Report Overview
- Visited public2025-05-01 16:48:37Tags
- URL
krastrikt.sbs/QVSQRCGE.msi
- Finishing URL
about:privatebrowsing
- IP / ASN
104.21.6.78#13335 CLOUDFLARENET
Titleabout:privatebrowsing
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| krastrikt.sbs | unknown | 2025-04-15 | 2025-04-17 | 2025-04-26 | 494 B | 9.0 MB | 104.21.6.78 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2025-05-01 | medium | krastrikt.sbs | Sinkholed |
ThreatFox
No alerts detected
Files detected
URL
krastrikt.sbs/QVSQRCGE.msi
IP
104.21.6.78ASN
#13335 CLOUDFLARENET
File type
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Ratchet, Author: Ectoparasite Coacervate, Keywords: Installer, Comments: This installer database contains the logic and data required to install Ratchet., Template: Intel;1033, Revision Number: {EDDEA8F1-43EF-41B0-91DA-CD7825C2AD28}, Create Time/Date: Mon Mar 31 17:16:28 2025, Last Saved Time/Date: Mon Mar 31 17:16:28 2025, Number of Pages: 500, Number of Words: 10, Name of Creating Application: WiX Toolset (4.0.0.0), Security: 2
Size
9.0 MB (9048064 bytes)
Hash
bc4107b4d793f4a8769e25d4881eb019
c3028580e0663a278382f1ac06a24cbab266dac7
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
| URL | IP | Response | Size | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
krastrikt.sbs/QVSQRCGE.msi | 104.21.6.78 | 200 OK | 9.0 MB | ||||||||||
Detections
HTTP Headers
| |||||||||||||