Report Overview
Submitted URL
amlpages.com/Source/TwinkiePaste_pe.zip
IP
91.189.114.23
ASN
#48287 Jsc Ru-Center
Submitted
2024-04-23 09:02:22
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
7
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
amlpages.com | unknown | 2006-12-09 | 2012-06-18 | 2024-04-18 | 409 B | 2.3 MB | 91.189.114.23 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
Files detected
URL
amlpages.com/Source/TwinkiePaste_pe.zip
IP
91.189.114.23
ASN
#48287 Jsc Ru-Center
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.3 MB (2323373 bytes)
Hash
6f7c33477c12a5d4280a8f3e57007feb
8ff0f9ffc3baa1c1d2bef39ec5d59296f5be833c
Archive (92)
Filename | Md5 | File type | |||
---|---|---|---|---|---|
TwinkiePaste.dll | 79e55bf5fbede0ffe5207fc4adb2a02f | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections | |||
htmlayout.dll | dd305582564b7973909265167faacce4 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | |||
msvcp60.dll | 46a6ba9274d075a2c30025c4e96d875a
| PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections | |||
GGSoundUtil.dll | ec0da6271fbcfa43a96bf22db8536268 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections | |||
TwinkiePaste.exe | ee6c59aa07250f3e04a666d68d60e156
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | |||
TwinkiePasteEditor.exe | 2c85bba3f972efadfe854eff95aec6a9
| PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections | |||
TwinkiePaste_Welcome.exe | fe9c1fd42720d53c057b47f629372ec8
| PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections | |||
TwpWaitingFor.exe | b108dac04bf622872c8a53d8c7e2a14a
| PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections | |||
Twp_Exit.exe | 0bb2416f990701778c2051e84b421167
| PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections | |||
already_work.wav | 4951659fc00ec5ad7784b59ebe034306 | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 8000 Hz | |||
kbd.wav | 6cae9d62c9370f323ec29cff9fa6d188 | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 11025 Hz | |||
launch.wav | bcf65f891010c497fef4de7ee40229a6 | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz | |||
menu.wav | 3becbd5c991dc3347072c53107606eac | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 11025 Hz | |||
paper.wav | a8247ab0e29bd09c80cea3f4359f331e | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 16000 Hz | |||
start.wav | 87de13277c6d6359503239ff370bf486 | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 16000 Hz | |||
start_as_admin.wav | 787dd8d3589c63c71bc03ad3e3a7ba11 | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 16000 Hz | |||
start_OLD.wav | fca355d636e44f6b8611bcc5606116a8 | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 8000 Hz | |||
wherepane.wav | c9eb5b77307d955505d512c7160032c3 | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 8000 Hz | |||
twinkiepaste_edit.bat | d9907d00a8437eb867e4c885eb718c65 | ASCII text, with no line terminators | |||
twinkiepaste_register.bat | d70952b57a6ce1c70959fd03e49b7685 | ASCII text, with no line terminators | |||
twinkiepaste_showmenu.bat | 5aabb6d02266975cbcd9941de13e7212 | ASCII text, with no line terminators | |||
ReadMe_PORTABLE.txt | 052fb381b75fbdf6ec32a658ecd395e9 | ISO-8859 text, with CRLF line terminators | |||
history.txt | 2785d9cbd22408a05de1c043004f9cc0 | Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | |||
GoodDay_En.twinkiepaste | a6fe0cc66355b59c3445b668de91c14c | XML 1.0 document, ASCII text, with CRLF line terminators | |||
GoodDay_Ru.twinkiepaste | 0373f6ab1cf07c0206558542fec2df95 | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
GoogleSearch.twinkiepaste | 146944738c4e9702eb247da2d4ee26b4 | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
GoogleTranslate.twinkiepaste | 6cf2380ce4020167db425e5734fbd392 | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
MSDN_Search.twinkiepaste | 2bec23223058554e4737bf6e39d583b3 | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
OpenASURL.twinkiepaste | b0f4d5617e8fb6112cc4da875bab7296 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | |||
Sound.twinkiepaste | 65d376a1ded68538dd50d64067f3105c | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
Summa_prop.twinkiepaste | e3f9c25e9a040853d4c9fbcca4ce2dee | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
TwinkiePaste_Bug_Report.twinkiepaste | 790eb2f94e44b5e29f108286c19d9839 | XML 1.0 document, ISO-8859 text, with CRLF line terminators | |||
VC.twinkiepaste | 6e1bd187252b07f2ec87e19aaac649d4 | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
YandexSearch.twinkiepaste | d00139884ecb63ebe57f022c4ec3520f | XML 1.0 document, ISO-8859 text, with CRLF line terminators | |||
YandexTranslate.twinkiepaste | a99cf0a8a563900d8bef01bd3e530542 | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
Aml_Maple.twinkiepaste | ec93b8d8460887cf806591ed4decb90c | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
Aml_Pages.twinkiepaste | e930b83889d0cc4bf8ff20187f4a125c | XML 1.0 document, ISO-8859 text, with CRLF line terminators | |||
Official_Web_Site_Of_TwinkiePaste.twinkiepaste | 9ea032433cbb1d860437778047827aa3 | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
Article_SP.twinkiepaste | a252ec1b85965658d149e1c4dbf6ab11 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | |||
fb.twinkiepaste | 09237cd332eecd6dc61f84c88b3ffc8d | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
Forum.twinkiepaste | a80d244a8e3e6dee42f366c90c7b299d | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
MailTo.twinkiepaste | 6177591fa321ef68f9f33d5ecbb1a4db | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
Support.twinkiepaste | 8d25075ae5695c2675fae7a929a057e5 | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
vk.twinkiepaste | 190b1c8c196667734c7eb9369aaffd36 | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
WebSite.twinkiepaste | 2b2b18fb3f927a0aca682702fb20e7fe | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
BOLD.twinkiepaste | 456661e0b610c18f27363163c2dd450c | XML 1.0 document, ASCII text, with CRLF line terminators | |||
ITALIC.twinkiepaste | 3808ca0e22c05bbb863573ce6587a251 | XML 1.0 document, ASCII text, with CRLF line terminators | |||
LI.twinkiepaste | a123d3fe2bbb51fd4d2ce81a8c0a342b | XML 1.0 document, ASCII text, with CRLF line terminators | |||
STRIKEOUT.twinkiepaste | 7a22a3f4ff733318bfd3917f79d19413 | XML 1.0 document, ASCII text, with CRLF line terminators | |||
UNDERLINE.twinkiepaste | a004e00fd444cb2caa6ebab4248108ad | XML 1.0 document, ASCII text, with CRLF line terminators | |||
A_HREF.twinkiepaste | 2eba885048966e0a263784e6cf17b36e | XML 1.0 document, ASCII text, with CRLF line terminators | |||
A_HREF_TARGET_blank.twinkiepaste | 2b285eda6f50354f3a84c961a22a0667 | XML 1.0 document, ASCII text, with CRLF line terminators | |||
B_B.twinkiepaste | a28e454df349504de618e0b02efef971 | XML 1.0 document, ASCII text, with CRLF line terminators | |||
IMG.twinkiepaste | 45c1a55dd030d80d1214330d0c1b84ce | XML 1.0 document, ASCII text, with CRLF line terminators | |||
I_%SELECTED_TEXT%_I.twinkiepaste | c02f50e162e8a3fa149e6b41c0083b21 | XML 1.0 document, ASCII text, with CRLF line terminators | |||
Quotes.twinkiepaste | 48ba6f035584e0ebd1fda028bb15beaf | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
STRONG_%SELECTED_TEXT%_STRONG.twinkiepaste | f7bc5f6d2c02495771c04653c8f19afa | XML 1.0 document, ASCII text, with CRLF line terminators | |||
S_%SELECTED_TEXT%_S.twinkiepaste | 66953025453bda2f0600b786ce370abd | XML 1.0 document, ASCII text, with CRLF line terminators | |||
URL_-_TEXT.twinkiepaste | 840800e0fc16afdae95819bcc00cf6ce | XML 1.0 document, ASCII text, with CRLF line terminators | |||
Date.twinkiepaste | 66ffe7555094c8e82abb53404c29d895 | XML 1.0 document, ASCII text, with CRLF line terminators | |||
Date_Full+Time.twinkiepaste | c4c7e8dfa67a37ff6923a8f3a62b2569 | XML 1.0 document, ASCII text, with CRLF line terminators | |||
Date_Only.twinkiepaste | 6137e0e42c8d0dc07da36830075b588e | XML 1.0 document, ASCII text, with CRLF line terminators | |||
FOLDER_SELF.twinkiepaste | 924ddbe6e460b5ce467663bec5489511 | XML 1.0 document, ASCII text, with CRLF line terminators | |||
Time_Only.twinkiepaste | 573ec20f24be1eec30b24e622debff1d | XML 1.0 document, ASCII text, with CRLF line terminators | |||
%LOWER_SELTEXT%.twinkiepaste | b6f66c5778585593b320fb492c93e29d | XML 1.0 document, ASCII text, with CRLF line terminators | |||
%UPPER_SELTEXT%.twinkiepaste | c48a58f972d756f7d3b23153edabfb29 | XML 1.0 document, ASCII text, with CRLF line terminators | |||
Qutes_1.twinkiepaste | 0a7d0e3611f92fa17bd556baefb07f2f | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
Qutes_2.twinkiepaste | 6cdef2cc4d644ec745022f7a8d2e1a2d | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
GoogleDoc.twinkiepaste | 7a2b79e3ec7f99bec9f4ce279c63248b | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
GoogleForm.twinkiepaste | 6b3e6ddd62ac7c32cad5a531b05909af | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
GoogleKeep.twinkiepaste | c85645c2cebaf4519fa7d706fbc82e04 | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
GooglePresent.twinkiepaste | d95b7adc0901455c04e3b9fefa81fd6b | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
GoogleSheet.twinkiepaste | f3995cc4d397cd5bf3d311ccea869add | XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators | |||
French.lng | e9021a1d6730791a335d9229a8b1f0b9 | Unicode text, UTF-16, little-endian text, with CRLF line terminators | |||
German.lng | db3141883fcd2622a17951216b063ca6 | Unicode text, UTF-16, little-endian text, with CRLF line terminators | |||
Indonesian.lng | b32702e467b9a6ee6b2b6ad5e56057df | Unicode text, UTF-16, little-endian text, with CRLF, LF line terminators | |||
Italian.lng | 4985b1ec469e8562105d56fc6eadbe35 | Non-ISO extended-ASCII text, with very long lines (318), with CRLF, NEL line terminators | |||
Magyar.lng | 583e4a7ed07db61cede5c049f50472bb | Unicode text, UTF-16, little-endian text, with CRLF line terminators | |||
Polish.lng | 3f5dcd34695a6cd6c0bd7a20d1a25498 | Unicode text, UTF-16, little-endian text, with CRLF, CR line terminators | |||
Russian.lng | 6b51445b3e51affa4fc114e4f1ff201f | Unicode text, UTF-16, little-endian text, with CRLF line terminators | |||
Spanish.lng | d76c23813be834f91a6cf652a602036d | Unicode text, UTF-16, little-endian text, with CRLF line terminators | |||
Turkish.lng | 12ffc4f73a6e874f19f0d27d1ac9283d | Unicode text, UTF-16, little-endian text, with CRLF line terminators | |||
Ukrainian.lng | e747adb74d56b3b104637c2c266d8e51 | Unicode text, UTF-16, little-endian text, with CRLF, LF line terminators | |||
ext_style.css | 0854314bb56462892e4f68d77e4cef39 | ASCII text, with CRLF line terminators | |||
external.png | 8ea7563eac773be6a466fd8a9866a411 | PNG image data, 10 x 10, 8-bit colormap, non-interlaced | |||
logo.ico | c280141bc512f87abc4010097fc4df70 | MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel | |||
twinkiepaste.ico | 186b6e82941c8d5c397be18c62a00f54 | MS Windows icon resource - 1 icon, 16x16 | |||
twinkiepaste.png | bdb4ae1e2d06648d325bcdcbd769dec1 | PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced | |||
welcome.html | bea1cf55a2e8c8b49cae0c3b53dd6728 | HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (432), with CRLF line terminators | |||
welcome.html | 03a967fccaadb6c1c2dea56c052bd8f6 | HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (432), with CRLF line terminators | |||
welcome.html | 27fe68e2cd9754bf09a2a55ac5bb04d1 | HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2191), with CRLF, LF line terminators | |||
welcome.html | cfc3f28ac4ea1eb602830fcd59f93068 | HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (465), with CRLF line terminators |
Detections
Analyzer | Verdict | Alert |
---|---|---|
VirusTotal | suspicious |
JavaScript (0)
No Javascripts found
No Javascripts found
No Javascripts found
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
amlpages.com/Source/TwinkiePaste_pe.zip | 91.189.114.23 | 200 OK | 2.3 MB | |||||||
Detections
HTTP Headers
| ||||||||||