Report Overview
Submitted URL
ies.inquirer.com.ph/advprod03/assets/images/Advisory23-UCDMS04-11-01.zip
IP
103.62.30.52
ASN
#134431 News and Entertainment Network Corp
Submitted
2024-05-10 16:52:40
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
ies.inquirer.com.ph | unknown | unknown | No data | No data | 526 B | 1.6 MB | 121.58.195.156 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
ies.inquirer.com.ph/advprod03/assets/images/Advisory23-UCDMS04-11-01.zip
IP
121.58.195.156
ASN
#17639 Converge ICT Solutions Inc.
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.6 MB (1637012 bytes)
Hash
1c024b92f8e164e031fe5e4fff77ea61
3b1adffb8605760af23c3b480825e02ceaf836d6
Archive (1)
Filename | Md5 | File type | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Advisory23-UCDMS04-11-01.pdf.lnk | 005c762a3c39b1114c6521f52acb66c3
| MS Windows shortcut, Item id list present, Points to a file or directory, Has command line arguments, Icon number=0, Archive, ctime=Sun Sep 3 12:54:49 2023, mtime=Fri Dec 29 07:40:13 2023, atime=Sun Sep 3 12:54:49 2023, length=486400, window=hide |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public Nextron YARA rules | malware | check for LNKs that have a screen buffer size and WindowSize dimensions of 1x1 |
Public Nextron YARA rules | malware | detect LNK files used in Janicab infection chain |
Public Nextron YARA rules | malware | Detects a suspiciously big LNK file - maybe with embedded content |
Public InfoSec YARA rules | malware | Identifies PowerShell artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies scripting artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies executable artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies execution artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies download artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies Adobe Acrobat artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies shortcut (LNK) file larger than 100KB. Most goodware LNK files are smaller than 100KB. |
Public InfoSec YARA rules | malware | Identifies shortcut (LNK) file with equal or higher entropy than 6.5. Most goodware LNK files have a low entropy, lower than 6. |
VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
ies.inquirer.com.ph/advprod03/assets/images/Advisory23-UCDMS04-11-01.zip | 121.58.195.156 | 200 OK | 1.6 MB | |||||||
Detections
HTTP Headers
| ||||||||||