Report Overview
Visitedpublic
2024-05-21 04:10:56
Tags
Submit Tags
URL
covid19help.top/findbin.scr
Finishing URL
about:privatebrowsing
IP / ASN
172.67.175.222
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
covid19help.top 3 alert(s) on this Domain | unknown | 2024-02-09 | 2024-02-09 10:04:28 | 2024-04-18 11:04:30 | 481 B | 1.3 MB | 172.67.175.222 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | Client IP | 172.67.175.222 | ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1 | |
| medium | Client IP | 172.67.175.222 | ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1 |
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-05-20 | medium | covid19help.top | Sinkholed |
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-05-20 | medium | covid19help.top | Sinkholed |
ThreatFox
No alerts detected
File detected
URL
covid19help.top/findbin.scr
IP / ASN
172.67.175.222
File Overview
File TypePE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
Size1.3 MB (1269248 bytes)
MD57a2a3cc24199f86f3095d329335742bf
SHA1115f14e5c083de1d3281fe7bb9d2f995813fd185
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| VirusTotal | malicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|