Report - delphi.ktop.com.tw/download/upload/41803

Report Overview

Submitted URL
delphi.ktop.com.tw/download/upload/41803_Calender.zip
IP
69.195.108.65
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2024-05-10 21:31:32
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
delphi.ktop.com.tw	unknown	unknown	2012-10-15	2019-11-12	507 B	1.0 MB	69.195.108.65

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
delphi.ktop.com.tw/download/upload/41803_Calender.zip
IP
69.195.108.65
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.0 MB (1037146 bytes)
Hash
e50c651c14de1b22d3c3d6d57f88869d
b1b5778e6316702efe7764c2f618cc4bedfdb860
58cfb557390c7c221e31464f6facdfd27c14bc788c9f59129421be7b79269d01

Archive (28)

Filename

Md5

File type

Project1.cpp

fffbbb4cf4620d71ae9037ef29370fd2

C source, ASCII text, with CRLF line terminators

Calender.exe

44f050f230149cd982e0718b2cddc6b3

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

Project1.res

9f27c5a7913204becedf0e5cb255d5b6

MSVC .res

Unit1.~cpp

dbfa7739339b8b4fec1252e7e42f4edd

C source, ISO-8859 text, with CRLF line terminators

Unit1.~ddp

57f2b3b109407d3960a67d63f233edca

data

Unit1.~dfm

f3b8c5c344b8fd7d8db4d9b17c5df7c7

ASCII text, with CRLF line terminators

Unit1.~h

b9ade66ceae31486274e2e6b54a8495a

C++ source, ASCII text, with CRLF line terminators

Unit1.cpp

e91850bf7998fe3a5af298ba3010bbf4

C source, ISO-8859 text, with CRLF line terminators

Unit1.ddp

57f2b3b109407d3960a67d63f233edca

data

Unit1.dfm

f3b8c5c344b8fd7d8db4d9b17c5df7c7

ASCII text, with CRLF line terminators

Unit1.h

b9ade66ceae31486274e2e6b54a8495a

C++ source, ASCII text, with CRLF line terminators

B.bmp

36c5c63fb2d6c95cd749213239eab6f2

PC bitmap, Windows 3.x format, 80 x 9 x 8, image size 720, cbSize 1798, bits offset 1078

L.bmp

23f428b219157628a7edf26c0e8ace92

PC bitmap, Windows 3.x format, 9 x 80 x 8, image size 960, cbSize 2038, bits offset 1078

LB.bmp

d0c3cd563e4d20f0a219b59e942ca4dc

PC bitmap, Windows 3.x format, 20 x 20 x 8, image size 400, cbSize 1478, bits offset 1078

LT.bmp

0abbb18b79c46365242d25ea6e053f8a

PC bitmap, Windows 3.x format, 20 x 20 x 8, image size 400, cbSize 1478, bits offset 1078

R.bmp

fd3076fe91614e396f1a99baa1c9a80e

PC bitmap, Windows 3.x format, 9 x 80 x 8, image size 960, cbSize 2038, bits offset 1078

RB.bmp

33357c6c8a019ecc1626eb01f2afd7b0

PC bitmap, Windows 3.x format, 20 x 20 x 8, image size 400, cbSize 1478, bits offset 1078

RT.bmp

890d89414adce1039059a0d951360824

PC bitmap, Windows 3.x format, 20 x 20 x 8, image size 400, cbSize 1478, bits offset 1078

T.bmp

6d1da67e57103f29df6a28eb3b50ae87

PC bitmap, Windows 3.x format, 80 x 9 x 8, image size 720, cbSize 1798, bits offset 1078

123.bmp

2f5d7a5937c36e31b9d7add428dc38e7

PC bitmap, Windows 3.x format, 84 x 18 x 24, image size 4536, resolution 3780 x 3780 px/m, cbSize 4590, bits offset 54

Bitmap1.bmp

e630be65e3f3ead47d6838eee7167e6b

PC bitmap, Windows 3.x format, 267 x 25 x 8, image size 6700, cbSize 7778, bits offset 1078

Bitmap2.bmp

123cf0a50e1398cb629b247ce821825f

PC bitmap, Windows 3.x format, 110 x 25 x 8, image size 2800, cbSize 3878, bits offset 1078

Thumbs.db

b3f74920a622e8aaa22bd9f36ff8fa8d

Composite Document File V2 Document, Cannot read section info

Project1.obj

90aba7bc0def2ffe826e30c57ca81c0e

8086 relocatable (Microsoft), "C:\Documents and Settings\wjm\�ୱ\qpzm\Project1.cpp", 1st record data length 54, 2nd record type 0x88, 2nd record data length 19

Unit1.obj

07c2503eebf85d6d523dfd511078c55d

8086 relocatable (Microsoft), "C:\Documents and Settings\wjm\�ୱ\qpzm\Unit1.cpp", 1st record data length 51, 2nd record type 0x88, 2nd record data length 19

Project1.tds

06f2067c3a5d7953595d3dd6b4d08d92

DIY-Thermocam raw data (Lepton 3.x), scale 0-160, spot sensor temperature -42535376994755722539603521717976170496.000000, unit celsius, color scheme 3, calibration: offset 2.843750, slope 1157004875875003322345717760.000000

Project1.~bpr

bbe184322b26c600feeae97e3d33dbc9

XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators

Project1.bpr

3b32f9139daa454d8f5f4c735878cc98

XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	delphi.ktop.com.tw/download/upload/41803_Calender.zip	69.195.108.65	200 OK	1.0 MB
URL User Request GET HTTP/2 delphi.ktop.com.tw/download/upload/41803_Calender.zip IP 69.195.108.65:443 ASN #46606 UNIFIEDLAYER-AS-1 Certificate IssuerLet's Encrypt Subjectwww.test-bluehost-bestlong-idv-tw.my-hot.com FingerprintC7:F5:96:59:06:44:50:83:5F:38:E0:59:B7:61:6C:1C:17:B2:54:7A ValidityWed, 27 Mar 2024 08:15:10 GMT - Tue, 25 Jun 2024 08:15:09 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 1.0 MB (1037146 bytes) Hash e50c651c14de1b22d3c3d6d57f88869d b1b5778e6316702efe7764c2f618cc4bedfdb860 58cfb557390c7c221e31464f6facdfd27c14bc788c9f59129421be7b79269d01 HTTP Headers `GET /download/upload/41803_Calender.zip HTTP/1.1 Host: delphi.ktop.com.tw User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK last-modified: Mon, 18 Oct 2010 23:02:47 GMT accept-ranges: bytes content-length: 1037146 host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== content-type: application/zip date: Fri, 10 May 2024 21:31:06 GMT server: Apache X-Firefox-Spdy: h2`

delphi.ktop.com.tw/download/upload/41803_Calender.zip

69.195.108.65

200 OK

1.0 MB

URL User Request GET HTTP/2
delphi.ktop.com.tw/download/upload/41803_Calender.zip
IP
69.195.108.65:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subjectwww.test-bluehost-bestlong-idv-tw.my-hot.com
FingerprintC7:F5:96:59:06:44:50:83:5F:38:E0:59:B7:61:6C:1C:17:B2:54:7A
ValidityWed, 27 Mar 2024 08:15:10 GMT - Tue, 25 Jun 2024 08:15:09 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.0 MB (1037146 bytes)
Hash
e50c651c14de1b22d3c3d6d57f88869d
b1b5778e6316702efe7764c2f618cc4bedfdb860
58cfb557390c7c221e31464f6facdfd27c14bc788c9f59129421be7b79269d01

HTTP Headers

GET /download/upload/41803_Calender.zip HTTP/1.1
Host: delphi.ktop.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Mon, 18 Oct 2010 23:02:47 GMT
accept-ranges: bytes
content-length: 1037146
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/zip
date: Fri, 10 May 2024 21:31:06 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (28)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers