Overview

URL migee.com/wp-content/uploads/2013/07/ElevateBatch.exe
IP204.93.177.102
ASNAS23352 Server Central Network
Location United States
Report completed2019-05-21 11:13:24 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2019-05-21 11:12:52 CEST 1  204.93.177.102 Client IP ET POLICY PE EXE or DLL Windows file download HTTP
2019-05-21 11:12:52 CEST 1 Client IP  204.93.177.102 ET TROJAN EXE Download Request To Wordpress Folder Likely Malicious


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-05-21 2 migee.com/wp-content/uploads/2013/07/ElevateBatch.exe Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 204.93.177.102

Date UQ / IDS / BL URL IP
2019-06-05 16:00:26 +0200
0 - 1 - 0 migee.com/wp-content/uploads/2011/12/togglepr (...) 204.93.177.102
2019-06-03 10:42:43 +0200
0 - 0 - 2 milliparty.com/wp-content/uploads/2008/12/com (...) 204.93.177.102
2019-06-02 15:41:53 +0200
0 - 0 - 2 milliparty.com/wp-content/uploads/2008/12/com (...) 204.93.177.102
2019-05-31 20:09:24 +0200
0 - 0 - 2 milliparty.com/wp-content/uploads/2008/12/com (...) 204.93.177.102
2019-05-31 20:08:46 +0200
0 - 0 - 2 milliparty.com/wp-content/uploads/2008/12/com (...) 204.93.177.102
2019-05-31 20:08:38 +0200
0 - 0 - 2 milliparty.com/wp-content/uploads/2008/12/com (...) 204.93.177.102
2019-05-31 20:08:35 +0200
0 - 0 - 2 milliparty.com/wp-content/uploads/2008/12/com (...) 204.93.177.102
2019-05-31 19:39:18 +0200
0 - 0 - 2 milliparty.com/wp-content/uploads/2008/12/com (...) 204.93.177.102
2019-05-31 19:23:11 +0200
0 - 0 - 2 milliparty.com/wp-content/uploads/2008/12/com (...) 204.93.177.102
2019-05-30 00:31:47 +0200
0 - 2 - 0 migee.com/wp-content/uploads/2011/12/togglepr (...) 204.93.177.102

Last 10 reports on ASN: AS23352 Server Central Network

Date UQ / IDS / BL URL IP
2019-06-13 06:23:56 +0200
0 - 0 - 0 https://adultseoservices.online/seo-for-escor (...) 204.93.197.197
2019-06-12 02:56:48 +0200
0 - 3 - 0 https://snip.ml/Foo 206.51.242.1
2019-06-10 23:39:22 +0200
0 - 0 - 0 sphinx-soft.com 198.38.82.127
2019-06-10 19:50:39 +0200
0 - 0 - 31 maximus-solutions.com/ngo/wp-includes/js/revv (...) 198.38.83.197
2019-06-10 19:33:25 +0200
0 - 0 - 1 slula.com/dir/cgi/confirmation/aab1e0b87cdfcb (...) 50.31.146.129
2019-06-10 19:25:40 +0200
0 - 0 - 2 oksa.co/wp-content/dropbox 198.38.86.127
2019-06-10 19:24:31 +0200
0 - 0 - 1 iittmsouth.org/default/dz 204.93.168.46
2019-06-10 19:12:40 +0200
0 - 0 - 2 mandalayconsulting.com/money/all/aollogin.psp.htm 198.38.82.11
2019-06-10 18:56:07 +0200
0 - 0 - 1 rs108.nsresponse.com/~sunni/images/wells3/ver (...) 204.93.177.182
2019-06-10 18:49:24 +0200
0 - 0 - 1 mkhalal.com/~zf/.dd/83fdb1c3fb61a2e8ffcb6a603 (...) 204.93.177.103

Last 10 reports on domain: migee.com

Date UQ / IDS / BL URL IP
2019-06-05 23:54:24 +0200
0 - 2 - 1 migee.com/wp-content/uploads/2013/07/ElevateB (...) 192.3.201.105
2019-06-05 16:00:26 +0200
0 - 1 - 0 migee.com/wp-content/uploads/2011/12/togglepr (...) 204.93.177.102
2019-05-30 00:31:47 +0200
0 - 2 - 0 migee.com/wp-content/uploads/2011/12/togglepr (...) 204.93.177.102
2019-05-21 03:11:19 +0200
0 - 1 - 0 migee.com/wp-content/uploads/2011/12/togglepr (...) 204.93.177.102
2019-04-26 16:14:18 +0200
0 - 0 - 1 migee.com/wp-content/uploads/2010/08/DriverDe (...) 204.93.177.102
2019-04-26 16:14:16 +0200
0 - 0 - 1 migee.com/wp-content/uploads/2010/08/DriverDe (...) 204.93.177.102
2019-04-26 16:14:16 +0200
0 - 0 - 1 migee.com/wp-content/uploads/2010/08/DriverDe (...) 204.93.177.102
2019-04-26 16:14:16 +0200
0 - 0 - 1 migee.com/wp-content/uploads/2010/08/DriverDe (...) 204.93.177.102
2019-03-28 20:35:36 +0100
0 - 0 - 1 migee.com/wp-content/uploads/2013/07/ElevateB (...) 204.93.177.102
2019-01-28 23:24:37 +0100
0 - 0 - 1 migee.com/wp-content/uploads/2013/07/ElevateB (...) 204.93.177.102


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (1)


Request Response
                                        
                                            GET /wp-content/uploads/2013/07/ElevateBatch.exe HTTP/1.1 
Host: migee.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         204.93.177.102
HTTP/1.1 200 OK
Content-Type: application/x-msdownload
                                        
Last-Modified: Sat, 27 Jul 2013 23:31:46 GMT
Content-Length: 316275
Accept-Ranges: bytes
Date: Tue, 21 May 2019 09:12:52 GMT
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  PE32 executable for MS Windows (GUI) Intel 80386 32-bit
Size:   316275
Md5:    e24067613a00fda5db697baa0da04a88
Sha1:   7cfd34a3266bf19cc91235f98e461defaec3a377
Sha256: b4c9a3a4c4ad1b84b528507edee913dac07c80c72dc451992032a097704df6fc

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET POLICY PE EXE or DLL Windows file download HTTP
    - ET TROJAN EXE Download Request To Wordpress Folder Likely Malicious