{"report_id":"6c437d2d-6e1b-434b-9cd1-78bf8f13ba8e","version":6,"status":"done","tags":[],"date":"2026-02-15T08:24:48Z","url":{"schema":"https","addr":"trustwallet.rpcnetwork.io/connect.html","fqdn":"trustwallet.rpcnetwork.io","domain":"rpcnetwork.io","tld":"io"},"ip":{"addr":"185.28.21.242","port":0,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"trustwallet.rpcnetwork.io/connect.html","fqdn":"trustwallet.rpcnetwork.io","domain":"rpcnetwork.io","tld":"io"},"title":"Trust Wallet","dom":{"size":242959,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (323)","md5":"4102fd39b700a52b972b940cea2ab0a2","sha1":"597965ddd858702242f8f0966ad4c0f4219d5f37","sha256":"2c45526ffbde1e621af0d5b956a0c2a3367e60d2e93bf1381013c5d49cf8c308","sha512":"2bcbc0495dea0f356179cc844b7a9815e0c8aefdde07c5940bf6e66c7660af23b7683214559cd558249988c20cef6b6f55e85e4788242bcbe3986286e054ffc5","ssdeep":"6144:bNqEoq0Kb9R+/1FSk9ZeceSp0Brz5et8nzX/Hzanoj6zlielhN5lQhxc:xfb9R23","tlshash":"41348455c3c0817a7c1704fbf34dd628739ba4845e3dabedd9c62241cbe27bd9a91a02","dom_hash":"domhash18c21bf17655c80f91b9a55faa1bfb67","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"trustwallet.rpcnetwork.io/connect.html","fqdn":"trustwallet.rpcnetwork.io","domain":"rpcnetwork.io","tld":"io"},"ip":{"addr":"185.28.21.242","port":0,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-22T08:24:48Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-15","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"trustwallet.rpcnetwork.io/images/trust-wallet-1.3J3Nz9y.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null},"summary":[{"fqdn":"trustwallet.rpcnetwork.io","ip":{"addr":"185.28.21.242","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"domain_registered":"2026-02-12","domain_rank":0,"first_seen":"2026-02-15T08:24:49.286948Z","last_seen":"2026-02-15T08:24:49.286948Z","alert_count":1,"request_count":4,"received_data":1617537,"sent_data":1972,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trustwallet.rpcnetwork.io/favicon_io/apple-touch-icon.png","fqdn":"trustwallet.rpcnetwork.io","domain":"rpcnetwork.io","tld":"io"},"ip":{"addr":"185.28.21.242","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.rpcnetwork.io/connect.html","date":"2026-02-15T08:24:27.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.rpcnetwork.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 10:50:02 GMT","end":"Wed, 13 May 2026 10:50:01 GMT"},"fingerprint":{"sha1":"8E:ED:F9:17:B8:82:42:7F:69:09:AD:CE:82:35:B4:02:F9:45:71:F2","sha256":"75:79:95:53:1D:1C:05:09:5C:40:1A:BD:A2:CA:97:01:B1:EF:BD:3A:F3:AE:21:BA:84:43:1F:12:F4:B4:ED:A4"}}},"request":{"raw":"GET /favicon_io/apple-touch-icon.png HTTP/1.1\r\nHost: trustwallet.rpcnetwork.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.rpcnetwork.io/connect.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 22 Feb 2026 08:24:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 12 Feb 2026 19:57:39 GMT\r\netag: \"3333-698e30b3-e7fd54a3340f10e5;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 13107\r\ndate: Sun, 15 Feb 2026 08:24:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":13107,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"99be90a5eb3924c77774e328936e019e","sha1":"e0f2eec3b7051420af5407f15cb2b16f98c719d2","sha256":"19816947d037a379ed985d25c8a09bd0e07ffbcec5e65bd5cc461b2142516fd9","sha512":"db4f4dc8470fb87eda74ea8c6e1cb9a490e3290589699906ba4665e0322126b6ea38482d6930453f755b54db78bac6ec76765b494694c6664ddd82c7ff67ff86","ssdeep":"384:CCOAqfe2vulaO3u/crbMxzAw6zXav4PNEEAhDvWde6B:CCONfe2G33u/cqebaAEEAhDvme6B","tlshash":"eb42c00ff71f71981963022a690c542f50c7cf6394079e7a9bfbdc5c25d4ada908ed92","first_seen":"2026-01-24T20:35:28.312837Z","last_seen":"2026-02-15T08:24:52.085716Z","times_seen":3,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.rpcnetwork.io/favicon_io/favicon-16x16.png","fqdn":"trustwallet.rpcnetwork.io","domain":"rpcnetwork.io","tld":"io"},"ip":{"addr":"185.28.21.242","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.rpcnetwork.io/connect.html","date":"2026-02-15T08:24:27.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.rpcnetwork.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 10:50:02 GMT","end":"Wed, 13 May 2026 10:50:01 GMT"},"fingerprint":{"sha1":"8E:ED:F9:17:B8:82:42:7F:69:09:AD:CE:82:35:B4:02:F9:45:71:F2","sha256":"75:79:95:53:1D:1C:05:09:5C:40:1A:BD:A2:CA:97:01:B1:EF:BD:3A:F3:AE:21:BA:84:43:1F:12:F4:B4:ED:A4"}}},"request":{"raw":"GET /favicon_io/favicon-16x16.png HTTP/1.1\r\nHost: trustwallet.rpcnetwork.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.rpcnetwork.io/connect.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 22 Feb 2026 08:24:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 12 Feb 2026 19:57:39 GMT\r\netag: \"216-698e30b3-ae58ad2134c86452;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 534\r\ndate: Sun, 15 Feb 2026 08:24:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":534,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"6f7829bf31fb2c1749a729dd32d2a6c4","sha1":"0dc605696e717621375c13997bdf134df356ad4a","sha256":"1f7f0836efef988e10cbee204d92360c9dbf3ea785bde71b9fb3814884bc3d13","sha512":"4101de3e2a5740e00d159b0c95561737b30757835573ae32f519440dfd22cdcc7b722f0f9c8f92609b987450ff81919ec7ba83bdfc9887a9d41a11935cf0c0ec","ssdeep":"","tlshash":"b3f0204024213cf0c5ae9fc9482c28f0d871c6afead8471cacd6bf841d32f6561b9055","first_seen":"2026-01-24T20:35:28.309623Z","last_seen":"2026-02-15T08:24:52.089314Z","times_seen":3,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.rpcnetwork.io/connect.html","fqdn":"trustwallet.rpcnetwork.io","domain":"rpcnetwork.io","tld":"io"},"ip":{"addr":"185.28.21.242","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-15T08:24:26.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.rpcnetwork.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 10:50:02 GMT","end":"Wed, 13 May 2026 10:50:01 GMT"},"fingerprint":{"sha1":"8E:ED:F9:17:B8:82:42:7F:69:09:AD:CE:82:35:B4:02:F9:45:71:F2","sha256":"75:79:95:53:1D:1C:05:09:5C:40:1A:BD:A2:CA:97:01:B1:EF:BD:3A:F3:AE:21:BA:84:43:1F:12:F4:B4:ED:A4"}}},"request":{"raw":"GET /connect.html HTTP/1.1\r\nHost: trustwallet.rpcnetwork.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Thu, 12 Feb 2026 19:57:39 GMT\r\netag: \"3b53a-698e30b3-31f71842dea6ac45;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 36409\r\ndate: Sun, 15 Feb 2026 08:24:26 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":243002,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (325)","md5":"6c9a3f6e637efeb0e8c235946f078c0f","sha1":"dac7effd0b92b7d8870914261e7f174eb30d816c","sha256":"4c0bd590bfb473e69b7965820b78bc8f3c0efed12ed7902c0a30a152a18a5577","sha512":"a639eb08c329dd4d4f6ca74be506bc223586f8ed39e47d1bb070ded34c8a39c0c834333d5fe9c7d010e278c014356bafc8657b5c59b20e5d74124d09e1e9ddea","ssdeep":"6144:MNqEoq0Kb9R+/1FSk9ZeceSp0Brz5et8nzX/Hzanoj6zlieXhfHNQhxc:Mfb9R2t","tlshash":"92348455c3c0817a7c1704fbf34dd628739ba4845e3dabedd9c62241cbe27bd9a91a02","first_seen":"2026-02-15T08:24:52.092673Z","last_seen":"2026-02-15T08:24:52.092673Z","times_seen":1,"resource_available":false,"data":null}},"time_used":848,"timings":{"blocked":284,"dns":51,"connect":114,"send":0,"wait":115,"receive":158,"ssl":124},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.rpcnetwork.io/images/trust-wallet-1.3J3Nz9y.gif","fqdn":"trustwallet.rpcnetwork.io","domain":"rpcnetwork.io","tld":"io"},"ip":{"addr":"185.28.21.242","port":443,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.rpcnetwork.io/connect.html","date":"2026-02-15T08:24:26.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.rpcnetwork.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 10:50:02 GMT","end":"Wed, 13 May 2026 10:50:01 GMT"},"fingerprint":{"sha1":"8E:ED:F9:17:B8:82:42:7F:69:09:AD:CE:82:35:B4:02:F9:45:71:F2","sha256":"75:79:95:53:1D:1C:05:09:5C:40:1A:BD:A2:CA:97:01:B1:EF:BD:3A:F3:AE:21:BA:84:43:1F:12:F4:B4:ED:A4"}}},"request":{"raw":"GET /images/trust-wallet-1.3J3Nz9y.gif HTTP/1.1\r\nHost: trustwallet.rpcnetwork.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.rpcnetwork.io/connect.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 22 Feb 2026 08:24:27 GMT\r\ncontent-type: image/gif\r\nlast-modified: Thu, 12 Feb 2026 19:57:39 GMT\r\netag: \"14bc6a-698e30b3-5a48b141b6912dc0;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 1358954\r\ndate: Sun, 15 Feb 2026 08:24:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":1358954,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 610 x 454","md5":"9ad7ae24b115df358c8966bc2c75742e","sha1":"d153b9743de86ce10f3d7f6f3c9da6c7139f2276","sha256":"6f1019b8f4f3d1c2fd4437d1c4e5fab778fd3b322f956a162acdaddd3c840bb1","sha512":"a6716338431e7bca5711b254bafee76d20a34b73d11f8a47a8f2c128dde6a94fe1eb54cc247c461b3b3ba470092513370639a10680cde6e12146572c9aaa20b0","ssdeep":"24576:cYDBqsuaWze/k/C3iUOWpBMViNN0BWem3yyGa:/DBGheDSUOWpBQBJmBv","tlshash":"9b2523d2503dea75c3137d611652ec3211b36ce96e6d533b9047389ef92a026ee8c6ec","first_seen":"2025-12-04T17:25:58.054845Z","last_seen":"2026-02-15T08:24:52.096132Z","times_seen":8,"resource_available":false,"data":null}},"time_used":780,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":666,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-02-15","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"trustwallet.rpcnetwork.io/images/trust-wallet-1.3J3Nz9y.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}}]}