Report Overview
- Visited public2023-12-04 18:53:39TagsSubmit Tags
- URL
pkg.dl.mail.ru/packages/0_2002134distrib172/LeftToSurvive.exe
- Finishing URL
about:privatebrowsing
- IP / ASN
178.22.89.141#47764 Mail.Ru LLC
Titleabout:privatebrowsing
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| pkg.dl.mail.ru | unknown | 1997-09-27 | 2014-10-07 16:11:43 | 2023-12-04 06:01:14 | 443 B | 441 B | 178.22.89.142 |
| source.gc.my.games | unknown | 2019-02-15 | 2022-06-02 15:09:23 | 2023-12-04 06:01:21 | 474 B | 654 kB | 178.22.88.61 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| 2023-12-04 18:53:29 | low | 178.22.88.61 | Client IP | |
| 2023-12-04 18:53:29 | high | 178.22.88.61 | Client IP | |
| 2023-12-04 18:53:29 | low | 178.22.88.61 | Client IP |
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2023-12-04 | medium | source.gc.my.games/from=front-6.pkg.ru.dl.srv/packages/0_2002134distrib172/LeftToSurvive.exe | files - file ~tmp01925d3f.exe |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
JavaScript (0)
HTTP Transactions (2)
| URL | IP | Response | Size | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET pkg.dl.mail.ru/packages/0_2002134distrib172/LeftToSurvive.exe | 178.22.89.142 | 169 B | ||||||||||||||||||||
HTTP Headers
| ||||||||||||||||||||||
GET source.gc.my.games/from=front-6.pkg.ru.dl.srv/packages/0_2002134distrib172/LeftToSurvive.exe | 178.22.88.61 | 200 OK | 654 kB | |||||||||||||||||||
Detections
HTTP Headers
| ||||||||||||||||||||||