Report - www.teamtek.net/public/KrypterGUI.zip

Report Overview

Submitted URL
www.teamtek.net/public/KrypterGUI.zip
IP
31.11.35.174
ASN
#31034 Aruba S.p.A.
Submitted
2024-05-07 11:58:47
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.teamtek.net	unknown	2002-05-06	2017-02-22	2024-02-13	491 B	845 kB	31.11.35.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.teamtek.net/public/KrypterGUI.zip
IP
31.11.35.174
ASN
#31034 Aruba S.p.A.

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
845 kB (844866 bytes)
Hash
7b7c6e42e7d80abcfeb15b43f484f667
48f3023ca5558459d7ca56d59cddf162d76b17d9
e5c140f3786a0477ad94be4ed8ea7897c295ca21b80823a44efe40a773a54ee5

Archive (12)

Filename

Md5

File type

Krypter.ico.deploy

90e5a12334afa63724a5a7b0b497f964

Targa image data - Map 32 x 2285 x 1 +1

Krypter.netGUI.application

61473ce221300cfbe398407c64a60c6f

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (3755), with CRLF line terminators

Krypter.netGUI.exe.config.deploy

72a9c8b79a6577721302be0a9a75f53a

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Krypter.netGUI.exe.deploy

703b3272bd5377912eabbde959817734

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 4 sections

Krypter.netGUI.exe.manifest

2dced4588beccd710d891e51dc8a008f

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (3719), with CRLF, LF line terminators

Krypter.ico.deploy

90e5a12334afa63724a5a7b0b497f964

Targa image data - Map 32 x 2285 x 1 +1

Krypter.netGUI.application

3ec09fdde6096b76f8b4d315a5ae1d7e

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (3755), with CRLF line terminators

Krypter.netGUI.exe.config.deploy

72a9c8b79a6577721302be0a9a75f53a

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Krypter.netGUI.exe.deploy

2712d772ee53d981eb20c65053d0b771

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 4 sections

Krypter.netGUI.exe.manifest

fe6242e7b98a33c9eb1a18010f7b602c

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (3719), with CRLF, LF line terminators

Krypter.netGUI.application

3ec09fdde6096b76f8b4d315a5ae1d7e

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (3755), with CRLF line terminators

setup.exe

4fb8df1176ef5d05a8f1f45ef6804385

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/47

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.teamtek.net/public/KrypterGUI.zip

31.11.35.174

200 OK

845 kB

URL User Request GET HTTP/2
www.teamtek.net/public/KrypterGUI.zip
IP
31.11.35.174:443
ASN
#31034 Aruba S.p.A.

Certificate
IssuerActalis S.p.A.
Subject*.teamtek.net
Fingerprint17:80:05:F8:E4:B0:5B:CB:B2:B1:99:F1:FF:F7:CA:3D:27:66:F2:78
ValiditySun, 24 Sep 2023 03:10:32 GMT - Thu, 24 Oct 2024 03:10:31 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
845 kB (844866 bytes)
Hash
7b7c6e42e7d80abcfeb15b43f484f667
48f3023ca5558459d7ca56d59cddf162d76b17d9
e5c140f3786a0477ad94be4ed8ea7897c295ca21b80823a44efe40a773a54ee5

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/47

HTTP Headers

GET /public/KrypterGUI.zip HTTP/1.1
Host: www.teamtek.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-zip-compressed
last-modified: Fri, 15 Mar 2013 10:01:46 GMT
accept-ranges: bytes
etag: "1af6761a6421ce1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 07 May 2024 11:58:20 GMT
content-length: 844866
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (12)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers