Report Overview
Submitted URL
www.reifenboerse.de/schnellstarter/schnellstarter-reifenboerse-3.0.0.1.exe
IP
104.26.11.90ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 10:04:35
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| www.reifenboerse.de | unknown | unknown | 2013-12-10 | 2023-08-31 | 528 B | 687 kB |  172.67.69.132 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-05-07 | medium | www.reifenboerse.de/schnellstarter/schnellstarter-reifenboerse-3.0.0.1.exe | files - file ~tmp01925d3f.exe |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
www.reifenboerse.de/schnellstarter/schnellstarter-reifenboerse-3.0.0.1.exe
IP
172.67.69.132ASN
#13335 CLOUDFLARENET
File type
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections
Size
686 kB (685960 bytes)
Hash
cebeedc03daa3da7c2310e4fd1d71e13
651e69630239caa65769e8fd01ec9023eb19a11d
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
| VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
| URL | IP | Response | Size | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
www.reifenboerse.de/schnellstarter/schnellstarter-reifenboerse-3.0.0.1.exe | 172.67.69.132 | 686 kB | |||||||||||
Detections
HTTP Headers
| |||||||||||||