Report Overview
Visitedpublic
2024-04-16 09:57:59
Tags
Submit Tags
URL
support.prairiemicroworks.com/customer/Remote%20Support-windows64-online.exe?language=en&hostname=support.prairiemicroworks.com/
Finishing URL
about:privatebrowsing
IP / ASN
24.72.123.56
#21804 ACCESS-SK
Title
about:privatebrowsing

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Host Summary

HostRankRegisteredFirst SeenLast Seen
support.prairiemicroworks.com
unknown2004-05-112016-02-22 07:36:492024-04-09 06:53:20

Related reports

Threat Detection Systems

Public InfoSec YARA rules
SeverityIndicatorAlert
mediumsupport.prairiemicroworks.com/customer/Remote%20Support-windows64-online.exe?language=en&hostname=support.prairiemicroworks.com/meth_stackstrings

OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


File detected

URL
support.prairiemicroworks.com/customer/Remote%20Support-windows64-online.exe?language=en&hostname=support.prairiemicroworks.com/
IP / ASN
24.72.123.56
#21804 ACCESS-SK
File Overview
File TypePE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
Size989 kB (989016 bytes)
MD5fafa245bc70230057de2af0345a763f1
SHA152f550a0baa38d31030b41976ada921c38db21f1

Detections

AnalyzerVerdictAlert
YARAhub by abuse.chmalware
meth_stackstrings
VirusTotalsuspicious
VirusTotal - Scan result 4/68

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize