| www.oficinaintegrada.com.br/ | 52.55.180.247 | | 250 B |
URL www.oficinaintegrada.com.br/ IP52.55.180.247:0
File typeHTML document, ASCII text Hashda62677d4a75ae978dc210a9b67f9ab8 c25eb7c72f204be0f5c9104b7d65b92208abd8dd 75bce86770a73833e970b6ac3fc75065d79a71577fb33571db3b6ab1bbe78823
GET / HTTP/1.1
Host: www.oficinaintegrada.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Object moved
Cache-Control: private
Content-Type: text/html
Location: https://www.oficinaintegrada.com.br/software-gerencimento-oficina-mecanica/programa-gestao-oficina-mecanica-integrada/default.asp
Server: Microsoft-IIS/8.5
Set-Cookie: ASPSESSIONIDCCDTBSRA=FHAILMOCBBFFGDIJBBAPJOOO; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Date: Sun, 05 May 2024 00:58:14 GMT
Content-Length: 250
|
| www.oficinaintegrada.com.br/software-gerencimento-oficina-mecanica/programa-gestao-oficina-mecanica-integrada/default.asp | 52.55.180.247 | | 17 kB |
URL www.oficinaintegrada.com.br/software-gerencimento-oficina-mecanica/programa-gestao-oficina-mecanica-integrada/default.asp IP52.55.180.247:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1706), with CRLF line terminators Hash715415475110d38e1be61a684f8e7001 bed95a0f156599b7bef66e83e604ba4caf464ace 076c8154adb162cd9bf98f5791344af87f36adbbfcd27a18ea7493b6f38d05ab
GET /software-gerencimento-oficina-mecanica/programa-gestao-oficina-mecanica-integrada/default.asp HTTP/1.1
Host: www.oficinaintegrada.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: ASPSESSIONIDCGDTBSRA=GHAILMOCONIEFNHBKLAJFAHJ; secure; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Date: Sun, 05 May 2024 00:58:14 GMT
Content-Length: 16982
|
| www.oficinaintegrada.com.br/OFICINAINTEGRADA3/oficinainstaller.exe?__hstc=41115773.4b44870ec4a577029c49e44b73bd3bee.1704067200092.1704067200093.1704067200094.1&__hssc=41115773.1.1704067200095&__hsfp=659407567 | 52.55.180.247 | 200 OK | 2.2 MB |
URL User Request GET HTTP/1.1www.oficinaintegrada.com.br/OFICINAINTEGRADA3/oficinainstaller.exe?__hstc=41115773.4b44870ec4a577029c49e44b73bd3bee.1704067200092.1704067200093.1704067200094.1&__hssc=41115773.1.1704067200095&__hsfp=659407567 IP52.55.180.247:443
CertificateIssuerLet's Encrypt Subjectftp.oficinaintegrada.com.br Fingerprint46:A2:86:86:1C:2C:D5:C8:94:87:8F:5D:F3:31:0F:F0:BA:A1:F6:8D ValidityFri, 03 May 2024 12:55:22 GMT - Thu, 01 Aug 2024 12:55:21 GMT
File typePE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 6 sections Size2.2 MB (2156544 bytes) Hash6ec802dffc78dff7c658a3baa8db5d43 c7e4a09a24b986f4669324e3890c84d09d33bf27 94f29541fd574d1c5dc6202ecba623a6c9719961af721f78df13c1867328c76f
Analyzer | Verdict | Alert | YARAhub by abuse.ch | malware | meth_get_eip | VirusTotal | suspicious | |
GET /OFICINAINTEGRADA3/oficinainstaller.exe?__hstc=41115773.4b44870ec4a577029c49e44b73bd3bee.1704067200092.1704067200093.1704067200094.1&__hssc=41115773.1.1704067200095&__hsfp=659407567 HTTP/1.1
Host: www.oficinaintegrada.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Last-Modified: Mon, 21 Jan 2019 17:25:07 GMT
Accept-Ranges: bytes
ETag: "a4973341aeb1d41:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Date: Sun, 05 May 2024 00:58:17 GMT
Content-Length: 2156544
|