Report Overview
Visitedpublic
2025-10-16 06:41:58
Tags
Submit Tags
URL
mystatment-desktopappm.live/mz/
Finishing URL
mystatment-desktopappm.live/mz/
IP / ASN
52.38.173.188
Title
Social Security Statement
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
cdn-icons-png.flaticon.com | 239972 | 2013-05-10 | 2021-09-02 | 2025-10-12 | 466 B | 4.3 kB |  23.36.77.91 | |
www.ssa.gov | 11800 | unknown | 2013-11-26 | 2025-10-11 | 464 B | 20 kB | 23.36.77.179 |   |
fonts.gstatic.com | unknown | 2008-02-11 | 2014-04-02 | 2025-10-12 | 1.7 kB | 123 kB | 142.250.74.3 | |
raw.githubusercontent.com 1 alert(s) on this Host | 22021 | 2014-02-06 | 2014-03-01 | 2025-10-13 | 576 B | 15 MB | 185.199.110.133 |    |
mystatment-desktopappm.live 12 alert(s) on this Host | unknown | unknown | 2025-10-16 | 2025-10-16 | 1.0 kB | 11 kB | 52.38.173.188 |   |
fonts.googleapis.com | 313 | 2005-01-25 | 2012-05-23 | 2025-10-12 | 483 B | 17 kB | 216.58.211.10 |
Amazon Web Services (PaaS)
Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.Acquia Cloud Platform:next (PaaS)
Acquia Cloud Platform is a Drupal-tuned application lifecycle management suite with an infrastructure to support Drupal deployment workflow processes.Varnish (Caching)
Varnish is a reverse caching proxy.GitHub Pages (PaaS)
GitHub Pages is a static site hosting service.Fastly (CDN)
Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video & streaming services.Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.OpenResty (Web servers)
OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.Related reports
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | raw.githubusercontent.com/dinemikw/nime/main/desktop_v3.0.EXE | malware | Scans presence of the found strings using the in-house brute force method |
| CIRA Canadian Shield DNS | mystatment-desktopappm.live | malicious | Sinkholed |
| Cloudflare DNS | mystatment-desktopappm.live | malicious | Sinkholed |
| Quad9 DNS | mystatment-desktopappm.live | malicious | Sinkholed |
| OpenDNS | mystatment-desktopappm.live | phishing | Phishing Block |
| OpenPhish | mystatment-desktopappm.live/mz/ | phishing | Phishing - AT&T Inc. |
| DNS0 Zero | mystatment-desktopappm.live | malicious | Sinkholed |
| OpenPhish | mystatment-desktopappm.live | phishing | Phishing - AT&T Inc. |
File detected
URL
raw.githubusercontent.com/dinemikw/nime/main/desktop_v3.0.EXE
IP / ASN
185.199.110.133
File Overview
File TypePE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
Size15 MB (14781992 bytes)
MD593b5c675ed81f68c5655ace55726d61b
SHA18043ae42215711d7848b6215f01c1b620d739e1b
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | Scans presence of the found strings using the in-house brute force method |
JavaScript (2)
No JavaScripts
HTTP Transactions (9)
| URL | IP | Response | Size |
|---|