Report - download.enigmasoftware.com/spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe?

Report Overview

Visitedpublic

2024-05-15 01:48:15

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
download.enigmasoftware.com	unknown	1998-04-03	2012-07-07 05:55:45	2024-02-06 04:43:09	584 B	455 B	54.230.111.60
spyhunter-download-v2.b-cdn.net	unknown	2016-04-25	2022-12-05 16:30:23	2024-03-21 21:03:50	551 B	6.9 MB	194.242.11.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-05-15	medium	spyhunter-download-v2.b-cdn.net/spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
2024-05-15	medium	spyhunter-download-v2.b-cdn.net/spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe	meth_get_eip

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

spyhunter-download-v2.b-cdn.net/spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe

IP / ASN

194.242.11.186

#34989 ServeTheWorld AS

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, 7 sections

Size6.9 MB (6893544 bytes)

MD57628f389b89ca68384251a535df0a21e

SHA106309cc3d3653791ea706e313b32940e3e5e3026

SHA256d0d712e7a8d666788aba86eac1bd0e2608d83e886e9af73b87536cc915175813

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

GET download.enigmasoftware.com/spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe?_ga=1.59633966.2016893718.1445003577

54.230.111.60

301 Moved Permanently

0 B

URL

download.enigmasoftware.com/spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe?_ga=1.59633966.2016893718.1445003577

IP / ASN

54.230.111.60

#16509 AMAZON-02

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606282

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerAmazon

Subjectenigmasoftware.com

FingerprintEE:DA:89:EE:3F:3F:0E:30:E0:5D:8A:6B:E0:75:34:D3:32:1D:AF:C0

ValiditySun, 31 Mar 2024 00:00:00 GMT - Mon, 28 Apr 2025 23:59:59 GMT

HTTP Headers

GET /spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe?_ga=1.59633966.2016893718.1445003577 HTTP/1.1
Host: download.enigmasoftware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: keep-alive
Date: Tue, 14 May 2024 01:53:57 GMT
Location: https://spyhunter-download-v2.b-cdn.net/spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8TS_5_uOolLzsPCUq_LUKT-lSzu2KpkVz_6VKs69Oi0BrX6KZnHHmw==
Age: 86034

GET spyhunter-download-v2.b-cdn.net/spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe

194.242.11.186

200 OK

6.9 MB

URL

spyhunter-download-v2.b-cdn.net/spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe

IP / ASN

194.242.11.186

#34989 ServeTheWorld AS

Requested byN/A

Resource Info

File typePE32 executable (GUI) Intel 80386, for MS Windows, 7 sections

First Seen2024-05-14

Last Seen2024-08-19

Times Seen5

Size6.9 MB (6893544 bytes)

MD57628f389b89ca68384251a535df0a21e

SHA106309cc3d3653791ea706e313b32940e3e5e3026

SHA256d0d712e7a8d666788aba86eac1bd0e2608d83e886e9af73b87536cc915175813

Certificate Info

IssuerSectigo Limited

Subject*.b-cdn.net

FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4

ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
YARAhub by abuse.ch	malware	meth_get_eip

HTTP Headers

GET /spyhunter-free-download/enigmasoftware.jp/SpyHunter-Installer.exe HTTP/1.1
Host: spyhunter-download-v2.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 May 2024 01:47:50 GMT
content-type: application/octet-stream
content-length: 6893544
server: BunnyCDN-NO1-830
cdn-pullzone: 1053841
cdn-uid: 27a71848-22f2-45db-b801-7c7517de9523
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
etag: "7628f389b89ca68384251a535df0a21e"
last-modified: Thu, 02 Mar 2023 16:41:55 GMT
x-amz-id-2: 5nqSQ+T9+JtYB2iq6nkYyYR0KZRZy5fqVpO50ir9kqcT4M3fO9cNLBeeVrB6kToI94Cx5M4ZNZN43owY//Pkop8FqSvWRQqp
x-amz-request-id: TBG5GBADQ5SHY4D1
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Wed, 01 Mar 2023 16:28:57 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/14/2024 01:32:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3456d0f2aa3b4bb9e741a247b188986d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2