Report Overview
Visitedpublic
2025-04-22 13:58:51
Tags
Submit Tags
URL
www.ch-werner.de/sqliteodbc/sqliteodbc.exe
Finishing URL
about:privatebrowsing
IP / ASN
80.150.6.143
#3320 Deutsche Telekom AG
Title
about:privatebrowsing

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
3

Host Summary

HostRankRegisteredFirst SeenLast Seen
www.ch-werner.de
unknownunknown2017-02-012025-03-20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
high
80.150.6.143
Client IPET POLICY PE EXE or DLL Windows file download HTTP

Threat Detection Systems

Public InfoSec YARA rules
SeverityIndicatorAlert
mediumwww.ch-werner.de/sqliteodbc/sqliteodbc.exeDetect files is `SliverFox` malware

OpenPhish

No alerts detected


PhishTank

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


File detected

URL
www.ch-werner.de/sqliteodbc/sqliteodbc.exe
IP / ASN
80.150.6.143
#3320 Deutsche Telekom AG
File Overview
File TypePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections
Size5.4 MB (5398170 bytes)
MD57f2de7ef9ca2e120b3a8d01c7da4dc23
SHA1cc64af56be5243d218f48286233d43176e293e2e

Detections

AnalyzerVerdictAlert
YARAhub by abuse.chmalware
Detect files is `SliverFox` malware
VirusTotalsuspicious
VirusTotal - Scan result 1/72

JavaScript (0)

HTTP Transactions (2)

URLIPResponseSize