Report Overview
Submitted URL
ftp.elf.stuba.sk/pub/pc/pack/unpack22.zip
IP
147.175.111.14
ASN
#2607 Zdruzenie pouzivatelov Slovenskej akademickej datovej siete
Submitted
2024-05-10 22:34:04
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
43
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
ftp.elf.stuba.sk | unknown | 2003-11-25 | 2012-07-01 | 2020-05-09 | 411 B | 892 kB | 147.175.111.14 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
ftp.elf.stuba.sk/pub/pc/pack/unpack22.zip
IP
147.175.111.14
ASN
#2607 Zdruzenie pouzivatelov Slovenskej akademickej datovej siete
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
891 kB (891306 bytes)
Hash
c7e3fce0100c7ccd81a435ea489af9e2
e9c3b66af58bea9ea5431090d81c8c2fea1691df
Archive (62)
Filename | Md5 | File type | ||||||
---|---|---|---|---|---|---|---|---|
Un-pack.exe | e90be9993116d378d143339f334b41fb | MS-DOS executable, MZ for MS-DOS | ||||||
Un-pack.pif | 7fa51cfdd6cf0dddfd02f22311d92eac | Windows Program Information File for UN-PACK.EXE, icon=UN-PACK.ICO | ||||||
File_id.diz | 40f22af43f5258bd9c547d919932464c | ISO-8859 text, with CRLF line terminators | ||||||
Un-packe.dat | 8e4363160879774ace309f4b50b5c874 | TTComp archive data, binary, 4K dictionary | ||||||
Ug2001.nfo | 8c07479bc2809cb6ffd2f582ebc6433d | ISO-8859 text, with CRLF line terminators | ||||||
Un-pack.ico | 41cd27e6b17daedcd0b645fceb7c1418 | MS Windows icon resource - 1 icon, 32x32, 16 colors | ||||||
Un-pack.doc | 7b0018885a60d1fe59c33cfb3626ae5f | Non-ISO extended-ASCII text, with CRLF, NEL line terminators | ||||||
Un-pack.eng | e1c14d2f5a6f8abdc1f80c3998366bd9 | ISO-8859 text, with CRLF line terminators | ||||||
ExeTools.Com | b3b8125b562272e29d94429c3f41130d | COM executable for DOS, aPack compressed | ||||||
UN-PACKL.EXE | 3afe918243ef23f44928a9f83a2d2843 | MS-DOS executable, MZ for MS-DOS | ||||||
UN-PACKX.BAT | 1a323b1762c41a7287c27f388db3e2ae | ASCII text, with no line terminators | ||||||
Denood10.exe | b50ca86dbb7a47a6905512bb2c29d59b
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Ugu_pe.exe | 2775b872cd0b0c395d9e753eab9c0cdf
| PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections | ||||||
Deasp211.exe | 41f28ced5e5e644ff7a9a1dab7c30c12
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Untlck61.exe | 383dddabce7a116dbcb4beadfc97a966
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Vdp_10.exe | a4ce08be4dc1e4cb478def84566de091
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
CASPR.INI | e370f18780b2983b5b25d4af5a683c8c | Microsoft HTML Help Project | ||||||
Unpcwc.exe | 94f73a941ab6a89d49e537dd5ce36546
| PE32 executable (console) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Anti3.exe | 11cf2ec84659beaa35c340d88f59c342
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Unpetite.exe | 2a6c9e70a2482864ea5e17fce0a1cebe
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Caspr2.dll | f2d7ed3d8b28a9d85114448dde3253b8
| PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections | ||||||
Deyoda12.exe | 5ce58114b3ac05438b6f22804a73d3d3
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Unpcgd07.exe | e4329191ed9b7f3664979a2b113dfded
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Deyoda10.exe | 9508766c97ee14d97c9ef9587c3ae5aa
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Xcremove.exe | 976dc28a0f1161182cf356c42afe982d | MS-DOS executable, MZ for MS-DOS | ||||||
rebIT.dll | c9882b5e6e0e59b14a92436dde33a554
| PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Start.exe | 930b76994a960fcbf35df633ffbc327d
| PE32 executable (console) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Unpecomp.exe | 75b272ab68d96a0dcc2340f814590a32
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Unnfo10.exe | 9482f79e962ac3dc9c74b9735b5f9518
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
Stn-wwpp.exe | 6e1775a848edc836c6eaea05534c85cb
| PE32 executable (console) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Caspr1.dll | af4bc8728a068938efdcbccfda72324f
| PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections | ||||||
Ubjfnt13.exe | ea42f8cf59592ba1584a74d51e9b715a
| PE32 executable (console) Intel 80386, for MS Windows, 4 sections | ||||||
Antiaspk.exe | 038d3d4859a22fad9106e01d3fa5cd9d
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Untelock.exe | fc2e000a9e9b5b3a106d0609b40a9b08
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | ||||||
Unvgcryp.exe | 7fcf218ffb5eac78d0f09a29615247c8
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Xfse95.exe | b36e6ad4f90fd3c856d0931b82dd78cf | MS-DOS executable, LE executable for MS Windows (VxD) | ||||||
Uring.dll | c44356dec5b17d947176737304ff01ee
| PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections | ||||||
Caspr.exe | c2603ebbc09fa2df086f93c215c90f78
| PE32 executable (console) Intel 80386, for MS Windows, 2 sections | ||||||
Realign.dll | 5eaa9f941cc8f7f2b461f4a9067145ca | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Desoft9x.exe | dfcbdac41eaa7820a09a6877a0e22e52
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Ahcr200.exe | 5bbead119a01471fdcc8b2096915af97
| PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections | ||||||
Peunlck.exe | b4fca6084e92b2a588909bd7bc06b470
| PE32 executable (console) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Rad06.exe | 193c39bbdb254116d7bf79d29446774d
| PE32 executable (GUI) Intel 80386, for MS Windows, 2 sections | ||||||
Untlck70.exe | 4d9790043a976d094da14ab97e553d5c
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Untlck71.exe | f67215a8a620ed6ed89dd70a32bfce8e
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Un_penyc.exe | 7ead59ef6e9dad190bf351d4eec93ef1 | MS-DOS executable, MZ for MS-DOS | ||||||
Untlck7b.exe | d63e1f9381258b18439d7a1c00ec75f9
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Unpklite.exe | 22f8d7bce5bfa7115bd301d52d4c5ed4 | MS-DOS executable, MZ for MS-DOS | ||||||
Depeprot.exe | 46351305f526d54167a299d47dc4282b
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Xpecrypt.exe | ed5fa1b29366108549d5c1bd1b2fb8e8
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Unpcpeca.exe | ed7d1639282db3034b8cd15037207f8b | MS-DOS executable, MZ for MS-DOS | ||||||
Unaspack.exe | b40185a31e3b88fea7f4484395b744ec
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Desoftnt.exe | dcaa013fe35c6fe02f33066d35100097
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Unpes.exe | cc9b79097333b098bf747e949f287048
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Nckill10.exe | 8c82deb85e32f835338bff5c8771fee3
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Unpklite.txt | b3f553c2256b34849be20e096cd8789e | ASCII text, with CRLF line terminators | ||||||
Guw32.exe | 59cc972e87f019df650f34d25b41783b
| PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections | ||||||
Untlck60.exe | 8c21ba08e0033a2a70f22ca2b76e3925
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Imprec.dll | b0b4fdbd49479545c6cbce17c8e2e08c
| PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections | ||||||
Deshrink.com | 2066fdaa4ae436721a0f3a18384e4e1c | DOS executable (COM), start instruction 0xe9160580 fd087405 | ||||||
Asprotec.txt | 2770e692045cfd9b0964d5e40c64efea | ASCII text, with CRLF line terminators | ||||||
Examples.zip | e2b6cd276a4000b6a3563a5a43dc7414 | Zip archive data, at least v2.0 to extract, compression method=store |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public Nextron YARA rules | malware | Detects imphash often found in malware samples (Maximum 0,25% hits with search for 'imphash:x p:0' on Virustotal) = 99,75% hits |
YARAhub by abuse.ch | malware | meth_get_eip |
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
ftp.elf.stuba.sk/pub/pc/pack/unpack22.zip | 147.175.111.14 | 200 OK | 891 kB | |||||||
Detections
HTTP Headers
| ||||||||||