Report - 74.177.135.2/c/msdownload/update/software/defu/2025/03/am_engine_patch_1.1.25020.1007_29e2e4d156aec4d8b7a5f8c726ca012662747b05.exe?cacheHostOrigin=au.download.windowsupdate.com

Report Overview

Visitedpublic

2025-04-03 09:49:20

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
74.177.135.2	unknown	unknown	No data	No data	1.2 kB	3.7 MB	74.177.135.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-03 09:49:14	high	74.177.135.2	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP
2025-04-03 09:49:14	medium	74.177.135.2	Client IP	ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-04-03	medium	74.177.135.2/c/msdownload/update/software/defu/2025/03/am_engine_patch_1.1.25020.1007_29e2e4d156aec4d8b7a5f8c726ca012662747b05.exe?cacheHostOrigin=au.download.windowsupdate.com	meth_stackstrings

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-03	medium	74.177.135.2	Sinkholed
2025-04-03	medium	74.177.135.2	Sinkholed

ThreatFox

No alerts detected

File detected

URL

74.177.135.2/c/msdownload/update/software/defu/2025/03/am_engine_patch_1.1.25020.1007_29e2e4d156aec4d8b7a5f8c726ca012662747b05.exe?cacheHostOrigin=au.download.windowsupdate.com

IP / ASN

74.177.135.2

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File Overview

File TypePE32+ executable (GUI) x86-64, for MS Windows, 6 sections

Size3.7 MB (3683944 bytes)

MD53c7f08c76ec691c28671822cb3659b67

SHA129e2e4d156aec4d8b7a5f8c726ca012662747b05

SHA2566810d9b6119a40305a56ccf8d837947461a9e2e6923f9c907ccb2b083a472aa3

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size