Report Overview
Submitted URL
dl.filseclab.com/update/xnetgdn_update_en.exe
IP
121.40.25.32
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Submitted
2024-05-07 09:04:04
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
dl.filseclab.com | unknown | 2003-02-28 | 2012-08-08 | 2024-02-04 | 415 B | 2.2 MB | 121.40.25.32 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-05-07 | medium | dl.filseclab.com/update/xnetgdn_update_en.exe | detect_Redline_Stealer |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
dl.filseclab.com/update/xnetgdn_update_en.exe
IP
121.40.25.32
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type
PE32 executable (GUI) Intel 80386, for MS Windows, MS CAB-Installer self-extracting archive, 3 sections
Size
2.2 MB (2150912 bytes)
Hash
caf0154e33a4bf475fd1417e4ab712ac
e95cf89ebe1a7898eb0d5e5bed3925fe1e2273b1
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | detect_Redline_Stealer |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
dl.filseclab.com/update/xnetgdn_update_en.exe | 121.40.25.32 | 200 OK | 2.2 MB | |||||||
Detections
HTTP Headers
| ||||||||||