Report - link.storjshare.io/s/juahixum7kbwohufe43zes35y2pq/sessoes/Skype.exe?download=1

Report Overview

Visited public
2024-07-24 17:46:16
Tags
URL
link.storjshare.io/s/juahixum7kbwohufe43zes35y2pq/sessoes/Skype.exe?download=1
Finishing URL
about:privatebrowsing
IP / ASN
136.0.77.2
#212238 Datacamp Limited
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-23 18:12:04	2.0 kB	5.3 kB	23.36.76.226
link.storjshare.io	unknown	2020-12-09	2021-07-11 10:56:39	2024-07-24 18:40:20	532 B	457 kB	136.0.77.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-07-24 17:45:50	medium	Client IP	136.0.77.2	ET INFO Observed File Sharing Service Domain (link .storjshare .io in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-07-24	medium	link.storjshare.io/s/juahixum7kbwohufe43zes35y2pq/sessoes/Skype.exe?download=1	files - file ~tmp01925d3f.exe

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
link.storjshare.io/s/juahixum7kbwohufe43zes35y2pq/sessoes/Skype.exe?download=1
IP
136.0.77.2
ASN
#212238 Datacamp Limited

File type
PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
Size
457 kB (456864 bytes)
Hash
b3b871e6016b1d02f7fa35cb885e7d8f
78b97c60a8e4caa1058e35c5a3c58375fc126e95
054b01984bdebaf673506849cccae7c329209245f3cbc0f6d366bba1294658df

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (7)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2270944df735d7ff634f3a64d60a5517
ab2b76c6ac7a9c2db08048c032917a78a093dc3e
14d1b1bffc6d4dce79e0b1514bc55d2eba45ece9d721749117735df203d7459f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "14D1B1BFFC6D4DCE79E0B1514BC55D2EBA45ECE9D721749117735DF203D7459F"
Last-Modified: Tue, 23 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16672
Expires: Wed, 24 Jul 2024 22:23:42 GMT
Date: Wed, 24 Jul 2024 17:45:50 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
03911e0256a676e8914fa047f1967a62
ebb51f90d82d3a9783b8e18ce11dc6760a40d53c
5f402181dec0792eb40a8b380bea4642e9ae149562170d09b95d30618c8455c1

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5F402181DEC0792EB40A8B380BEA4642E9AE149562170D09B95D30618C8455C1"
Last-Modified: Tue, 23 Jul 2024 08:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11196
Expires: Wed, 24 Jul 2024 20:52:26 GMT
Date: Wed, 24 Jul 2024 17:45:50 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
712b83dd93b25c422e76a0874e40d710
f87414bc899d7af9bd1b60a5b8c616b43b7cad00
a1aa4fb80b41b76f8c2f837eef8495b3029d8012bfe126002ed0c161546c697f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A1AA4FB80B41B76F8C2F837EEF8495B3029D8012BFE126002ED0C161546C697F"
Last-Modified: Tue, 23 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7309
Expires: Wed, 24 Jul 2024 19:47:39 GMT
Date: Wed, 24 Jul 2024 17:45:50 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fd115439890c93cffca20c1e8e57d7e9
ac392d605dbe2ebd22d7c5fbad07e8c52d77ea5c
6880e7942c7d7fd202d5fa27f05d9bf4d326a927c8017d7eb3fe8935bca9315d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6880E7942C7D7FD202D5FA27F05D9BF4D326A927C8017D7EB3FE8935BCA9315D"
Last-Modified: Tue, 23 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11359
Expires: Wed, 24 Jul 2024 20:55:09 GMT
Date: Wed, 24 Jul 2024 17:45:50 GMT
Connection: keep-alive

link.storjshare.io/s/juahixum7kbwohufe43zes35y2pq/sessoes/Skype.exe?download=1

136.0.77.2

200 OK

457 kB

URL User Request GET HTTP/2
link.storjshare.io/s/juahixum7kbwohufe43zes35y2pq/sessoes/Skype.exe?download=1
IP
136.0.77.2:443
ASN
#212238 Datacamp Limited

Certificate
IssuerGoogle Trust Services
Subjectlink.storjshare.io
FingerprintD3:72:5D:27:4E:C9:FF:9F:BC:08:CA:E7:0E:1C:D0:C0:7B:55:34:ED
ValiditySat, 15 Jun 2024 10:43:09 GMT - Fri, 13 Sep 2024 10:43:08 GMT

File type
PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
Size
457 kB (456864 bytes)
Hash
b3b871e6016b1d02f7fa35cb885e7d8f
78b97c60a8e4caa1058e35c5a3c58375fc126e95
054b01984bdebaf673506849cccae7c329209245f3cbc0f6d366bba1294658df

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

HTTP Headers

GET /s/juahixum7kbwohufe43zes35y2pq/sessoes/Skype.exe?download=1 HTTP/1.1
Host: link.storjshare.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-disposition: attachment; filename=Skype.exe
content-type: application/octet-stream
last-modified: Wed, 24 Jul 2024 05:21:59 GMT
x-request-id: SRq9rTD25qm
content-length: 456864
date: Wed, 24 Jul 2024 17:45:51 GMT
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6f2910e1ef1f25adc2a608cb3e59166e
da9b723e09fa30a2caee59b3a2d7c31e670f1954
cd7fdfa1d737721a9e30ca08b7d4ee9f0dae31a9a4aab7f1b3c32efa752ccc63

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CD7FDFA1D737721A9E30CA08B7D4EE9F0DAE31A9A4AAB7F1B3C32EFA752CCC63"
Last-Modified: Tue, 23 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15268
Expires: Wed, 24 Jul 2024 22:00:20 GMT
Date: Wed, 24 Jul 2024 17:45:52 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6f2910e1ef1f25adc2a608cb3e59166e
da9b723e09fa30a2caee59b3a2d7c31e670f1954
cd7fdfa1d737721a9e30ca08b7d4ee9f0dae31a9a4aab7f1b3c32efa752ccc63

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CD7FDFA1D737721A9E30CA08B7D4EE9F0DAE31A9A4AAB7F1B3C32EFA752CCC63"
Last-Modified: Tue, 23 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15268
Expires: Wed, 24 Jul 2024 22:00:20 GMT
Date: Wed, 24 Jul 2024 17:45:52 GMT
Connection: keep-alive

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (7)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers