Report Overview
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
121.201.67.60:17126 | unknown | unknown | No data | No data | 402 B | 1.4 MB | 121.201.67.60 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-05-09 | medium | 121.201.67.60:17126/2E0ECB2F.Png | Identifies PurpleFox aka DirtyMoe botnet, dropper CAB or MSI package. |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-05-09 | medium | 121.201.67.60 | Sinkholed |
ThreatFox
No alerts detected
Files detected
URL
121.201.67.60:17126/2E0ECB2F.Png
IP
121.201.67.60
ASN
#58543 Guangdong
File type
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44 2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Dec 11 11:47:44 2009, Security: 0, Code page: 936, Revision Number: {9670F4D0-83D8-4575-8826-F83C09228FAE}, Number of Words: 2, Subject: dns6F, Author: dns6F, Name of Creating Application: Advanced Installer 16.5 build 8df7ad95, Template: ;2052, Title: Installation Database, Keywords: Installer, MSI, Database, Number of Pages: 200
Size
1.4 MB (1427456 bytes)
Hash
f725bab929df4fe2626849ba269b7fcb
907fe41722644b3dd6851766cc2a70c1d2b28434
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public InfoSec YARA rules | malware | Identifies PurpleFox aka DirtyMoe botnet, dropper CAB or MSI package. |
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
121.201.67.60:17126/2E0ECB2F.Png | 121.201.67.60 | 200 OK | 1.4 MB | |||||||||||||
Detections
HTTP Headers
| ||||||||||||||||