Report Overview
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
hitman-pro.ru | unknown | 2020-02-18 | 2016-01-17 | 2024-04-17 | 481 B | 19 MB | 104.21.7.5 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-04-27 | medium | hitman-pro.ru | Sinkholed |
Quad9 DNS
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-04-27 | medium | hitman-pro.ru | Sinkholed |
ThreatFox
No alerts detected
Files detected
URL
hitman-pro.ru/hitmanpro.zip
IP
104.21.7.5
ASN
#13335 CLOUDFLARENET
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
19 MB (18993841 bytes)
Hash
6c5d8c9731af3397d1661ff36dd69435
5bd932c4292042c9b1d095116115b868a86eb99d
Archive (3)
Filename | Md5 | File type | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
hitmanpro.exe | eb097da8c02518caa32dc73e9d25f8ed
| PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections | |||||||||
���冷� ��⠭����.txt | f18f204dc60cf80988aff4fc9aee8ecb | Unicode text, UTF-8 text, with CRLF line terminators | |||||||||
adguardinstaller.exe | cd3581d9db9d066b4c08a42df3d6c1ac | PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | meth_get_eip |
YARAhub by abuse.ch | malware | meth_stackstrings |
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
hitman-pro.ru/hitmanpro.zip | 104.21.7.5 | 200 OK | 19 MB | |||||||||||||
Detections
HTTP Headers
| ||||||||||||||||