Overview

URL hunza.pl/english/en/new/Content/RO/02.exe
IP86.111.242.129
ASNAS47544 IQ PL Sp. z o.o.
Location Poland
Report completed2018-12-07 11:50:09 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-12-07 11:49:36 CET 1 Client IP  86.111.242.129 ET TROJAN JS/Nemucod requesting EXE payload 2016-02-01


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 86.111.242.129

Date UQ / IDS / BL URL IP
2019-02-23 07:14:10 +0100
0 - 1 - 0 hunza.pl/english/en/new/sys/r/arq3.exe 86.111.242.129
2019-01-18 15:17:02 +0100
0 - 2 - 0 hunza.pl/english/en/new/Content/RO/03.exe 86.111.242.129
2019-01-18 15:17:00 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/espnh/Anexo-D (...) 86.111.242.129
2018-12-30 16:14:47 +0100
0 - 2 - 0 hunza.pl/_vt/003/alcrest/document_40329_relat (...) 86.111.242.129
2018-12-30 16:14:39 +0100
0 - 1 - 0 hunza.pl/_vt/003/R/a1.exe 86.111.242.129
2018-12-07 11:50:04 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/espnh/Anexo-D (...) 86.111.242.129
2018-12-07 11:50:03 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/RO/03.exe 86.111.242.129
2018-08-07 10:44:16 +0200
0 - 1 - 0 tibiahost.za.pl/quest.scr 86.111.242.129
2018-02-09 22:06:49 +0100
0 - 0 - 1 www.hunza.pl/ 86.111.242.129
2018-01-23 20:58:45 +0100
0 - 0 - 1 hunza.pl/_vt/003/A/a1.exe 86.111.242.129

Last 10 reports on ASN: AS47544 IQ PL Sp. z o.o.

Date UQ / IDS / BL URL IP
2019-03-19 21:06:04 +0100
0 - 0 - 13 kompleksolszynka.pl/ 86.111.241.89
2019-03-17 22:32:40 +0100
0 - 0 - 1 www.stamler.pl/stamler/084c42f568ce339d/index.php 193.106.106.144
2019-03-08 13:26:44 +0100
0 - 0 - 1 justanna.no/ 46.248.176.187
2019-03-07 18:24:26 +0100
0 - 0 - 1 https://justanna.no/ 46.248.176.187
2019-03-07 05:58:00 +0100
0 - 0 - 1 justanna.no/ 46.248.176.187
2019-03-03 17:55:12 +0100
0 - 1 - 4 xxx.play69.pl/c/redhead-31 86.111.241.39
2019-03-02 13:26:19 +0100
0 - 0 - 1 scmd.pl/wp-includes/8b59de2f3b2e7cgg/index.php 46.248.176.165
2019-03-01 16:43:33 +0100
0 - 1 - 0 www.vmpcrypt.pl/vmpcrypt_setup.exe 86.111.242.155
2019-03-01 11:45:50 +0100
0 - 0 - 1 https://www.dent-lux.com.pl/02-2014/orders/cl (...) 46.248.164.30
2019-03-01 11:45:44 +0100
0 - 0 - 1 https://www.dent-lux.com.pl/02-2014/clients/o (...) 46.248.164.30

Last 10 reports on domain: hunza.pl

Date UQ / IDS / BL URL IP
2019-02-23 07:14:10 +0100
0 - 1 - 0 hunza.pl/english/en/new/sys/r/arq3.exe 86.111.242.129
2019-01-18 15:17:02 +0100
0 - 2 - 0 hunza.pl/english/en/new/Content/RO/03.exe 86.111.242.129
2019-01-18 15:17:00 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/espnh/Anexo-D (...) 86.111.242.129
2018-12-30 16:14:47 +0100
0 - 2 - 0 hunza.pl/_vt/003/alcrest/document_40329_relat (...) 86.111.242.129
2018-12-30 16:14:39 +0100
0 - 1 - 0 hunza.pl/_vt/003/R/a1.exe 86.111.242.129
2018-12-07 11:50:04 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/espnh/Anexo-D (...) 86.111.242.129
2018-12-07 11:50:03 +0100
0 - 1 - 0 hunza.pl/english/en/new/Content/RO/03.exe 86.111.242.129
2018-02-09 22:06:49 +0100
0 - 0 - 1 www.hunza.pl/ 86.111.242.129
2018-01-23 20:58:45 +0100
0 - 0 - 1 hunza.pl/_vt/003/A/a1.exe 86.111.242.129
2018-01-23 20:58:44 +0100
0 - 0 - 1 hunza.pl/_vt/003/A/a3.exe 86.111.242.129


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (5)


Request Response
                                        
                                            GET /english/en/new/Content/RO/02.exe HTTP/1.1 
Host: hunza.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         86.111.242.129
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 07 Dec 2018 10:49:35 GMT
Server: Apache
Location: http://www.hunza.pl/english/en/new/Content/RO/02.exe
Content-Length: 260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   260
Md5:    430099ceebfb43643f421b5b4f41d4e1
Sha1:   758788843eb49b9b84e646908182b8ea5215e272
Sha256: 8f8b4cd5d23ee6647f2cb150532e39d8959e477428c2c68257a5ab3045c2d541

Alerts:
  IDS:
    - ET TROJAN JS/Nemucod requesting EXE payload 2016-02-01
                                        
                                            GET /english/en/new/Content/RO/02.exe HTTP/1.1 
Host: www.hunza.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         86.111.242.129
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Fri, 07 Dec 2018 10:49:35 GMT
Server: Apache
Last-Modified: Tue, 26 Jun 2012 12:53:07 GMT
Etag: "583-4c35f947752c0"
Accept-Ranges: bytes
Content-Length: 1411
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1411
Md5:    6e91da672ad3a7b304a6c2bbf4701050
Sha1:   d817053e272765acc4b9da5e2e47545304133c0b
Sha256: d171af63e38c7a679c65e6e985f3c5cf16a68ec8206cafb4e7030fdb5a2494b8
                                        
                                            GET /komunikaty_bledow/logo_iq.gif HTTP/1.1 
Host: www.iq.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hunza.pl/english/en/new/Content/RO/02.exe

                                         
                                         86.111.240.215
HTTP/1.1 301 Moved Permanently
                                        
Content-Length: 0
Location: https://www.iq.pl/komunikaty_bledow/logo_iq.gif


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hunza.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         86.111.242.129
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Fri, 07 Dec 2018 10:49:36 GMT
Server: Apache
Last-Modified: Tue, 26 Jun 2012 12:53:07 GMT
Etag: "583-4c35f947752c0"
Accept-Ranges: bytes
Content-Length: 1411
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1411
Md5:    6e91da672ad3a7b304a6c2bbf4701050
Sha1:   d817053e272765acc4b9da5e2e47545304133c0b
Sha256: d171af63e38c7a679c65e6e985f3c5cf16a68ec8206cafb4e7030fdb5a2494b8
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hunza.pl
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=0-
If-Range: "583-4c35f947752c0"

                                         
                                         86.111.242.129
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Fri, 07 Dec 2018 10:49:39 GMT
Server: Apache
Last-Modified: Tue, 26 Jun 2012 12:53:07 GMT
Etag: "583-4c35f947752c0"
Accept-Ranges: bytes
Content-Length: 1411
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1411
Md5:    6e91da672ad3a7b304a6c2bbf4701050
Sha1:   d817053e272765acc4b9da5e2e47545304133c0b
Sha256: d171af63e38c7a679c65e6e985f3c5cf16a68ec8206cafb4e7030fdb5a2494b8