www.smartftp.com/get/SmartFTP86.msi
192.99.223.240301 Moved Permanently 193 B URL User Request GET HTTP/2 www.smartftp.com/get/SmartFTP86.msi
IP 192.99.223.240:443
Certificate IssuerLet's Encrypt
Subject*.smartftp.com
FingerprintD2:77:57:C7:91:DB:89:7C:43:A5:95:70:08:E7:88:B2:DD:FA:41:35
ValiditySat, 02 Mar 2024 03:13:54 GMT - Fri, 31 May 2024 03:13:53 GMT
File type HTML document, ASCII text
Hash 7708f9b499f2f1d5530999949e853aad
1302dea5a4c330a0bd08af251bffa212e7a94f53
0736156ae90761091a8b40ad1010800bd19642cc98e13a2ad7b1dfada16d6a69
GET /get/SmartFTP86.msi HTTP/1.1
Host: www.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.smartftp.com/get/Client?platform=x86&file=SmartFTP.msi
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Mar 2024 08:04:12 GMT
content-length: 193
X-Firefox-Spdy: h2
www.smartftp.com/get/Client?platform=x86&file=SmartFTP.msi
192.99.223.240302 Found 0 B URL User Request GET HTTP/2 www.smartftp.com/get/Client?platform=x86&file=SmartFTP.msi
IP 192.99.223.240:443
Certificate IssuerLet's Encrypt
Subject*.smartftp.com
FingerprintD2:77:57:C7:91:DB:89:7C:43:A5:95:70:08:E7:88:B2:DD:FA:41:35
ValiditySat, 02 Mar 2024 03:13:54 GMT - Fri, 31 May 2024 03:13:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/Client?platform=x86&file=SmartFTP.msi HTTP/1.1
Host: www.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://static.smartftp.com/static/Products/Client/10.0.3050.0/x86/SmartFTP.msi
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Mar 2024 08:04:12 GMT
content-length: 0
X-Firefox-Spdy: h2
static.smartftp.com/static/Products/Client/10.0.3050.0/x86/SmartFTP.msi
104.21.12.126200 OK 12 MB URL User Request GET HTTP/2 static.smartftp.com/static/Products/Client/10.0.3050.0/x86/SmartFTP.msi
IP 104.21.12.126:443
Certificate IssuerLet's Encrypt
Subjectsmartftp.com
FingerprintCA:D2:C3:BA:44:F6:84:DE:A8:B8:83:75:39:E1:D0:1A:1C:6B:77:B5
ValidityThu, 07 Mar 2024 13:13:40 GMT - Wed, 05 Jun 2024 13:13:39 GMT
File type Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Code page: 1252, Title: Installation Database, Subject: SmartFTP Client, Author: SmartSoft Ltd., Keywords: Install,MSI, Comments: This installer database contains the logic and data required to install SmartFTP Client., Template: Intel;1033, Revision Number: {52DB3E5F-98B7-4A9B-A716-99ABDA4209AF}, Create Time/Date: Sat Dec 17 05:21:08 2022, Last Saved Time/Date: Sat Dec 17 05:21:08 2022, Number of Pages: 500, Number of Words: 2, Name of Creating Application: WiX Toolset (4.0.0.0), Security: 2
Size 12 MB (11558912 bytes)
Hash 380abe56b4d262eeec68f845803bcf42
194e9838015d651640c71b4dfb9c3df552cb609e
8d885003aa204d160b3cfab01f7f686126dddc0e25d171ec7dd14bf3b369e85e
Analyzer Verdict Alert YARAhub by abuse.ch malware Detect files is `SliverFox` malware
VirusTotal suspicious
GET /static/Products/Client/10.0.3050.0/x86/SmartFTP.msi HTTP/1.1
Host: static.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 08:04:13 GMT
content-type: application/octet-stream
content-length: 11558912
last-modified: Sat, 17 Dec 2022 05:21:21 GMT
etag: "40ffe66d711d91:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
cache-control: max-age=7200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b61bae3b4d56bb-OSL
X-Firefox-Spdy: h2