Report - stdown.dinju.com/housenetshare.exe

Report Overview

Submitted URL
stdown.dinju.com/housenetshare.exe
IP
123.6.40.224
ASN
#4837 CHINA UNICOM China169 Backbone
Submitted
2024-04-23 14:48:00
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
stdown.dinju.com	unknown	2009-04-11	2013-11-01	2024-04-15	404 B	9.3 MB	36.248.54.85

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	stdown.dinju.com/housenetshare.exe	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen

Files detected

URL
stdown.dinju.com/housenetshare.exe
IP
36.248.54.85
ASN
#4837 CHINA UNICOM China169 Backbone

File type
PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections
Size
9.3 MB (9264128 bytes)
Hash
af65567cd2e1beaeebea35324755e3d1
6aa7e0afa970700953523f97d6c4d8e2a715fb59
34f4bbd112599ef33347225656011d8682bee4691b78071ebf1553d8b8393d2e

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
VirusTotal	malicious	VirusTotal - Scan result 44/70

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

stdown.dinju.com/housenetshare.exe

36.248.54.85

200 OK

9.3 MB

URL User Request GET HTTP/1.1
stdown.dinju.com/housenetshare.exe
IP
36.248.54.85:80
ASN
#4837 CHINA UNICOM China169 Backbone

File type
PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections
Size
9.3 MB (9264128 bytes)
Hash
af65567cd2e1beaeebea35324755e3d1
6aa7e0afa970700953523f97d6c4d8e2a715fb59
34f4bbd112599ef33347225656011d8682bee4691b78071ebf1553d8b8393d2e

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
VirusTotal	malicious	VirusTotal - Scan result 44/70

HTTP Headers

GET /housenetshare.exe HTTP/1.1
Host: stdown.dinju.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
ETag: "241e2647d63d91:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 23 Apr 2024 14:47:41 GMT
Last-Modified: Fri, 31 Mar 2023 03:03:38 GMT
Content-Length: 9264128
X-NWS-LOG-UUID: 17094794533605063554
Connection: keep-alive
X-Cache-Lookup: Cache Miss, Cache Miss

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers