Report Overview
- Visited public2025-01-02 14:15:39Tags
- URL
main.dsn.ovh/mvt/xmrig.exe
- Finishing URL
about:privatebrowsing
- IP / ASN
89.111.155.22#197695 Domain names registrar REG.RU, Ltd
Titleabout:privatebrowsing
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| main.dsn.ovh | unknown | 2023-03-23 | 2023-10-07 | 2024-12-10 | 396 B | 8.2 MB | 89.111.155.22 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| 2025-01-02 14:15:13 | medium | Client IP | 89.111.155.22 | |
| 2025-01-02 14:15:13 | low | 89.111.155.22 | Client IP | |
| 2025-01-02 14:15:13 | high | 89.111.155.22 | Client IP |
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2025-01-02 | medium | main.dsn.ovh/mvt/xmrig.exe | Detects Monero Crypto Coin Miner |
| 2025-01-02 | medium | main.dsn.ovh/mvt/xmrig.exe | Detects Monero mining software |
| 2025-01-02 | medium | main.dsn.ovh/mvt/xmrig.exe | Linux.Trojan.Pornoasset |
| 2025-01-02 | medium | main.dsn.ovh/mvt/xmrig.exe | MacOS.Cryptominer.Generic |
| 2025-01-02 | medium | main.dsn.ovh/mvt/xmrig.exe | MacOS.Cryptominer.Xmrig |
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
main.dsn.ovh/mvt/xmrig.exe
IP
89.111.155.22ASN
#197695 Domain names registrar REG.RU, Ltd
File type
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 11 sections
Size
8.2 MB (8228864 bytes)
Hash
6f4532e49d65c2be0355b222f96e06e8
268e90ce25e01bbb205f6ae3f493f8da36a61480
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public Nextron YARA rules | malware | Detects Monero Crypto Coin Miner |
| Public Nextron YARA rules | malware | Detects Monero mining software |
| Elastic Security YARA Rules | malware | Linux.Trojan.Pornoasset |
| Elastic Security YARA Rules | malware | MacOS.Cryptominer.Generic |
| Elastic Security YARA Rules | malware | MacOS.Cryptominer.Xmrig |
| VirusTotal | malicious | |
| ClamAV | malicious | Win.Coinminer.Generic-7151250-0 |
JavaScript (0)
HTTP Transactions (1)
| URL | IP | Response | Size | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
main.dsn.ovh/mvt/xmrig.exe | 89.111.155.22 | 200 OK | 8.2 MB | |||||||||||||||||||||||||||||||||||||
Detections
HTTP Headers
| ||||||||||||||||||||||||||||||||||||||||