Report Overview
Visitedpublic
2024-10-14 11:05:06
Tags
Submit Tags
URL
xmsecu.com:8080/ocx/NewActive.exe
Finishing URL
about:privatebrowsing
IP / ASN
49.4.84.205
#55990 Huawei Cloud Service data center
Title
about:privatebrowsing

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Host Summary

HostRankRegisteredFirst SeenLast Seen
r10.o.lencr.org
unknown2020-06-292024-06-062024-10-13
r11.o.lencr.org
unknown2020-06-292024-06-072024-10-13
xmsecu.com
2473832010-11-182012-07-132024-01-20

Related reports

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Mnemonic Secure DNS
SeverityIndicatorAlert
mediumxmsecu.comSinkholed

Quad9 DNS
SeverityIndicatorAlert
mediumxmsecu.comSinkholed

ThreatFox

No alerts detected


File detected

URL
xmsecu.com:8080/ocx/NewActive.exe
IP / ASN
49.4.84.205
#55990 Huawei Cloud Service data center
File Overview
File TypePE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
Size5.1 MB (5069003 bytes)
MD548646c40120925c774754e5de36c33cc
SHA135b7cf02001365714a75861809ba59c462e253d8

Detections

AnalyzerVerdictAlert
VirusTotalsuspicious
VirusTotal - Scan result 2/73

JavaScript (0)

HTTP Transactions (7)

URLIPResponseSize