Report Overview
Submitted URL
wiki.csiamerica.com/download/attachments/15074050/ConnectSAP2000v21andETABSv17Launch.exe?version=1&modificationDate=1557343909738&api=v2
IP
192.88.126.85
ASN
#36473 CONTE-25-BLA-RST
Submitted
2024-05-08 00:40:28
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
wiki.csiamerica.com | unknown | 2013-04-06 | 2017-02-08 | 2024-03-11 | 590 B | 520 kB | 192.88.126.85 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-05-08 | medium | wiki.csiamerica.com/download/attachments/15074050/ConnectSAP2000v21andETABSv17Launch.exe?version=1&modificationDate=1557343909738&api=v2 | detect_Redline_Stealer |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
wiki.csiamerica.com/download/attachments/15074050/ConnectSAP2000v21andETABSv17Launch.exe?version=1&modificationDate=1557343909738&api=v2
IP
192.88.126.85
ASN
#36473 CONTE-25-BLA-RST
File type
PE32+ executable (GUI) x86-64, for MS Windows, 6 sections
Size
519 kB (519088 bytes)
Hash
61a003ba12e01088b11b322e6eb371a3
2a09017f1cdc9f2a9d3a344d6cdbaec407410091
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | detect_Redline_Stealer |
VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
wiki.csiamerica.com/download/attachments/15074050/ConnectSAP2000v21andETABSv17Launch.exe?version=1&modificationDate=1557343909738&api=v2 | 192.88.126.85 | 200 | 519 kB | ||||||||||
Detections
HTTP Headers
| |||||||||||||