FP 202.65.113.16 mikrotik.co.id

gnulab · January 12, 2021

Hi,

I would like to report a False Positive on a website.

IP = 202.65.113.16

hxxp://www.mikrotik.co.id

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 1/12/21
Protection Event Time: 6:47 PM
Log File: fd014f36-54cb-11eb-87bc-5cbaefd52ed4.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.35619
License: Premium

-System Information-
OS: Windows 10 (Build 19041.450)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data-
Category: RiskWare
Domain: www.mikrotik.co.id
IP Address: 202.65.113.16
Port: 80
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe

(end)

JPopovic · January 12, 2021

Hello,

There are some potentially malicious files related to this domain.

Here is one of them:

http://mikrotik.co.id/download/NeighborViewer.exe

Here is the VT detection:

https://www.virustotal.com/gui/file/ecc7461d5bbf26cb00e6f9dd9c281f14f47a399394ad5ba58b164a79cfb65f01/detection

One more:

 http://mikrotik.co.id/download/ipscan.exe

VT detection:

https://www.virustotal.com/gui/file/40dc213fe4551740e12cac575a9880753a9dacd510533f31bd7f635e743a7605/detection

This also:

 http://mikrotik.co.id/download/btest.exe

Unfortunately, we wouldn't be able to remove the block before those files are deleted.

Thank you for your understanding!

Sign In

FP 202.65.113.16 mikrotik.co.id

Recommended Posts

gnulab

Link to post

Share on other sites

JPopovic

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information