Report Overview
Visitedpublic
2024-03-13 06:21:03
Tags
Submit Tags
URL
fs12n1.sendspace.com/dlpro/da98c96cd855ec2b967a702665b4425f/65f14595/hg4kq5/INVOICE-WRVSFF09DFSGA.pdf.zip
Finishing URL
about:privatebrowsing
IP / ASN
69.31.136.53
#3257 GTT Communications Inc.
Title
about:privatebrowsing

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Host Summary

HostRankRegisteredFirst SeenLast Seen
fs12n1.sendspace.com
unknown2005-07-142017-02-05 10:14:592024-03-02 09:52:11

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules
SeverityIndicatorAlert
mediumfs12n1.sendspace.com/dlpro/da98c96cd855ec2b967a702665b4425f/65f14595/hg4kq5/INVOICE-WRVSFF09DFSGA.pdf.zipDetects suspicious tiny ZIP files with phishing attachment characteristics
mediumfs12n1.sendspace.com/dlpro/da98c96cd855ec2b967a702665b4425f/65f14595/hg4kq5/INVOICE-WRVSFF09DFSGA.pdf.zipDetects suspicius tiny ZIP files with malicious lnk files

OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


File detected

URL
fs12n1.sendspace.com/dlpro/da98c96cd855ec2b967a702665b4425f/65f14595/hg4kq5/INVOICE-WRVSFF09DFSGA.pdf.zip
IP / ASN
69.31.136.53
#3257 GTT Communications Inc.
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=deflate
Size1.1 kB (1060 bytes)
MD50f6cff233fe33a3d17eddec0e05a6ece
SHA15653e0d76b25445358c130db953588f5a8caefd4
Archive (1)
FilenameMD5File type
INVOICE-WRVSFF09DFSGA.pdf.lnk29f12e5bea6009aabf82fd001bd1c5d5MS Windows shortcut, Points to a file or directory, Has Working directory, Icon number=1, Archive, ctime=Wed Feb 28 12:59:16 2024, mtime=Wed Feb 28 12:59:16 2024, atime=Wed Feb 28 12:59:16 2024, length=21887, window=hide

Detections

AnalyzerVerdictAlert
Public InfoSec YARA rulesmalware
Identifies PowerShell artefacts in shortcut (LNK) files.
Public InfoSec YARA rulesmalware
Identifies executable artefacts in shortcut (LNK) files.
Public InfoSec YARA rulesmalware
Identifies archive (compressed) files in shortcut (LNK) files.
Public Nextron YARA rulesmalware
Detects suspicious tiny ZIP files with phishing attachment characteristics
YARAhub by abuse.chmalware
Detects suspicius tiny ZIP files with malicious lnk files
VirusTotalsuspicious
VirusTotal - Scan result 1/44

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize