Report - www.myportablesoftware.com/my

Report Overview

Submitted URL
www.myportablesoftware.com/my_watermark.zip
IP
160.153.155.178
ASN
#21501 Host Europe GmbH
Submitted
2024-05-10 10:30:31
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.myportablesoftware.com	unknown	2011-10-12	2012-06-29	2020-06-03	413 B	137 kB	160.153.155.178

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.myportablesoftware.com/my_watermark.zip
IP
160.153.155.178
ASN
#21501 Host Europe GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
137 kB (136804 bytes)
Hash
36f6e9a8cf95fcd792d14009a7258e6b
cb6a074455abe7ecc13f6abd8711ae9126ce82b6
5fdadb107d977966764e3ea016ee6e0e75e7badfad40a2564c1605f1af4b694a

Archive (3)

Filename

Md5

File type

readme.txt

244f422b4348975f2fee8403438302bb

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

license.txt

c851717f1343b68c29be7ee4480f4860

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

My_Watermark.exe

bee1cedd95c5cdafafaaa353029a1a8f

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 4 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
VirusTotal	suspicious	VirusTotal - Scan result 2/64

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.myportablesoftware.com/my_watermark.zip

160.153.155.178

200 OK

137 kB

URL User Request GET HTTP/1.1
www.myportablesoftware.com/my_watermark.zip
IP
160.153.155.178:80
ASN
#21501 Host Europe GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
137 kB (136804 bytes)
Hash
36f6e9a8cf95fcd792d14009a7258e6b
cb6a074455abe7ecc13f6abd8711ae9126ce82b6
5fdadb107d977966764e3ea016ee6e0e75e7badfad40a2564c1605f1af4b694a

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/64

HTTP Headers

GET /my_watermark.zip HTTP/1.1
Host: www.myportablesoftware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/x-zip-compressed
Last-Modified: Mon, 14 Dec 2020 10:47:12 GMT
Accept-Ranges: bytes
ETag: "ab7c8d7a6d2d61:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Fri, 10 May 2024 10:30:06 GMT
Content-Length: 136804

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (3)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers