Report Overview

  1. Visited public
    2025-01-27 08:50:45
    Tags
    Submit Tags
  2. URL

    creditagricole.zapto.org/CACert.zip

  3. Finishing URL

    about:privatebrowsing

  4. IP / ASN
    77.255.38.44

    #12741 Netia SA

    Title
    about:privatebrowsing
  5. Suspicious - DynDNS domain

Detections
urlquery
3
Network Intrusion Detection
4
Threat Detection Systems
2

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
creditagricole.zapto.orgunknown2001-08-102025-01-272025-01-27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IP 77.255.38.44
mediumClient IP 77.255.38.44
mediumClient IP 77.255.38.44
mediumClient IP 77.255.38.44

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    creditagricole.zapto.org/CACert.zip

  2. IP

    77.255.38.44

  3. ASN

    #12741 Netia SA

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=store

    Size

    2.2 MB (2192241 bytes)

  2. Hash

    4539a5d184def6cb13472c306ecc9288

    db4895027c9c37ce712f4c6f74aa1499034a25e0

  1. Archive (2)

  2. FilenameMd5File type
    CACert.exe
    66c0c400c027e476edc8452c4355150c
    PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Credit Agricole Certification.exe
    6e1592f76cea09a8e35cb57f8f54c20f
    PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    Detects QuasarRAT malware
    ClamAVmalicious
    Win.Malware.Generic-9883083-0

JavaScript (0)

HTTP Transactions (2)

URLIPResponseSize
creditagricole.zapto.org/
77.255.38.44200 OK680 kB
GET creditagricole.zapto.org/CACert.zip
77.255.38.44200 OK2.2 MB