{ "type": "URL", "indicator": "http://hypertechcenter.com", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "http://hypertechcenter.com", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 4109402874, "indicator": "http://hypertechcenter.com", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 1, "pulses": [ { "id": "688c68bb217706e5d3e8212c", "name": "Typosquatting DGA used for espionage targeting resident/s", "description": "Typosquatting /URL hijacking targeting a US community. |\n#phishing #virtool #redirects #backdoor #sinkhole #simbda #locating #tracking #email_hijacking #espionage_via_locate_and_track #checkin\n-Unsupported/Fake Internet Explorer Version MSIE 2.\n_Unsupported/Fake Windows NT Version 5.0\n_Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz\nYara Detections\n\u2022 generic_shellcode_downloader\nAlerts:\n\u2022 procmem_yara\n\u2022 injection_inter_process\n\u2022 injection_create_remote_thread\n\u2022 antidebug_windows\n\u2022 multiple_useragents\n\u2022 network_fake_useragent\n\u2022 cape_detected_threat\n\u2022 antiav_detectfile\n\u2022 deletes_self\n\u2022 infostealer_cookies\n\u2022 injection_createremotethread\n\u2022 network_questionable_http_path\n\u2022 suricata_alert\n\u2022 anomalous_deletefile\n\u2022 dynamic_function_loading\n\u2022 http_request\n\u2022 createtoolhelp32snapshot_module_enumeration\n\u2022 enumerates_running_processes\nprocess_", "modified": "2025-08-31T06:01:31.901000", "created": "2025-08-01T07:11:55.364000", "tags": [ "address google", "safe browsing", "entries", "bq may", "bq jun", "virtool", "next associated", "bq sep", "registered", "united", "showing", "urls show", "trojan", "date", "backdoor", "formbook cnc", "checkin", "passive dns", "cnc checkin", "twitter", "expiration date", "name servers", "div div", "span", "associated urls", "show", "date checked", "url hostname", "server response", "ip address", "google safe", "results jun", "present oct", "entries http", "response ip", "present dec", "present feb", "present jan", "files show", "date hash", "avast avg", "b may", "bq apr", "win32", "cryp", "bq mar", "bq feb", "win32clipbanker", "mtb may", "dynamicloader", "msie", "windows nt", "slcc2", "media center", "high", "medium", "yara rule", "et trojan", "http", "possible", "copy", "internal", "mtb feb", "mtb aug", "mtb nov", "mtb jul", "mtb apr", "mtb jun", "results oct", "adwaresig", "checked url", "hostname server", "present jun", "results jul", "present sep", "next http", "scans show", "search", "a domains", "script urls", "situs judi", "online slot", "gacor slot88", "agen judi", "bola sbobet", "script domains", "results sep", "meta", "encrypt", "win32cve apr", "ransom", "as16509", "as29791", "next", "unknown", "top source", "top destination", "suspicious", "sha256", "ids detections", "less see", "contacted", "pulse pulses", "av detections", "yara detections", "alerts", "analysis date", "file score" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1063", "name": "Security Software Discovery", "display_name": "T1063 - Security Software Discovery" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 16, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Q.Vashti", "id": "337942", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 537, "URL": 173, "hostname": 25, "FileHash-MD5": 504, "FileHash-SHA1": 495, "domain": 79, "CVE": 1, "email": 1 }, "indicator_count": 1815, "is_author": false, "is_subscribing": null, "subscriber_count": 142, "modified_text": "275 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 1859 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/hypertechcenter.com", "whois": "http://whois.domaintools.com/hypertechcenter.com", "domain": "hypertechcenter.com", "hostname": "Unavailable" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 1, "pulses": [ { "id": "688c68bb217706e5d3e8212c", "name": "Typosquatting DGA used for espionage targeting resident/s", "description": "Typosquatting /URL hijacking targeting a US community. |\n#phishing #virtool #redirects #backdoor #sinkhole #simbda #locating #tracking #email_hijacking #espionage_via_locate_and_track #checkin\n-Unsupported/Fake Internet Explorer Version MSIE 2.\n_Unsupported/Fake Windows NT Version 5.0\n_Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz\nYara Detections\n\u2022 generic_shellcode_downloader\nAlerts:\n\u2022 procmem_yara\n\u2022 injection_inter_process\n\u2022 injection_create_remote_thread\n\u2022 antidebug_windows\n\u2022 multiple_useragents\n\u2022 network_fake_useragent\n\u2022 cape_detected_threat\n\u2022 antiav_detectfile\n\u2022 deletes_self\n\u2022 infostealer_cookies\n\u2022 injection_createremotethread\n\u2022 network_questionable_http_path\n\u2022 suricata_alert\n\u2022 anomalous_deletefile\n\u2022 dynamic_function_loading\n\u2022 http_request\n\u2022 createtoolhelp32snapshot_module_enumeration\n\u2022 enumerates_running_processes\nprocess_", "modified": "2025-08-31T06:01:31.901000", "created": "2025-08-01T07:11:55.364000", "tags": [ "address google", "safe browsing", "entries", "bq may", "bq jun", "virtool", "next associated", "bq sep", "registered", "united", "showing", "urls show", "trojan", "date", "backdoor", "formbook cnc", "checkin", "passive dns", "cnc checkin", "twitter", "expiration date", "name servers", "div div", "span", "associated urls", "show", "date checked", "url hostname", "server response", "ip address", "google safe", "results jun", "present oct", "entries http", "response ip", "present dec", "present feb", "present jan", "files show", "date hash", "avast avg", "b may", "bq apr", "win32", "cryp", "bq mar", "bq feb", "win32clipbanker", "mtb may", "dynamicloader", "msie", "windows nt", "slcc2", "media center", "high", "medium", "yara rule", "et trojan", "http", "possible", "copy", "internal", "mtb feb", "mtb aug", "mtb nov", "mtb jul", "mtb apr", "mtb jun", "results oct", "adwaresig", "checked url", "hostname server", "present jun", "results jul", "present sep", "next http", "scans show", "search", "a domains", "script urls", "situs judi", "online slot", "gacor slot88", "agen judi", "bola sbobet", "script domains", "results sep", "meta", "encrypt", "win32cve apr", "ransom", "as16509", "as29791", "next", "unknown", "top source", "top destination", "suspicious", "sha256", "ids detections", "less see", "contacted", "pulse pulses", "av detections", "yara detections", "alerts", "analysis date", "file score" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1057", "name": "Process Discovery", "display_name": "T1057 - Process Discovery" }, { "id": "T1063", "name": "Security Software Discovery", "display_name": "T1063 - Security Software Discovery" } ], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 16, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Q.Vashti", "id": "337942", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 537, "URL": 173, "hostname": 25, "FileHash-MD5": 504, "FileHash-SHA1": 495, "domain": 79, "CVE": 1, "email": 1 }, "indicator_count": 1815, "is_author": false, "is_subscribing": null, "subscriber_count": 142, "modified_text": "275 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "http://hypertechcenter.com", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "http://hypertechcenter.com", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780415976.7811131 }