Report Overview

  1. Submitted URL

    91.92.245.76/autorun.exe

  2. IP

    91.92.245.76

    ASN

    #34368 Natskovi & Sie Ltd.

  3. Submitted

    2023-12-04 15:46:12

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    4

  4. Threat Detection Systems

    5

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
91.92.245.76unknownunknownNo dataNo data

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IP 91.92.245.76
ET INFO Executable Download from dotted-quad Host
high 91.92.245.76Client IP
ET POLICY PE EXE or DLL Windows file download HTTP
medium 91.92.245.76Client IP
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
low 91.92.245.76Client IP
ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)

Threat Detection Systems

Public InfoSec YARA rules
SeverityIndicatorAlert
medium91.92.245.76/autorun.exefiles - file ~tmp01925d3f.exe

OpenPhish

No alerts detected


PhishTank

No alerts detected


Fortinet's Web Filter

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS
SeverityIndicatorAlert
medium91.92.245.76Sinkholed

ThreatFox

No alerts detected


Files detected

  1. URL

    91.92.245.76/autorun.exe

  2. IP

    91.92.245.76

  3. ASN

    #34368 Natskovi & Sie Ltd.

  1. File type

    PE32 executable (GUI) Intel 80386, for MS Windows\012- data

    Size

    325 kB (324896 bytes)

  2. Hash

    e37a8606dc54371e954b69dd732a7cd4

    8f02e3d50136a3c98482b324bbca78dab340c273

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    files - file ~tmp01925d3f.exe
    VirusTotalmalicious
    VirusTotal - Scan result 26/72

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
91.92.245.76/autorun.exe
91.92.245.76200 OK325 kB