Report Overview
Submitted URL
vold.pcspeedcat.com/setupit/products/pcat/payloads/200603/pcspeedcat.zip
IP
52.57.136.98
ASN
#16509 AMAZON-02
Submitted
2024-04-23 09:08:37
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
13
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
vold.pcspeedcat.com | unknown | 2015-10-21 | 2017-04-21 | 2024-04-18 | 526 B | 1.5 MB | 52.57.136.98 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
Files detected
URL
vold.pcspeedcat.com/setupit/products/pcat/payloads/200603/pcspeedcat.zip
IP
52.57.136.98
ASN
#16509 AMAZON-02
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.5 MB (1500790 bytes)
Hash
1cb46a3f57208a88919e3a1c26da2a62
2675242b1ff6dcb1f18fe58637fb48a32042b2dd
Archive (9)
Filename | Md5 | File type | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
PCSpeedCat.exe | 4a7d7cea5e225b262cc89e0deb77ff47
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | |||||||||
res.res | 6619ab78d71dc18bb13ae63e9d3ef77f | MSVC .res | |||||||||
wmi.exe | 8de1bb4a2999911e50c7e14ba09d0c8d
| PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections | |||||||||
Runapp.exe | 196a1fe9a77a40a50801fe793dc8edef
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | |||||||||
goup3.exe | 406ed0d9d821683bf8cedcd22fd52e04
| PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections | |||||||||
gouninst.exe | 812135081fb2052fc019fb0f107d2618
| PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections | |||||||||
EULA.txt | 4b77d72189e84d39d5ea079916d66fde | ASCII text, with very long lines (1635), with CRLF line terminators | |||||||||
PCSpeedCat.ico | 5830636b2f06a230711ad998b0ba4b17 | MS Windows icon resource - 6 icons, -128x-128, 32 bits/pixel, 64x64, 32 bits/pixel | |||||||||
qsqlite.dll | e911fc0c0db0c6d200105683a716a3a1 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | Detect files is `SliverFox` malware |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | Detect files is `SliverFox` malware |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | Detect files is `SliverFox` malware |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
vold.pcspeedcat.com/setupit/products/pcat/payloads/200603/pcspeedcat.zip | 52.57.136.98 | 200 OK | 1.5 MB | |||||||
Detections
HTTP Headers
| ||||||||||