Report - 72.144.231.9/c/msdownload/update/software/defu/2025/05/am_delta_patch_1.427.719.0_e46a4d18c840c09e40a2b05115de0b65b91242c8.exe?cacheHostOrigin=au.download.windowsupdate.com

Report Overview

Visitedpublic

2025-05-10 00:00:26

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
72.144.231.9	unknown	unknown	No data	No data	1.2 kB	293 kB	72.144.231.9

Related reports

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-05-10	medium	72.144.231.9/c/msdownload/update/software/defu/2025/05/am_delta_patch_1.427.719.0_e46a4d18c840c09e40a2b05115de0b65b91242c8.exe?cacheHostOrigin=au.download.windowsupdate.com	files - file ~tmp01925d3f.exe
2025-05-10	medium	72.144.231.9/c/msdownload/update/software/defu/2025/05/am_delta_patch_1.427.719.0_e46a4d18c840c09e40a2b05115de0b65b91242c8.exe?cacheHostOrigin=au.download.windowsupdate.com	meth_stackstrings

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-09	medium	72.144.231.9	Sinkholed
2025-05-09	medium	72.144.231.9	Sinkholed

ThreatFox

No alerts detected

File detected

URL

72.144.231.9/c/msdownload/update/software/defu/2025/05/am_delta_patch_1.427.719.0_e46a4d18c840c09e40a2b05115de0b65b91242c8.exe?cacheHostOrigin=au.download.windowsupdate.com

IP / ASN

72.144.231.9

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File Overview

File TypePE32+ executable (GUI) x86-64, for MS Windows, 6 sections

Size292 kB (292440 bytes)

MD5ddd1d82b1e04c7b3bbbfc2697bf94a5d

SHA1e46a4d18c840c09e40a2b05115de0b65b91242c8

SHA256ff93736aa27cbe1475e598cc7b0743e21a7d4c4e3c7aac618e42d17871e30f3d

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size