Report - amlpages.com/Source/RSSme.zip

Report Overview

Submitted URL
amlpages.com/Source/RSSme.zip
IP
91.189.114.23
ASN
#48287 Jsc Ru-Center
Submitted
2024-04-23 09:02:19
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
amlpages.com	unknown	2006-12-09	2012-06-18	2024-04-18	399 B	1.1 MB	91.189.114.23

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
amlpages.com/Source/RSSme.zip
IP
91.189.114.23
ASN
#48287 Jsc Ru-Center

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.1 MB (1076286 bytes)
Hash
9a349419f95f496b17bc6940cd32c615
b4b31fb4dd93936de062a2cbe14b36207ff70c1e
219278f3a4e9b287b3e9a3a2981af7ee1af9cf407d42059c99b473530c7fa691

Archive (6)

Filename

Md5

File type

RSSme.exe

84267942a70e37733981d05f3b43eff9

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

htmlayout.dll

4247365a14d88736956dbc44ae190e6c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

html.ash

18f14c72666be3effbcdf538715cf1f9

Generic INItialization configuration [HTML]

ReadMe.txt

418eb6961dfe7ea306cc7311ed8df346

ISO-8859 text, with CRLF line terminators

licence_en.txt

71f2b916862abedf9de99042429c68e6

ASCII text, with no line terminators

history.txt

34c31f21d2c2b2cf22aa36fce14d90c3

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/63

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

amlpages.com/Source/RSSme.zip

91.189.114.23

200 OK

1.1 MB

URL User Request GET HTTP/1.1
amlpages.com/Source/RSSme.zip
IP
91.189.114.23:80
ASN
#48287 Jsc Ru-Center

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.1 MB (1076286 bytes)
Hash
9a349419f95f496b17bc6940cd32c615
b4b31fb4dd93936de062a2cbe14b36207ff70c1e
219278f3a4e9b287b3e9a3a2981af7ee1af9cf407d42059c99b473530c7fa691

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/63

HTTP Headers

GET /Source/RSSme.zip HTTP/1.1
Host: amlpages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 23 Apr 2024 09:01:53 GMT
Content-Type: application/zip
Content-Length: 1076286
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 07:40:21 GMT
ETag: "106c3e-5f2c14737c340"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (6)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers