Report Overview
Submitted URL
dl-dr-4.xyz/drv/old/Intel-FORCED-81x64-ibtusb_20.92.3.1_old-WP-drp.zip
IP
89.41.180.201ASN
#25198 Interkvm Host Srl
Submitted
2024-04-26 04:39:32
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| dl-dr-4.xyz | unknown | 2023-06-04 | 2023-06-04 | 2024-04-18 | 524 B | 576 kB | 89.41.180.201 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-04-26 | medium | dl-dr-4.xyz | Sinkholed |
ThreatFox
No alerts detected
Files detected
URL
dl-dr-4.xyz/drv/old/Intel-FORCED-81x64-ibtusb_20.92.3.1_old-WP-drp.zip
IP
89.41.180.201ASN
#25198 Interkvm Host Srl
File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
576 kB (576023 bytes)
Hash
18df514bfb48eb676f5ab0f10370085c
2ac18b8e2ede5127c75b3b1ca044314473f48198
Archive (5)
| Filename | Md5 | File type | |||
|---|---|---|---|---|---|
| ibtproppage.dll | 7474bdf343b2e3311dd7c1118507257b
| PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections | |||
| ibtsiva.exe | a83b84aa16986f3836b3afb1741b5bd3
| PE32+ executable (console) x86-64, for MS Windows, 6 sections | |||
| ibtusb.cat | 7b1569fd48a6b8cfb1647199e8e15d2e | DER Encoded PKCS#7 Signed Data | |||
| ibtusb.inf | 2204a0262dbf81fec4faf4fd1c7465ee | Windows setup INFormation | |||
| ibtusb.sys | 73810a59a1c1c95b5639058a6717e0b0 | PE32+ executable (native) x86-64, for MS Windows, 8 sections |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
| YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
JavaScript (0)
HTTP Transactions (1)
| URL | IP | Response | Size | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
dl-dr-4.xyz/drv/old/Intel-FORCED-81x64-ibtusb_20.92.3.1_old-WP-drp.zip | 89.41.180.201 | 200 OK | 576 kB | |||||||
Detections
HTTP Headers
| ||||||||||