Author Topic: 5 engines detect this URL....  (Read 1052 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
5 engines detect this URL....
« on: March 21, 2020, 02:12:10 PM »
See: https://urlhaus.abuse.ch/url/328064/
Consider: https://sitecheck.sucuri.net/results/www.sendspace.com  (no alerts)
VT detections: https://www.virustotal.com/gui/url/502bbe72ba05a1ac875ecdd6c7d52b2d9a8afbcd7179a8fa215b0dfe578cbcc0/detection
DrWeb detects the malicious redirect as
Quote
hxtps://www.sendspace.com/pro/dl/cjpf5z redirects to htxps://fs06n2.sendspace.com/dlpro/93cf82c1c205ada70cf599569ff497ca/5e76122a/cjpf5z/Client-built2_encrypted_11E2BD0.bin

hxtps://www.sendspace.com/pro/dl/cjpf5z is in Dr.Web malicious sites list!

Checking: htxps://fs06n2.sendspace.com/dlpro/93cf82c1c205ada70cf599569ff497ca/5e76122a/cjpf5z/Client-built2_encrypted_11E2BD0.bin
Engine version: 7.0.44.12030
Total virus-finding records: 8777782
File size: 348.56 KB
File MD5: 2d960488a97565e61e829e5ea1fbfb8c

hxtps://fs06n2.sendspace.com/dlpro/93cf82c1c205ada70cf599569ff497ca/5e76122a/cjpf5z/Client-built2_encrypted_11E2BD0.bin - Ok

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!