Report - 72.144.231.7/d/msdownload/update/software/defu/2025/05/am_delta_patch_1.427.733.0_d462f66489b71eb53d35b482f9f9874844aad88e.exe?cacheHostOrigin=2.au.download.windowsupdate.com

Report Overview

Visitedpublic

2025-05-11 10:30:41

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
72.144.231.7	unknown	unknown	No data	No data	1.2 kB	387 kB	72.144.231.7

Related reports

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-05-11	medium	72.144.231.7/d/msdownload/update/software/defu/2025/05/am_delta_patch_1.427.733.0_d462f66489b71eb53d35b482f9f9874844aad88e.exe?cacheHostOrigin=2.au.download.windowsupdate.com	files - file ~tmp01925d3f.exe
2025-05-11	medium	72.144.231.7/d/msdownload/update/software/defu/2025/05/am_delta_patch_1.427.733.0_d462f66489b71eb53d35b482f9f9874844aad88e.exe?cacheHostOrigin=2.au.download.windowsupdate.com	meth_stackstrings

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-11	medium	72.144.231.7	Sinkholed
2025-05-11	medium	72.144.231.7	Sinkholed

ThreatFox

No alerts detected

File detected

URL

72.144.231.7/d/msdownload/update/software/defu/2025/05/am_delta_patch_1.427.733.0_d462f66489b71eb53d35b482f9f9874844aad88e.exe?cacheHostOrigin=2.au.download.windowsupdate.com

IP / ASN

72.144.231.7

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File Overview

File TypePE32+ executable (GUI) x86-64, for MS Windows, 6 sections

Size387 kB (386672 bytes)

MD5470a824c59a034177ba44aff33422a0a

SHA1d462f66489b71eb53d35b482f9f9874844aad88e

SHA256ba87a7bc800b36b397b5ec317612ff7876d38fd5b6547ac8be6acafada1095e5

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size