www.quantumsoftware.com.au/Downloads/ExchangeConnector.msi
301 Moved Permanently 185 B URL User Request GET HTTP/2 www.quantumsoftware.com.au/Downloads/ExchangeConnector.msi
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject*.quantumsoftware.com.au
Fingerprint7A:0C:89:12:AA:22:C5:CC:66:59:F9:2A:A9:BB:94:0C:62:1E:ED:80
ValiditySun, 25 Feb 2024 11:45:00 GMT - Sat, 25 May 2024 11:44:59 GMT
File type HTML document, ASCII text
Hash 49ae7bc075d8e47c400a264d968e13fd
bed018d772c40dffc5ea4a48288ed95546a7dbdc
c667a3cbb208e41b4bb3c558ea448714a64766e0f117a4c28cc0857bc0651d7d
GET /Downloads/ExchangeConnector.msi HTTP/1.1
Host: www.quantumsoftware.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://downloads.quantumsoftware.com.au/ExchangeConnector.msi
x-frame-options: deny
content-security-policy: default-src 'self' https://google.com/ https://*.google.com/ https://gstatic.com/ https://*.gstatic.com/ https://googleapis.com/ https://*.googleapis.com/ https://google-analytics.com/ https://*.google-analytics.com/ https://googletagmanager.com/ https://*.googletagmanager.com/ https://googleadservices.com/ https://*.googleadservices.com/ https://*.doubleclick.net/ https://googlesyndication.com/ https://*.googlesyndication.com/ https://google.com.au/ https://*.google.com.au/ 'unsafe-inline' 'unsafe-eval' data: w3.org/svg/2000; upgrade-insecure-requests
strict-transport-security: max-age=15552000
date: Tue, 07 May 2024 10:29:41 GMT
content-length: 185
X-Firefox-Spdy: h2
downloads.quantumsoftware.com.au/ExchangeConnector.msi
302 Found 148 B URL User Request GET HTTP/2 downloads.quantumsoftware.com.au/ExchangeConnector.msi
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject*.quantumsoftware.com.au
Fingerprint7A:0C:89:12:AA:22:C5:CC:66:59:F9:2A:A9:BB:94:0C:62:1E:ED:80
ValiditySun, 25 Feb 2024 11:45:00 GMT - Sat, 25 May 2024 11:44:59 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 479cb0f21cc17a5b2fb322d12bb7014b
646c802fd0d42a10277763e7223dad5793c81ea9
fdadec7f176157981c1524fc2a409997f3ff69acd5cbd113df66659fa36a0dee
GET /ExchangeConnector.msi HTTP/1.1
Host: downloads.quantumsoftware.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /ExchangeConnector4-3-0-x64.msi
server: Microsoft-IIS/10.0
x-ua-compatible: IE=Edge
x-frame-options: sameorigin
strict-transport-security: max-age=15552000
date: Tue, 07 May 2024 10:29:41 GMT
content-length: 148
X-Firefox-Spdy: h2
downloads.quantumsoftware.com.au/ExchangeConnector4-3-0-x64.msi
200 OK 6.8 MB URL User Request GET HTTP/2 downloads.quantumsoftware.com.au/ExchangeConnector4-3-0-x64.msi
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerLet's Encrypt
Subject*.quantumsoftware.com.au
Fingerprint7A:0C:89:12:AA:22:C5:CC:66:59:F9:2A:A9:BB:94:0C:62:1E:ED:80
ValiditySun, 25 Feb 2024 11:45:00 GMT - Sat, 25 May 2024 11:44:59 GMT
File type Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Exchange Connector, Author: Quantum Software Solutions, Keywords: Installer, Comments: This installer database contains the logic and data required to install Exchange Connector., Template: x64;1033, Revision Number: {D3D1489B-C3BB-4374-BD8E-DA025874E0BE}, Create Time/Date: Thu May 2 02:30:46 2024, Last Saved Time/Date: Thu May 2 02:30:46 2024, Number of Pages: 405, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
Size 6.8 MB (6842299 bytes)
Hash 3367c2a641f66a7079636ad98c637b99
817fb60bd5ed3db8eed7454110db8e022ed07b60
b32132a6b2b4dc932428421a9cc7d4fe3de008fa006762a7ac6695c0ca95a2a3
Analyzer Verdict Alert YARAhub by abuse.ch malware Detect files is `SliverFox` malware
GET /ExchangeConnector4-3-0-x64.msi HTTP/1.1
Host: downloads.quantumsoftware.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Thu, 02 May 2024 02:30:47 GMT
accept-ranges: bytes
etag: "707dd0bd389cda1:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=Edge
x-frame-options: sameorigin
strict-transport-security: max-age=15552000
date: Tue, 07 May 2024 10:29:41 GMT
content-length: 6842299
X-Firefox-Spdy: h2
27.50.64.83
52.148.191.173