Report Overview
Visitedpublic
2024-08-21 21:00:18
Tags
Submit Tags
URL
fcofix.org/MSEdgeRedirect/releases/latest/download/MSEdgeRedirect.exe
Finishing URL
about:privatebrowsing
IP / ASN
104.21.69.4
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
r11.o.lencr.org | unknown | 2020-06-29 | 2024-06-07 07:43:57 | 2024-08-21 18:12:02 | 1.3 kB | 3.5 kB |  23.36.76.226 | |
r10.o.lencr.org | unknown | 2020-06-29 | 2024-06-06 21:45:11 | 2024-08-21 18:12:41 | 981 B | 2.7 kB | 23.36.77.32 | |
fcofix.org | unknown | 2009-07-12 | 2014-01-09 18:19:00 | 2024-04-11 05:51:02 | 523 B | 884 B |  172.67.202.35 | |
github.com | 1423 | 2007-10-09 | 2016-07-13 12:28:22 | 2024-08-02 15:14:02 | 1.5 kB | 8.7 kB |  140.82.121.4 | |
objects.githubusercontent.com 2 alert(s) on this Domain | 134060 | 2014-02-06 | 2021-11-01 22:34:29 | 2024-08-21 18:59:55 | 999 B | 1.1 MB | 185.199.111.133 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-08-21 | medium | objects.githubusercontent.com/github-production-release-asset-2e65be/384330997/61d5c95b-ba01-4d40-9862-d5a08a9e2d3c?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240821%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240821T205953Z&X-Amz-Expires=300&X-Amz-Signature=417c8da1ae0ba86a02a2fa95c0454e77f3b1af42613169a87a53cd9bb2a0c073&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=384330997&response-content-disposition=attachment%3B%20filename%3DMSEdgeRedirect.exe&response-content-type=application%2Foctet-stream | Identifies compiled AutoIT script (as EXE). |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
objects.githubusercontent.com/github-production-release-asset-2e65be/384330997/61d5c95b-ba01-4d40-9862-d5a08a9e2d3c?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240821%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240821T205953Z&X-Amz-Expires=300&X-Amz-Signature=417c8da1ae0ba86a02a2fa95c0454e77f3b1af42613169a87a53cd9bb2a0c073&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=384330997&response-content-disposition=attachment%3B%20filename%3DMSEdgeRedirect.exe&response-content-type=application%2Foctet-stream
IP / ASN
185.199.111.133
File Overview
File TypePE32+ executable (GUI) x86-64, for MS Windows, 6 sections
Size1.1 MB (1135616 bytes)
MD59d530a6008ad6fb341350ef422c5dce9
SHA191a24c8e96b8766f3ae6b4090233de5a3df359e3
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public InfoSec YARA rules | malware | Identifies compiled AutoIT script (as EXE). |
| VirusTotal | suspicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (11)
| URL | IP | Response | Size |
|---|