Report - support.prairiemicroworks.com/customer/Remote%20Support-windows64-online.exe?language=en&hostname=support.prairiemicroworks.com/

Report Overview

Visitedpublic

2024-04-16 09:57:59

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
support.prairiemicroworks.com	unknown	2004-05-11	2016-02-22 07:36:49	2024-04-09 06:53:20	498 B	989 kB	24.72.123.56

No alerts detected

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	support.prairiemicroworks.com/customer/Remote%20Support-windows64-online.exe?language=en&hostname=support.prairiemicroworks.com/	meth_stackstrings

No alerts detected

No alerts detected

No alerts detected

No alerts detected

No alerts detected

URL

support.prairiemicroworks.com/customer/Remote%20Support-windows64-online.exe?language=en&hostname=support.prairiemicroworks.com/

IP / ASN

24.72.123.56

#21804 ACCESS-SK

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

Size989 kB (989016 bytes)

MD5fafa245bc70230057de2af0345a763f1

SHA152f550a0baa38d31030b41976ada921c38db21f1

SHA25656576aebf5dc7cab24118d1bd2ac54e94b3ddd24dc69529315cf0bb1a57cc5d6

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_stackstrings
VirusTotal	suspicious	VirusTotal - Scan result 4/68

	URL	IP	Response	Size