SUSP_URL_Split_Jun23

Rule Info

Name
SUSP_URL_Split_Jun23
Author
Florian Roth
Description
Detects suspicious split of URL protocol handler (https)
Score
60
Reference
Internal Research
Date
2023-06-19
Modified
2023-07-05
Minimum Yara
1.7
Rule Hash
fd27d64a298b17858c4349c6f8f98ef1
Tags
['SUSP']
Required Modules
[]
Virustotal Matches
https://www.virustotal.com/gui/search/susp_url_split_jun23/comments

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
28
Suspicious (< 10 engines)
72
Clean (0 engines)
63

Rule Matches

Timestamp
Positives
Total
Hash
VT
2024-05-02 18:03:35
0
62
bdc038cc7af03602b37915633115ed21a8da2dbebd799a717b9411283905820c
2024-05-02 18:03:35
0
61
ee1963b93822be3325a01644293e971a640b43749923cce0b638160abf6c5df7
2024-05-02 18:03:35
0
60
d6b4dc62833a1ed614c2258a9de92ccc8d44e0ef71957e3051b2531f2ba63904
2024-05-02 18:03:22
0
62
03bee3f4968fa6431bd907b4ccb0a75e741228edbda7b91a2f6b69df6c4220a5
2024-05-02 18:02:38
0
62
98549a0bf6016f727f06a2b5b32d874871f74d1693582f9327fbaad9385df3d3
2024-05-02 18:02:37
0
62
c33222384f20fd02b36c662134fc4ac99e27029fffa054383200057d5cafffc8
2024-04-03 23:04:00
32
57
87146ae8db88ce1c2b11c0b2896a95f7eeded4b21c88517619bbebbe39791a12
2024-03-28 11:02:45
6
61
6b20d6bbe480b02f9362b5673cef35968fed6eb3b18cd65f3d577882fea0f90e
2024-03-15 12:01:35
0
59
8ffe14e0b1b14b5ec7a93f4d51a7017a02454ccd39a9e8535cf4b6c071c3da6f
2024-02-23 00:11:15
0
60
b43dda15760c5ae6667620f0719bd95d32ab19e3aa25f0acfa7d3a4f434368c7
2024-02-17 18:04:51
41
61
384a8fec7e54b6f4df5b64ec452b2a7f19932da1ed5d1326ce46cd39b14cee3f
2024-02-12 15:01:25
11
60
374a999d417882cc93b034e12316ab965a8d48d535c1d1793231e87d58431d12
2024-02-02 16:52:39
10
59
7cffeecde69719ceba5d1dff2d37ed500c6dc8a95a1f77882f9d2d89b4e8c32d
2024-01-17 03:11:45
0
58
14961bf38b49ded453152ca6e559197febf4a136990a7b5d199bd0638022ea90
2024-01-10 10:12:03
0
57
72a2aa81f68f6df2286db74d9e66fe5c9004692a0842e082061bebbc6db57728
2024-01-10 08:09:20
0
57
a7a59251f739d9fdab230682b870d6ceb2da3a8b0b21db94ba53f8e1cb1e9ab3
2024-01-10 01:14:13
0
57
49279f8dfee0074c4990edd95ff4f3ecdd375755befc26fc175084ed43e8272d
2024-01-09 23:03:03
0
57
0f8653e28ef085882d06a724da6936b6c5cbf82a2bf3158a748dc832381696f6
2024-01-09 17:08:38
0
57
323a852334c7d6890c5c1159851cdaece5c7c21afd30a70ed2393633567ec10d
2024-01-09 17:08:38
0
57
548ee8bb64272a68c0d36c043cffaea9e37c8e0c3eed7375068d57cec6104c75
2024-01-09 17:08:37
0
58
c1eae81784afb439fa1c792be5e11114e2907c7038c29f02c1e06a06178672fb
2024-01-09 17:08:37
0
57
81a1f088ecae59e05f8def4aba1c570970e163fcf2b54068504891998c451936
2024-01-09 16:02:08
0
57
ef545b0b0a2af5e686b52f8ae80d26dd55015c14dd6dbf6140a9422c0c183f9c
2024-01-09 15:37:41
0
58
8b35b79e64a1e86c2812fcd8ff5f7d5a98c6a69e76041f4dd91c658d42813c0a
2024-01-08 23:45:44
0
58
da38884a59cd38565b9f81a6212bab0e912833bd258ce9087f8b44321dc8c98e
2024-01-08 20:37:52
0
58
ff9d4356c198967442bf538993f144a91224db7d58d31d684e4e75b8129fdaef
2024-01-08 20:37:51
0
58
4b367d21e67bc8e32762fb47a385bee1410cfa4d6ca4bc86a613de68c9ceee4d
2024-01-08 20:37:51
0
58
562d0d41d99e57669cd4d19605327ad29a30c327d514a2ae2bdf1e2d362dc5fd
2024-01-08 20:37:51
0
58
3e8648210c6edec7f9e2e7c5fc94dd02d5efba84da8dd9d7f50609e0bffa8e73
2024-01-08 20:37:50
0
58
851b008d5881b9bffc37487260cfccffda2d1d3022fd389277eb0a0ea513a503
2024-01-08 20:37:50
0
58
9f0d71e879d244dcd97b9bf3f56364ce220e0f12bae6bc91613378a945ad6455
2024-01-08 20:37:50
0
56
bddd11ba5c4fa3498d33d7da2b64929eaac48cfa78c506553aeed9e5a869779b
2024-01-08 20:37:50
0
58
f5e40fcc4302e902ce62212be7cc1d09db078bb5f548334e184cecf6fe7fceca
2024-01-08 20:37:50
0
58
d4b1854adfaaed7550195cb7f264900782089c6a3014c18e049813ca4754b59b
2024-01-08 20:37:50
0
58
cd77eb45dfdb08a0e93805ae82b4042529596dc733ad8adad3e0620f0f4b8d02
2024-01-08 20:37:49
0
58
68b95de1aead9612a0be05a12cdec2eeadb21f488f647cfea7bb2a75888803fa
2024-01-08 20:37:49
0
58
940cb88d31c029d22c1471dbe76953141d6cdd11af41fff2791fc84b28ecad7f
2024-01-08 20:37:49
0
58
ba62ed4e80bd13b0bce19b81b57c0d90815da45667abf9c6f94f315c47e80173
2024-01-08 20:37:49
0
58
cfdf8d6c7b3d527a3dbbe7c46cc73e6db5e03be4c9de0e16365456da78331e23
2024-01-08 20:37:48
0
58
101a7af30c0b8050c76c5262e6efc7e727c94cedd2222b85876bc4c0ae080fb0
2024-01-08 20:37:48
0
58
b7283df2b35ece26638bdfec45ca61f09ac87e73519445be8f31f023196a9ec2
2024-01-08 20:37:48
0
58
d15c00e0a919888a6ca822fd5d6f87e6b3dcf79a13ec78b3bbfae070c2b926b5
2024-01-08 20:37:48
0
58
6db2402d52c2fd88f0e94608f186b2447a96f1833767550ce241ca65d8b6397f
2024-01-08 20:37:48
0
58
18a246f47c77f1cbd579a6d20c859363ea7225bc4943a9760dfe13b726795bf8
2024-01-08 20:37:48
0
58
4510e9aee0606960cecf8481a45261eca0476a6bb887ed5ac24a172f766ebf3b
2024-01-08 20:37:47
0
58
8bcfc24985f16138886d7290d2d2c7482d05fafefcee15caf9eb9b2222bb172e
2024-01-08 20:37:47
0
58
a4dff08fc781d05f6891d62c6108312014d564de48f1148c9c7600c7b1585e99
2024-01-08 20:37:47
0
58
6976c2cdc8fb012e1ecc3f32ca2bc1053da6fe15aaaff1ade611a7bd2b9474a4
2024-01-08 20:37:47
0
58
bddb629ecdf59c3a74474ff39f5592c13f3bd58cf5dd8887284c61a4f5422562
2024-01-08 20:37:38
0
58
8b49d773f2da1cc415db995b4b05a73f8930b6be8ca552913d23fba27c334ee4
2024-01-07 14:03:03
14
58
c48f8dca6fff0dbb26d9e12385f059b1e207bc260360a88a5d64f368183498cb
2024-01-07 08:36:49
0
58
e987d20bfa66de8c3424ed9dcd6e7bfab19a80928fb58d70730440fa4ded4844
2024-01-05 23:29:50
6
58
61e46161f7f190ff70f6616ced34e31f3369636a4c0a47ea346cd25f3f81058d
2024-01-05 23:25:41
20
58
998df9181db63f242928ead8fe8140cb93a1d38980dd4b2bed150bc2a899b573
2024-01-05 23:05:14
4
58
2a74026e24fcceccbbd0e1796add67db96660054364e7792cb85395725b83d9a
2024-01-05 23:04:45
4
58
7298aaf2261a5d6bb86d89bb87ae10b1c44cc3ca63859ba36603bde1abdc8e6f
2024-01-05 22:39:11
3
58
3c775652ce867b2515f98b8dcf468fe3d92afae8cd625af394de2175e3156cb8
2024-01-05 22:24:21
6
58
702fcc5ea0fe09d756f515896642f4c67c4cf396c1638c4a05ecb1d15783ed39
2024-01-05 22:22:58
6
58
fd6188ae019671b965b9abdf69b3802420d47099d63357903c38788631fa849e
2024-01-05 22:22:38
6
58
57a2426f98a87017134bb81dec863fafd0f114fe94e6544c2d7f0098ccb602fa
2024-01-05 21:30:05
3
58
135895c9c2a84934d41de55acad36717381ae701aa48364f401afbb89c3ff824
2024-01-05 02:37:41
11
57
bd986664e6a3ee1152661e416b42592a3d1978444675f656525ed7f8d1571a2d
2024-01-04 09:29:58
34
58
2bbfd2c2f4cf297ed2e3e775355a022f3f1fa220ea424cfab757384e654e6774
2023-12-30 21:11:13
0
60
03c0fa94f5abbb8b172a82d10ffa18b797bca7bfe8f2a8b3d6aa48251d0a6b91
2023-12-18 00:22:22
2
60
f9b8a377036cd6e16560d73278de284ee4ffbb61efc0eaf882a3e02a72abab2f
2023-12-09 04:11:59
2
60
9c606f0d476745a9acf505f16fb13556c4c06677a012f5fec8de62162b01f967
2023-12-04 18:13:24
40
61
c272d71b8183610a999d5e6b9007c5ead305641ead956a98b5ed88b3c1741216
2023-11-29 21:03:00
0
60
fc35a14afb866f155d5074737902c115276a93a54814924fc8b4fb4d5e539858
2023-11-16 20:12:19
12
60
9a56e338203259c3e25ff3ce108ca43f5b47e3a4a05b96c8c5ccece5e6d1fe82
2023-11-09 17:08:33
9
60
db9217e2b52a6ca75e72027b421fa2a9d0e5c32316ccef982f20baad7cc27ec6
2023-11-07 16:36:19
15
60
cc1ed559cd2d8d21205706ab2804853d24e2232a4654824745033b4534f7f19d
2023-11-06 19:46:51
6
60
81aac84e29a122107755b20833312460db0632b3584cf4b5603015ac90fb7b0d
2023-11-04 14:29:40
0
60
339881c24c5ce695e13d570bf74c077291c223ea5fa06e43269996fcf55e0cbb
2023-11-02 15:28:12
12
60
6e3dd4b197790b3515ca7cdc7554c4fde269959fccae28fc2240e2968ae130b8
2023-10-24 20:21:40
0
60
351ccd573dacf6d6a503129fc79e8059208d256e02c25416d9be950ea3786031
2023-10-24 20:17:00
0
60
8aa9c55be3e663411e8f13d9c30f36ebbb09d6e70ac465c0b044dd30204bc285
2023-10-24 20:16:59
0
59
2b2c934c6eb6933b6eef5fe7c8d8d8ff30b4e519c6de123c219e694a43a22eaa
2023-10-23 12:08:16
0
60
227b7d35e796a467ab665b7caff6f43c3c7e984c903d5e95c0e595629d7cbd04
2023-10-23 12:06:49
0
60
7a9fea3bd6c16c97321bd6f2ee8ddc4c06f861c35ee40f74f540151ee5be6c32
2023-10-19 07:47:19
21
60
9bb3743aec9578d37213e0b04a36769712f90cf54e32ec2150b68671eb66b416
2023-10-15 21:04:30
0
60
8237383d78d6510000bc841d1ff86f45c3f9c2a800233bec1547772e246f2c30
2023-10-10 08:10:41
28
60
adc3c87b3e857b1dd5ec4ff7106880aa43c345cb5e3dbf5eb67d6c65ed98d783
2023-10-10 01:47:58
36
60
1ef1ae561617ab0b640fb4ced8b8eca167dea26f2f96f04dd73d7530ba6c0901
2023-10-02 07:31:32
6
60
42301a71278d3123ca1e2ee12026b30972513ef5e36b1eca67869fc15deed015
2023-09-29 15:09:03
23
60
a3417036aa408e8200f5a81127f8b9a2349acd5cc194434620ad4a6323ca3be8
2023-09-28 20:39:06
20
60
2f3fe9c7733bf5e0da435502eaad228c31b31bd60d99bdd059bb143ec3ca8b82
2023-09-28 05:20:50
19
60
cd91ffc57bcf7fd74091055e4267b8e6f3bcf2dfed17d273af9d49f2ac73eb4c
2023-09-21 21:19:39
1
58
6faf6df1c8c8bc48f191ad0e2431240ea79752d1511a110f3b8666b0e28cb8d0
2023-09-16 14:38:48
0
59
cf9d5ecc5ed1611db1d9fcaacf0a92c76bc05b54116e19285c7d88d810a776bd
2023-09-14 03:09:42
7
59
45920c1538c4482a78d7af46eaeaccecf99faf9b8bed47483907973df6ab8de1
2023-09-13 18:30:02
12
59
90acab9e510c21eebc8603c63daca004a146b3ad978f91ea4c9fec3331c27a10
2023-09-13 18:26:49
9
58
4dfca3aaf2a49d4c8a059fb2113983fe8674788ea9e054023e9ef730cde332c0
2023-09-13 18:26:49
11
59
9fbf508f8069aefe60b778411cb44e37b8a906aa61ad262ce0e708dcae8d3c0d
2023-09-13 18:26:30
11
57
95b5bacd6e3c5edc93939111792d6b81746d8b09a1b01e9ed84231bacc993d98
2023-09-13 09:06:03
8
59
68f1357f2909e158f2a0759b44bec7648ef8af4edd1c0a3f0d33ae9634212f6d
2023-09-13 06:06:01
8
59
2dbd17cfa6e25e4acc1bb0b870a0284f3757a7cf488cbf85bb8caeeb840ee5e6
2023-09-13 05:22:58
9
59
9c39522f9af68fbc9082472e294dfb09858e794ef388c4945d36ab628bd43780
2023-09-12 19:27:11
7
58
c2b30d54e3d73eafb41ea229320719d505d6548fd3f614696bd3bf514d07ebfe
2023-09-12 18:18:25
8
59
cff534483040c98643c1d23cb0e26c695ddcc448dad8476530b7a931761fac3a
2023-09-12 18:12:36
8
59
4a1abbabc29dad2a2b85492e4ad43a5e38cac7664fb1a7651d474788c093b20c
2023-09-12 17:12:41
8
59
51d09e363d7434c360243c28cdc6f1089b03738ffe6bf832c3b72e89bf7bc32b
2023-09-12 02:12:44
0
59
6a4fefa7fa44ed238b0fe39f192f50022f67e5f43f95e11304585d6ecfd0f877
2023-09-10 22:38:08
9
59
9d12863805cf5ecaa514df9a8c957045e3a4c09609dbd4045c708bec7da1fa1d
2023-09-10 06:19:21
7
58
6af88d6a287236885e6b762c6bd49316c40e957f741030ec8845c34c29fdf51d
2023-09-09 23:12:21
7
58
2019f1be71e79f93175f2f176c49aaf9171c7a364856c136346f585551c5073d
2023-09-09 09:23:20
9
58
8bb8665f86eb76d75e937639fcd4a01bbd0b05f58b2573b49e2d5daadfa81a51
2023-09-09 03:21:15
5
57
42b03a30a33a07b4c13a050223cdf20bae6f1c5a8076730f55fbb8b046bfecb2
2023-09-09 03:20:45
6
58
f284d138fdfaf227c629117226f6cba81e36801ef776d6a6e003e5c9e6d5f74a
2023-09-09 03:19:32
6
58
02eeb68ba1e612272caece069f45d48e0a0326f251f31e9f63633a8cb7ca350f
2023-09-09 03:18:56
7
59
5a287ce4313273afaee941f7172b6b69ae9ae5550719e83cf49d8f90d6fcd5c6
2023-09-09 03:17:07
6
56
fe267929a6c7a7e5a223eecd4fdd9f069bc1e6156da35d6cef584d69d5c6829d
2023-09-09 03:12:56
9
59
47318eca50d6be6cb92476470cbb33aba3fac10edb5a7500a0b2a4de925e8b58
2023-09-09 02:23:39
8
58
40eb3ea22c14d897032c3128d65f500e051eec5ab273ff28d211d31b0d285dbc
2023-09-09 02:14:00
9
59
402a07c91f35a1b6b41d312c77a39deff9dacb911361764036ea13597d90d933
2023-09-08 19:47:40
6
59
0312e1a367db14cab8c4584cf8dcd084deff62bb2964598bfbc698c2bbf15da2
2023-09-08 19:47:32
6
59
bd1a5b7593c735e9022887955a9166b4483f4def67eccec6404e90a9b846898c
2023-09-08 19:45:28
6
59
f207eee8f43b7a822d01db46613163ed48c6e469d53a0a0abb5ba8269081164f
2023-09-08 19:45:28
6
58
849af8502a9c0a281315716c7aff2d226318e483b7800029ba49b3c4cd1e97b0
2023-09-08 19:45:15
6
59
2a31785e6ccfda0463a4c549dd68e0b93e651009d0160cc6e71983a07f0ec774
2023-09-08 19:45:11
6
59
5828e41bf2a888de1de812cbdf2e493437f95a9d0594dd67b8d46e2a27060091
2023-09-08 19:30:22
19
59
f5d39fe0973894f41c382f8a6850c6b67b1aee87439ae17aab82d0c5608093a9
2023-09-08 08:41:51
27
59
921d1a9fb9fd7731f8b3e2c29637f359607880a42d3b5a6845ca7f497fcffc7c
2023-09-07 23:08:50
7
59
09414141a0abcf9976fc44295db39e22cfbdd31d09b17b55b9310f290d1562a5
2023-09-07 19:20:57
6
59
2341224bea270b7a7bed4b2d00ec7ddff7102060e80a49803d497b5eb40df47b
2023-09-07 19:20:52
6
59
2c774ec8d002ea7ce37ec303d7a78a67d688a8974862f79546e653d52f99465f
2023-09-07 19:20:46
6
59
a25ae2e0c8e3c04a3b36fc4e28d2c410b339fd74a1c709015b6ba247d00da063
2023-09-06 22:10:27
6
59
e3c0678def1a429576c58745a35d9a7c1ac8f4903e94bc4545436801069bb3d9
2023-09-06 19:19:06
6
59
19d1905848d13e61eaf5b9ab0c746fcc1a99c4065429a2bb1dedaacca0f0e204
2023-08-24 21:21:58
4
59
a655744faae0b5b721368c9bd9d608ecee9ee311d9f5b7c3a54ab01fbe950495
2023-08-23 23:22:20
4
59
aacaaf6769825580401c0920354dc6301fff5c08fdde3f754b28e359c6ba300e
2023-08-23 17:40:19
0
59
d83d54c59d5d03693ef620adc0bf5de55c0bb7f30bdd675032e18f8263f621e7
2023-08-22 17:33:42
4
58
6f5e4f93a949b1ac116b935b8d0b4038b51f654172ca8debcc7a07898e0fbc12
2023-08-16 20:46:09
38
59
5df793ee7cad1ea60771a31717a5bc25129c684bae6aedd941d69fa0fad88a7b
2023-08-10 16:01:06
16
59
b29cf812f2764c3052f09e9d4c1a6de0e93615a861ff7b7178ba7fc2b560e4ec
2023-08-07 18:58:07
19
59
58ed5ecd587ecd792ea101126fee94a8e148ae302d9f2dd5d6c97987cd25abcf
2023-08-07 18:53:54
18
59
5880612a4261ef3b2ee02924c79968163f5da06b4fecc47c85c2d55b72a94392
2023-08-03 07:25:15
9
59
734666652f013df6bb435fe22fdd811274efb8e09e3fef9a2495396319d1d1e5
2023-08-01 20:05:06
4
58
45efde643093b8253cf25aa8f33d5108a9bf697b7f0baa5960196f1086bf9b16
2023-08-01 20:04:21
3
56
8d17647a9361664ef5cae3204cbc339c759f57fbf3866967807763c990532a60
2023-08-01 20:02:35
4
58
5376fbcbec65bd3fb382f0b9be6ff130828827afa598102c36c41dbe072dda64
2023-08-01 20:00:27
4
59
3a0a405b4dea20fe6030a27cda6fe41e2144c4feecdd344df6a9956b321ffaf7
2023-08-01 08:00:19
0
55
c72a462a6681af6ab07b04c9ac16f09d613fd19cc0380651f5c184a877563be6
2023-07-28 20:58:30
4
59
8fae21b7c4ede8fcd982146d81fa74eebb5cbc77abddf7dcd521910b54e357e9
2023-07-24 20:47:03
4
59
fde0bfe52aca614c07fdf5e1b9f2e8c8b8984ff6527c9d5d391d41f676315704
2023-07-21 20:16:31
2
59
73c2faa726f842aee463073ebe4734d182d5f6e2df7c284ca3437d54e185f0ba
2023-07-21 20:16:31
2
58
39793f577e9bc23d9ad886bdbb9d6ad7ea115fc590b9dd12ed0bb14b04da0c27
2023-07-21 20:16:31
2
59
ea80ee2c3e8fb549c857b759b87ba4c5e34fc29e0c366ac4a2f2e15de18586b9
2023-07-21 20:16:31
2
58
79a31279ebd378fe6ab1fbb3f5abd5f5184001e3938f03fe49cd2c45db640a04
2023-07-21 20:16:31
2
59
812e842bf4e407787e27a5dc9e966d753bd59aa0cc2f9e6076a0b532729c8c38
2023-07-21 20:16:31
2
54
9a35e5d6686e52ea009ffa0f0fa9716df7668053e4491524af56ac23683ea354
2023-07-21 20:16:31
2
59
c91a7d7b1b83cca10e4e80ce106712ae736aebe0871ed2da1bb863d34efbb62e
2023-07-21 20:16:30
2
59
456fd4b73a08cba7e397aafa6909d2e7cd98b6088c691a5af87557c39673c5ff
2023-07-21 20:16:30
2
59
36f72d9f13b50416c643b0037d3d39f1b3cd967ea1300d9fd6d89e3925b920af
2023-07-21 20:16:30
2
59
cacf033f85dc55406463a48409acbc01fdc51a8d4e095518942e99493548b4c8
2023-07-21 20:16:30
2
59
bb029516e7ad0445b14c3f7ec0b6f9043705bca9f2684157bfa4f2c20dacfc80
2023-07-12 23:17:47
2
56
39be9c2b0843ba482d8b355a08bafb59c84634cca014ec2b75c3b94aedd3eecc
2023-07-12 19:33:06
1
58
17fb27ce1ee0f118f86d7e2a6edad19ba7ae06374f635fce59bdc3b33ba84447
2023-07-12 07:26:26
0
59
34da594da88d843aa70a5a8e88d826e60b5dbfb990987821f625429f32412389
2023-07-04 01:38:21
0
59
3a39ac7f9062d027d43ec93ba24041119b2c95a0c5ec476f3f5d7f6dd79b99a0
2023-07-01 11:38:30
0
59
0b37eceb56d7e04cc8ea272d81fe9909fce0af6cc73d7057f0e1f9adb82ee2ce
2023-06-29 23:20:42
2
59
3ff468756f00df3f3e032ac6517afc207c64b9b7857621d103e3c215f8b89117
2023-06-23 21:22:12
0
59
266efd1cbb758304a1e7517df8b8cc41c01479bece4f671838d9d7ae0b6d5401
2023-06-23 13:28:28
29
59
8b49769c7470ef507a81901b8506ebfbca6cca8e6b313b7d12bf4ea1e3c05abd

Rule Matches per Month (last 24 months)

THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022