Report - windirstat.net/wds_current

Report Overview

Visitedpublic

2024-07-04 06:06:17

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
windirstat.net	476836	2016-05-24	2016-04-06 05:08:29	2024-05-20 21:59:52	490 B	568 B	51.195.45.8
a.fsdn.com	71293	2000-02-12	2012-06-19 06:28:59	2024-06-27 13:53:07	12 kB	522 kB	104.18.40.209
cdn.consentmanager.net	29447	2018-05-02	2021-02-08 23:33:57	2024-07-03 18:24:14	928 B	452 kB	185.76.9.26
downloads.sourceforge.net	95338	1999-08-08	2012-12-11 08:30:21	2024-06-19 09:51:08	899 B	1.1 kB	204.68.111.105
altushost-swe.dl.sourceforge.net	820484	1999-08-08	2021-01-12 19:41:12	2024-04-30 08:12:05	764 B	646 kB	79.142.76.130
c.sf-syn.com	117249	2019-05-15	2019-06-07 21:50:54	2024-06-19 09:51:01	532 B	8.1 kB	172.64.154.159
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-02 18:12:35	2.6 kB	7.1 kB	2.23.172.203
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-07-02 18:12:20	327 B	888 B	23.36.76.226
prdownloads.sourceforge.net	771907	1999-08-08	2014-12-12 23:26:26	2024-06-14 11:06:19	518 B	924 B	204.68.111.105
sourceforge.net	14451	1999-08-08	2012-05-21 16:09:53	2024-06-19 09:51:00	1.4 kB	159 kB	104.18.37.111
d.delivery.consentmanager.net	79004	2018-05-02	2021-07-25 18:27:48	2024-07-03 18:19:28	5.7 kB	7.0 kB	87.230.98.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-07-04	medium	altushost-swe.dl.sourceforge.net/project/windirstat/windirstat/1.1.2%20installer%20re-release%20%28more%20languages%21%29/windirstat1_1_2_setup.exe?viasf=1	Detect files is `SliverFox` malware

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

altushost-swe.dl.sourceforge.net/project/windirstat/windirstat/1.1.2%20installer%20re-release%20%28more%20languages%21%29/windirstat1_1_2_setup.exe?viasf=1

IP / ASN

79.142.76.130

#51430 AltusHost B.V.

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections

Size646 kB (645729 bytes)

MD53abf1c149873e25d4e266225fbf37cbf

SHA16fa92dd2ca691c11dfbfc0a239e34369897a7fab

SHA256370a27a30ee57247faddeb1f99a83933247e07c8760a07ed82e451e1cb5e5cdd

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files is `SliverFox` malware

JavaScript (11)

HTTP Transactions (53)

	URL	IP	Response	Size