Report Overview
Visitedpublic
2024-05-15 16:04:24
Tags
Submit Tags
URL
66.235.168.242/testing.exe
Finishing URL
about:privatebrowsing
IP / ASN
66.235.168.242
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
66.235.168.242 8 alert(s) on this Domain | unknown | unknown | No data | No data | 396 B | 237 kB | 66.235.168.242 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | Client IP | 66.235.168.242 | ET INFO Executable Download from dotted-quad Host | |
| medium | Client IP | 66.235.168.242 | ET INFO Executable Download from dotted-quad Host | |
| high | 66.235.168.242 | Client IP | ET POLICY PE EXE or DLL Windows file download HTTP | |
| medium | 66.235.168.242 | Client IP | ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response | |
| high | 66.235.168.242 | Client IP | ET POLICY PE EXE or DLL Windows file download HTTP | |
| medium | 66.235.168.242 | Client IP | ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response |
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-05-15 | medium | 66.235.168.242 | Sinkholed |
ThreatFox
No alerts detected
File detected
URL
66.235.168.242/testing.exe
IP / ASN
66.235.168.242
File Overview
File TypePE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
Size236 kB (236544 bytes)
MD5144f1b1c4b9cdad97d8dd1a3a89e7ea1
SHA11a11d76a6ab646a0d699efa0e5fc71de6e5af92c
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| VirusTotal | malicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|