Report Overview
Submitted URL
dl-dr-4.xyz/drv/old/Intel-FORCED-10x64-ibtusb_21.10.1.1_old-WP-drp.zip
IP
89.41.180.201ASN
#25198 Interkvm Host Srl
Submitted
2024-04-26 04:39:29
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| dl-dr-4.xyz | unknown | 2023-06-04 | 2023-06-04 | 2024-04-18 | 524 B | 568 kB | 89.41.180.201 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-04-26 | medium | dl-dr-4.xyz | Sinkholed |
ThreatFox
No alerts detected
Files detected
URL
dl-dr-4.xyz/drv/old/Intel-FORCED-10x64-ibtusb_21.10.1.1_old-WP-drp.zip
IP
89.41.180.201ASN
#25198 Interkvm Host Srl
File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
567 kB (567316 bytes)
Hash
b1d4230ec712a4d0f5e97a39b19510c2
247f455a0fc20b2533e4c534874318bbb992d056
Archive (5)
| Filename | Md5 | File type | |||
|---|---|---|---|---|---|
| ibtproppage.dll | 2b39e85860cb91515278fd0d66e54501
| PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections | |||
| ibtsiva.exe | 9081be714dfaeb7f97a7ee7fd920c829
| PE32+ executable (console) x86-64, for MS Windows, 6 sections | |||
| ibtusb.cat | 213e8f4d44e5d0c5305abd64b5b91c60 | DER Encoded PKCS#7 Signed Data | |||
| ibtusb.inf | c078a7326c4609ba797ae079b93f35c2 | Windows setup INFormation | |||
| ibtusb.sys | 2f75e1bc774a0a286615e1428e387790 | PE32+ executable (native) x86-64, for MS Windows, 8 sections |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
| YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
JavaScript (0)
HTTP Transactions (1)
| URL | IP | Response | Size | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
dl-dr-4.xyz/drv/old/Intel-FORCED-10x64-ibtusb_21.10.1.1_old-WP-drp.zip | 89.41.180.201 | 200 OK | 567 kB | |||||||
Detections
HTTP Headers
| ||||||||||