Report Overview
Visitedpublic
2024-04-03 01:06:17
Tags
Submit Tags
URL
installpack.net/InstallPack.exe?preselecteditems=wise-disk-cleaner&ga_cn=direct&ga_cs=isg&cid=50393950.88419439
Finishing URL
about:privatebrowsing
IP / ASN
176.99.5.252
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
installpack.net | unknown | 2015-07-03 | 2015-07-04 17:12:10 | 2024-03-28 04:29:20 | 565 B | 568 B | 176.99.5.252 | |
scdn.softcdn.ru | unknown | 2015-08-26 | 2016-03-22 14:58:16 | 2024-03-28 04:29:00 | 583 B | 740 B |  195.201.247.90 | |
ip.apps-windows.com 1 alert(s) on this Host | unknown | 2018-11-13 | 2019-02-20 02:31:46 | 2024-03-28 11:42:16 | 776 B | 2.8 MB | 195.201.247.90 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-04-03 | medium | ip.apps-windows.com/InstallPack.exe?preselecteditems=wise-disk-cleaner&cid=&uid=&type=ip&ga_ci=blknstl_ruopera&singleRename=1&sign=1&ga_an=&ga_cn=direct&ga_cs=isg&ga_cm=&ga_ck=isg&ga_cc=&utm_source=&utm_campaign=&utm_medium=&uagent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&abs=1 | Detects suspicious SFX as used by Gamaredon group |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
Google Safe Browsing
No alerts detected
ThreatFox
No alerts detected
File detected
URL
ip.apps-windows.com/InstallPack.exe?preselecteditems=wise-disk-cleaner&cid=&uid=&type=ip&ga_ci=blknstl_ruopera&singleRename=1&sign=1&ga_an=&ga_cn=direct&ga_cs=isg&ga_cm=&ga_ck=isg&ga_cc=&utm_source=&utm_campaign=&utm_medium=&uagent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&abs=1
IP / ASN
195.201.247.90
File Overview
File TypePE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
Size2.8 MB (2798808 bytes)
MD57501d485f2602bb23f5bdd9e1c1ba45c
SHA165020b17ac53fc7bb4a8db723220f9a2bc11a547
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public Nextron YARA rules | malware | Detects suspicious SFX as used by Gamaredon group |
| VirusTotal | malicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (3)
| URL | IP | Response | Size |
|---|