Report Overview
Visitedpublic
2024-03-01 04:39:39
Tags
Submit Tags
URL
fs12n5.sendspace.com/dlpro/e43c1404886336001f3a7310284325bd/65e151fd/hg4kq5/INVOICE-WRVSFF09DFSGA.pdf.zip
Finishing URL
about:privatebrowsing
IP / ASN
69.31.136.53
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
fs12n5.sendspace.com 3 alert(s) on this Domain | unknown | unknown | No data | No data | 559 B | 1.6 kB | 69.31.136.53 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-03-01 | medium | fs12n5.sendspace.com/dlpro/e43c1404886336001f3a7310284325bd/65e151fd/hg4kq5/INVOICE-WRVSFF09DFSGA.pdf.zip | Detects suspicious tiny ZIP files with phishing attachment characteristics |
| 2024-03-01 | medium | fs12n5.sendspace.com/dlpro/e43c1404886336001f3a7310284325bd/65e151fd/hg4kq5/INVOICE-WRVSFF09DFSGA.pdf.zip | Detects suspicius tiny ZIP files with malicious lnk files |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
fs12n5.sendspace.com/dlpro/e43c1404886336001f3a7310284325bd/65e151fd/hg4kq5/INVOICE-WRVSFF09DFSGA.pdf.zip
IP / ASN
69.31.136.53
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=deflate
Size1.1 kB (1060 bytes)
MD50f6cff233fe33a3d17eddec0e05a6ece
SHA15653e0d76b25445358c130db953588f5a8caefd4
Archive (1)
| Filename | MD5 | File type |
|---|---|---|
| INVOICE-WRVSFF09DFSGA.pdf.lnk | 29f12e5bea6009aabf82fd001bd1c5d5 | MS Windows shortcut, Points to a file or directory, Has Working directory, Icon number=1, Archive, ctime=Wed Feb 28 12:59:16 2024, mtime=Wed Feb 28 12:59:16 2024, atime=Wed Feb 28 12:59:16 2024, length=21887, window=hide |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public InfoSec YARA rules | malware | Identifies PowerShell artefacts in shortcut (LNK) files. |
| Public InfoSec YARA rules | malware | Identifies executable artefacts in shortcut (LNK) files. |
| Public InfoSec YARA rules | malware | Identifies archive (compressed) files in shortcut (LNK) files. |
| Public Nextron YARA rules | malware | Detects suspicious tiny ZIP files with phishing attachment characteristics |
| YARAhub by abuse.ch | malware | Detects suspicius tiny ZIP files with malicious lnk files |
| VirusTotal | suspicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|