Report Overview

  1. Submitted URL

    raw.githubusercontent.com/zusyaku/malware-collection-part-2/main/dobrota_clean.exe

  2. IP

    185.199.111.133

    ASN

    #54113 FASTLY

  3. Submitted

    2024-08-01 15:07:24

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  1. urlquery

    0

  2. Network Intrusion Detection

    0

  3. Threat Detection Systems

    3

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
r10.o.lencr.orgunknown2020-06-292024-06-062024-07-31
raw.githubusercontent.com358022014-02-062014-03-012024-07-31

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules
SeverityIndicatorAlert
mediumraw.githubusercontent.com/zusyaku/malware-collection-part-2/main/dobrota_clean.exeDetects an SFX archive with automatic script execution

OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    raw.githubusercontent.com/zusyaku/malware-collection-part-2/main/dobrota_clean.exe

  2. IP

    185.199.109.133

  3. ASN

    #54113 FASTLY

  1. File type

    PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

    Size

    8.1 MB (8118243 bytes)

  2. Hash

    c8b999419a3c103270290e99189f794c

    90148745b61d2c77c1694e43f11faaa9a3d05a0a

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    Detects an SFX archive with automatic script execution
    VirusTotalmalicious

JavaScript (0)

HTTP Transactions (8)

URLIPResponseSize
r10.o.lencr.org/
23.36.76.226 504 B
r10.o.lencr.org/
23.36.76.226 504 B
r10.o.lencr.org/
23.36.76.226 504 B
r10.o.lencr.org/
23.36.76.226 504 B
raw.githubusercontent.com/zusyaku/malware-collection-part-2/main/dobrota_clean.exe
185.199.109.133200 OK8.1 MB
r10.o.lencr.org/
23.36.76.226 504 B
r10.o.lencr.org/
23.36.76.226 504 B
r10.o.lencr.org/
23.36.76.226 504 B