Report Overview
Submitted URL
wap.ggemdol.com/Data/UnityGGemDolWebPlayer.exe?PHPSESSID=2e318076e02d0cd3e75a190b9bddb1d8
IP
222.122.86.200
ASN
#4766 Korea Telecom
Submitted
2024-05-11 01:07:37
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
10
Threat Detection Systems
3
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
wap.ggemdol.com | unknown | unknown | No data | No data | 459 B | 2.7 MB | 222.122.86.200 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Timestamp | Severity | Source IP | Destination IP | Alert |
---|---|---|---|---|
2024-05-11 00:33:05 | medium | 222.122.86.200 | Client IP | |
2024-05-11 00:33:05 | medium | 222.122.86.200 | Client IP | |
2024-05-11 00:33:05 | medium | 222.122.86.200 | Client IP | |
2024-05-11 00:33:05 | medium | 222.122.86.200 | Client IP | |
2024-05-11 00:33:06 | medium | 222.122.86.200 | Client IP | |
2024-05-11 00:33:06 | medium | 222.122.86.200 | Client IP | |
2024-05-11 00:33:06 | medium | 222.122.86.200 | Client IP | |
2024-05-11 00:33:06 | medium | 222.122.86.200 | Client IP | |
2024-05-11 00:33:08 | high | 222.122.86.200 | Client IP | |
2024-05-11 00:33:08 | high | 222.122.86.200 | Client IP |
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-05-11 | medium | wap.ggemdol.com/Data/UnityGGemDolWebPlayer.exe?PHPSESSID=2e318076e02d0cd3e75a190b9bddb1d8 | Detect files is `SliverFox` malware |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
wap.ggemdol.com/Data/UnityGGemDolWebPlayer.exe?PHPSESSID=2e318076e02d0cd3e75a190b9bddb1d8
IP
222.122.86.200
ASN
#4766 Korea Telecom
File type
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections
Size
2.7 MB (2691512 bytes)
Hash
f7cee47849c3973569271b6928a190a7
43b3ddad59154a094c5fe6775865c2e372dc267b
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | Detect files is `SliverFox` malware |
VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
wap.ggemdol.com/Data/UnityGGemDolWebPlayer.exe?PHPSESSID=2e318076e02d0cd3e75a190b9bddb1d8 | 222.122.86.200 | 200 OK | 2.7 MB | |||||||||||||||||||
Detections
HTTP Headers
| ||||||||||||||||||||||