 05:32:21

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-07-20 18:12:32	654 B	1.8 kB	23.36.76.226
download2.showmypc.com	unknown	2002-06-11	2015-11-29 20:13:45	2019-05-22 02:56:53	492 B	2.8 MB	34.110.172.226
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-20 18:12:19	2.3 kB	6.2 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

download2.showmypc.com/ShowMyPCSSH.exe

IP / ASN

34.110.172.226

#396982 GOOGLE-CLOUD-PLATFORM

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections

Size2.8 MB (2759232 bytes)

MD5ce3343d0e9878bddf7abb440ee6a29f0

SHA1e016fbf795205680e455a0ec586baa678a8435f1

SHA25696e879efa2fc8c7d834439117336af04e199ba1c7a92ad132ddc183eef0434e5

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/73

JavaScript (0)

HTTP Transactions (10)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-07-21

Last Seen2024-08-19

Times Seen19895

Size504 B (504 bytes)

MD53bd6a6d19bf0ab70e4e0cd3d2833afe1

SHA10dd2ee68cf939d2482a9b30bf767f412eb97e492

SHA25623c60c02f8a6f1f7fe01f9f4661cf04a03c046522201927dfa7c51ceba6c5449

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "23C60C02F8A6F1F7FE01F9F4661CF04A03C046522201927DFA7C51CEBA6C5449"
Last-Modified: Sat, 20 Jul 2024 20:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8102
Expires: Sun, 21 Jul 2024 07:46:56 GMT
Date: Sun, 21 Jul 2024 05:31:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-07-21

Last Seen2024-08-19

Times Seen22664

Size504 B (504 bytes)

MD52f796f6340ac7eef4fa2891ac8f8aa1a

SHA127bbc7bb6314b31dcab89f198bc258b040593aa7

SHA256778d02decabf7dff03bf5ec4c4eb0f03ac789e89bcfe58353c266c9d66c08834

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "778D02DECABF7DFF03BF5EC4C4EB0F03AC789E89BCFE58353C266C9D66C08834"
Last-Modified: Sat, 20 Jul 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7993
Expires: Sun, 21 Jul 2024 07:45:07 GMT
Date: Sun, 21 Jul 2024 05:31:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-07-21

Last Seen2024-08-19

Times Seen22689

Size504 B (504 bytes)

MD585a291090b5db764a5b5f1487dcb958f

SHA19dadf7a0a7d6be86e491a10bbbc72c84f798cab9

SHA25660c84bb6c568871d3febe1e58c6aedf398fa06f5f7afc3e6087200be0a25ad3f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "60C84BB6C568871D3FEBE1E58C6AEDF398FA06F5F7AFC3E6087200BE0A25AD3F"
Last-Modified: Sat, 20 Jul 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3445
Expires: Sun, 21 Jul 2024 06:29:20 GMT
Date: Sun, 21 Jul 2024 05:31:55 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-07-21

Last Seen2024-08-19

Times Seen17054

Size504 B (504 bytes)

MD541b470cfcb4d809b7689783076e07c76

SHA1919b05dba2523cc4b8e9a6e873fe777fd753ee1b

SHA256951ae19e1eb066355bf55ff2163f6d14b689088fa3dd443fb01d889bb28fe095

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "951AE19E1EB066355BF55FF2163F6D14B689088FA3DD443FB01D889BB28FE095"
Last-Modified: Sat, 20 Jul 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2514
Expires: Sun, 21 Jul 2024 06:13:49 GMT
Date: Sun, 21 Jul 2024 05:31:55 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL

r11.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-19

Last Seen2024-08-19

Times Seen1

Size504 B (504 bytes)

MD59dd19ab11e761bfd8b3bfea124536efb

SHA143c35a01a8a061833f66f1061449b01d1ad3d0cb

SHA2565ed58413dedccd06e2bb0c859ad294e16f32055e77349f75391c0ce82722d1eb

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5ED58413DEDCCD06E2BB0C859AD294E16F32055E77349F75391C0CE82722D1EB"
Last-Modified: Sat, 20 Jul 2024 06:12:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Sun, 21 Jul 2024 11:31:04 GMT
Date: Sun, 21 Jul 2024 05:31:55 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL

r11.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-19

Last Seen2024-08-19

Times Seen1

Size504 B (504 bytes)

MD59dd19ab11e761bfd8b3bfea124536efb

SHA143c35a01a8a061833f66f1061449b01d1ad3d0cb

SHA2565ed58413dedccd06e2bb0c859ad294e16f32055e77349f75391c0ce82722d1eb

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5ED58413DEDCCD06E2BB0C859AD294E16F32055E77349F75391C0CE82722D1EB"
Last-Modified: Sat, 20 Jul 2024 06:12:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Sun, 21 Jul 2024 11:31:04 GMT
Date: Sun, 21 Jul 2024 05:31:56 GMT
Connection: keep-alive

GET download2.showmypc.com/ShowMyPCSSH.exe

34.110.172.226

200 OK

2.8 MB

URL

download2.showmypc.com/ShowMyPCSSH.exe

IP / ASN

34.110.172.226

#396982 GOOGLE-CLOUD-PLATFORM

Requested byN/A

Resource Info

File typePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections

First Seen2023-06-20

Last Seen2025-07-12

Times Seen241

Size2.8 MB (2759232 bytes)

MD5ce3343d0e9878bddf7abb440ee6a29f0

SHA1e016fbf795205680e455a0ec586baa678a8435f1

SHA25696e879efa2fc8c7d834439117336af04e199ba1c7a92ad132ddc183eef0434e5

Certificate Info

IssuerLet's Encrypt

Subject*.showmypc.com

FingerprintE9:AD:7F:3A:33:79:B5:87:99:85:BA:1F:94:45:41:91:8B:4D:9E:BB

ValidityWed, 17 Jul 2024 16:45:28 GMT - Tue, 15 Oct 2024 16:45:27 GMT

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/73

HTTP Headers

GET /ShowMyPCSSH.exe HTTP/1.1
Host: download2.showmypc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
strict-transport-security: max-age = 31536000; includeSubDomains
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Sun, 14 Jul 2024 21:11:02 GMT
etag: W/"2a1a40-190b315b270"
content-type: application/octet-stream
x-cloud-trace-context: d96eb0eba377713ec83d944e5daf3306
date: Sun, 21 Jul 2024 05:31:55 GMT
server: Google Frontend
content-length: 2759232
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-07-21

Last Seen2024-08-19

Times Seen22540

Size504 B (504 bytes)

MD592fe046ed30974fab002b18924562af5

SHA1a80246a7f4813076cea6cc1629667b43a094fa97

SHA256151d89929b8b12751f94a9dd4fab74f68f20aa29ca5135a3b95aea9f366a34e7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "151D89929B8B12751F94A9DD4FAB74F68F20AA29CA5135A3B95AEA9F366A34E7"
Last-Modified: Sat, 20 Jul 2024 20:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9345
Expires: Sun, 21 Jul 2024 08:07:41 GMT
Date: Sun, 21 Jul 2024 05:31:56 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-07-21

Last Seen2024-08-19

Times Seen22540

Size504 B (504 bytes)

MD592fe046ed30974fab002b18924562af5

SHA1a80246a7f4813076cea6cc1629667b43a094fa97

SHA256151d89929b8b12751f94a9dd4fab74f68f20aa29ca5135a3b95aea9f366a34e7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "151D89929B8B12751F94A9DD4FAB74F68F20AA29CA5135A3B95AEA9F366A34E7"
Last-Modified: Sat, 20 Jul 2024 20:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9345
Expires: Sun, 21 Jul 2024 08:07:41 GMT
Date: Sun, 21 Jul 2024 05:31:56 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-07-21

Last Seen2024-08-19

Times Seen22540

Size504 B (504 bytes)

MD592fe046ed30974fab002b18924562af5

SHA1a80246a7f4813076cea6cc1629667b43a094fa97

SHA256151d89929b8b12751f94a9dd4fab74f68f20aa29ca5135a3b95aea9f366a34e7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "151D89929B8B12751F94A9DD4FAB74F68F20AA29CA5135A3B95AEA9F366A34E7"
Last-Modified: Sat, 20 Jul 2024 20:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9345
Expires: Sun, 21 Jul 2024 08:07:41 GMT
Date: Sun, 21 Jul 2024 05:31:56 GMT
Connection: keep-alive