Report - osdn.ip-connect.vn.ua/slunkcrypt/78067/slunkcrypt.2022-12-12.cygwin.zip

Report Overview

Submitted URL
osdn.ip-connect.vn.ua/slunkcrypt/78067/slunkcrypt.2022-12-12.cygwin.zip
IP
91.236.251.35
ASN
#57944 IP-Connect LLC
Submitted
2024-05-07 06:58:22
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
osdn.ip-connect.vn.ua	unknown	2012-02-27	2020-10-06	2024-03-15	525 B	3.1 MB	91.236.251.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
osdn.ip-connect.vn.ua/slunkcrypt/78067/slunkcrypt.2022-12-12.cygwin.zip
IP
91.236.251.35
ASN
#57944 IP-Connect LLC

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
3.1 MB (3140896 bytes)
Hash
f4b73e2268c44348fe5cdc77fe66616f
ba88a21ac7095f7d541b0e121edc9516b063e97f
10f6c308363b96ad858ca1a8ce9993a21c60bd44f6c7d6eb7d44f6798a348617

Archive (8)

Modified	Filename	Size	Md5	File type
2022-12-12 16:37	build_info.txt	173 B	1ad1d0778b4d77a4bcab4e54f504fca8	ASCII text
2022-12-12 16:36	cygwin1.dll	3.3 MB	e1ce558bbbb27f6ad77c6212e28d66f2	PE32 executable (DLL) (console) Intel 80386, for MS Windows, 13 sections
2022-12-12 16:36	slunkcrypt-i686.exe	426 kB	e3deadf02fbb9f69c39d948aab74ba57	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 9 sections
2021-04-28 18:46	LICENSE.txt	7.2 kB	473a7959b44c2f42c375d904305b6307	ASCII text, with CRLF line terminators
2022-12-12 16:22	README.html	520 kB	64e635563b349d850b99f806c45da2ec	HTML document, Unicode text, UTF-8 text, with very long lines (56271), with CRLF line terminators
2022-12-12 16:35	build_info.txt	171 B	665426b5981da1a241b4c826f84e8dd2	ASCII text
2022-12-12 16:34	cygwin1.dll	3.6 MB	58d3e6fa30f11516d45a2236709e4ac5	PE32+ executable (DLL) (console) x86-64, for MS Windows, 14 sections
2022-12-12 16:34	slunkcrypt-x86_64.exe	412 kB	9c03a73d302b1fc83aa0c326d813d6f9	PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/66

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

osdn.ip-connect.vn.ua/slunkcrypt/78067/slunkcrypt.2022-12-12.cygwin.zip

91.236.251.35

200 OK

3.1 MB

URL User Request GET HTTP/2
osdn.ip-connect.vn.ua/slunkcrypt/78067/slunkcrypt.2022-12-12.cygwin.zip
IP
91.236.251.35:443
ASN
#57944 IP-Connect LLC

Certificate
IssuerLet's Encrypt
Subjectosdn.ip-connect.vn.ua
Fingerprint0C:C5:C1:BE:4B:58:E7:BF:9E:6C:86:76:0C:75:68:11:71:5F:7D:72
ValidityFri, 26 Apr 2024 12:25:52 GMT - Thu, 25 Jul 2024 12:25:51 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
3.1 MB (3140896 bytes)
Hash
f4b73e2268c44348fe5cdc77fe66616f
ba88a21ac7095f7d541b0e121edc9516b063e97f
10f6c308363b96ad858ca1a8ce9993a21c60bd44f6c7d6eb7d44f6798a348617

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/66

HTTP Headers

GET /slunkcrypt/78067/slunkcrypt.2022-12-12.cygwin.zip HTTP/1.1
Host: osdn.ip-connect.vn.ua
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 06:57:55 GMT
content-type: application/zip
content-length: 3140896
last-modified: Mon, 12 Dec 2022 23:15:58 GMT
etag: "6397b62e-2fed20"
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (8)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers