Report - www.autohotkey.com/download/ahk-v2.zip

Report Overview

Submitted URL
www.autohotkey.com/download/ahk-v2.zip
IP
104.21.89.135
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 09:38:03
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.autohotkey.com	570448	2003-12-29	2012-05-24	2024-04-17	492 B	3.1 MB	172.67.159.204

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.autohotkey.com/download/ahk-v2.zip
IP
172.67.159.204
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
3.1 MB (3116471 bytes)
Hash
3ed9f0e3b4b2e6fc3e83dfba8cf42eb1
87648036c8d787fe6421cfe3a796fb585df2dc64
4c517113f22937a313921b73c9b25463cc7ed0b77d9cf42b08b6443184e52e90

Archive (35)

Filename

Md5

File type

AutoHotkey.chm

e42714518b26bc65d26b813e182f90cd

MS Windows HtmlHelp Data

AutoHotkey32.exe

8bc086a1ce0b394de31cd415a3cd0e87

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

AutoHotkey64.exe

825448610a8213a8408578df2361d5eb

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

Install.cmd

4cfb569d3628b7e14e729de9956cc24b

DOS batch file, ASCII text, with CRLF line terminators

license.txt

e3f2ad7733f3166fe770e4dc00af6c45

ASCII text, with CRLF line terminators

bounce-v1.ahk

165b8fc572f943e3665994f87f1772b7

C source, ASCII text, with CRLF line terminators

CommandLineToArgs.ahk

e8d9a7e78d6a2a40bfb532b4812bde59

ASCII text, with CRLF line terminators

common.ahk

dac79ad5a978f0497de70a005b6a6084

C source, ASCII text, with CRLF line terminators

config.ahk

248b58535f55eb55d9baec04a384b5e6

ASCII text, with CRLF line terminators

CreateAppShortcut.ahk

2ffbde65b63790c5aa12996e9ef9068c

ASCII text, with CRLF line terminators

EnableUIAccess.ahk

65d05ec61cca0547e218655e65e5ea7c

ASCII text, with CRLF line terminators

GetGitHubReleaseAssetURL.ahk

1a8ab9bb38fd0da51d03dc48e3a0b2ea

ASCII text, with CRLF line terminators

HashFile.ahk

727ae6f2ec77a5b56774df9da14636d2

ASCII text, with CRLF line terminators

identify.ahk

3e5c97e6c3a76686329c81fba864b26b

C source, ASCII text, with CRLF line terminators

identify_regex.ahk

f27f09d324016bd49d2da38901e79a61

ASCII text, with very long lines (3982), with CRLF line terminators

launcher-common.ahk

696750c1861231d07ff4548ad4360dc8

C source, ASCII text, with CRLF line terminators

README.txt

4b095aae00456aa248024a184671e4d5

ASCII text, with CRLF line terminators

ShellRun.ahk

9e53fca8c7f6a9ee179f0fc0a7890ea3

ASCII text, with CRLF line terminators

spy.ico

eeecd8af162d3f318496e0e60d6d8c57

MS Windows icon resource - 4 icons, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48 with - PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced, 32 bits/pixel

ui-base.ahk

f4251e653dbbbdd8cf4640bd9855c207

ASCII text, with CRLF line terminators

install-ahk2exe.ahk

c90bed0679b789b74e4865ae6f2709a3

C source, ASCII text, with CRLF line terminators

install-version.ahk

30b87fbfadc592c38be9d82edf597fa3

C source, ASCII text, with CRLF line terminators

install.ahk

817e7747dcff942d2f1e65cec536cbf5

C source, ASCII text, with CRLF line terminators

launcher.ahk

596b69069bbbcc9a22ac26bba6efe546

C source, ASCII text, with CRLF line terminators

reload-v1.ahk

35f4753a58432446b99bf89a9e930bf5

ASCII text, with CRLF line terminators

reset-assoc.ahk

0299132478b49e3eb706c214bf32e62f

C source, ASCII text, with CRLF line terminators

Minimal for v2.ahk

cdc8756680c459bd511d2bd2895fe2b2

ASCII text, with CRLF line terminators

ui-dash.ahk

669bd791c5aafb60ee0885ef064d3622

HTML document, Unicode text, UTF-8 text, with CRLF line terminators

ui-editor.ahk

82eb574294ff4e2e7461b95f5bad0a87

C source, ASCII text, with CRLF line terminators

ui-launcherconfig.ahk

852bf007a6ddd80a2e5c9d82d874cf45

C source, ASCII text, with CRLF line terminators

ui-newscript.ahk

1b88198b4bd36eb25e23dc412321a555

C source, ASCII text, with CRLF line terminators

ui-setup.ahk

dd3f9c2f9115689f4350896752f15926

C source, ASCII text, with CRLF line terminators

ui-uninstall.ahk

0fe4932669e99a498a7bc76975919000

C source, ASCII text, with CRLF line terminators

WindowSpy.ahk

e2067d978526b83a1da967f16a69c125

ASCII text, with CRLF line terminators

WindowSpy.ahk

1b081984b7c90528e03e67096f001e5f

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	suspicious	VirusTotal - Scan result 6/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.autohotkey.com/download/ahk-v2.zip

172.67.159.204

200 OK

3.1 MB

URL User Request GET HTTP/2
www.autohotkey.com/download/ahk-v2.zip
IP
172.67.159.204:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectautohotkey.com
Fingerprint35:79:01:86:31:43:0D:AC:5E:1F:CA:A5:32:B3:02:A6:31:5A:4E:BB
ValiditySat, 16 Mar 2024 09:53:16 GMT - Fri, 14 Jun 2024 09:53:15 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
3.1 MB (3116471 bytes)
Hash
3ed9f0e3b4b2e6fc3e83dfba8cf42eb1
87648036c8d787fe6421cfe3a796fb585df2dc64
4c517113f22937a313921b73c9b25463cc7ed0b77d9cf42b08b6443184e52e90

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 6/65

HTTP Headers

GET /download/ahk-v2.zip HTTP/1.1
Host: www.autohotkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:37:36 GMT
content-type: application/octet-stream
content-length: 3116471
content-description: File Transfer
cache-control: must-revalidate
pragma: public
expires: 0
content-disposition: attachment; filename="AutoHotkey_2.0.12.zip"
cf-cache-status: HIT
age: 6443
last-modified: Thu, 18 Apr 2024 07:50:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPQqXjN7%2FRVgTTkkuD3URCi3maaEAflx05b6%2FB09HmyCSPT1O1kpkL5dcIZEGljoJJ7%2Fc7E8Lomrn4Sqz5AG3EjzZfejx%2FHAwCjKwRS%2F9E4TuBMkcDLbrfqk24ktjGHBOB4DIIE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ad5c2edb56c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (35)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers