Report - titronics.com/wp-content/uploads/2020/09/TytronDriver.zip

Report Overview

Submitted URL
titronics.com/wp-content/uploads/2020/09/TytronDriver.zip
IP
68.66.224.17
ASN
#55293 A2HOSTING
Submitted
2024-04-24 10:15:58
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
titronics.com	unknown	1996-11-05	2015-11-09	2024-03-26	511 B	1.7 MB	68.66.224.17

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
titronics.com/wp-content/uploads/2020/09/TytronDriver.zip
IP
68.66.224.17
ASN
#55293 A2HOSTING

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.7 MB (1671931 bytes)
Hash
7c087829f897c6a52460e10d995305c3
8818c2b7684c2a83a439a3413e96d040f2410ea7
4576d45becae20b9271579cc27e9d697aa1a41bd03ab0fe8ba84122fe2bb043c

Archive (31)

Filename

Md5

File type

ftbusui.dll

dd60226d8b1a3b35a09e3a8c9e5c40ea

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

ftcserco.dll

84a0dd31eda61cf8b03f0909f1064c49

PE32+ executable (DLL) (console) x86-64, for MS Windows, 5 sections

ftd2xx.lib

5e8c222d7cc7d38cab7fc257d02d0eaf

current ar archive

ftd2xx64.dll

6a1e17fe76a97559e0b9468aff6925d2

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

ftdibus.sys

340ba7cabb1f314e3650a7ef59f0a371

PE32+ executable (native) x86-64, for MS Windows, 8 sections

ftlang.dll

0b17b700b17ddc80f539267d989542b5

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

ftser2k.sys

a19d6f0356dbabb94293894b84c27d27

PE32+ executable (native) x86-64, for MS Windows, 9 sections

ftserui2.dll

bb420f33f2af1e3cd0a64fc3cab080b4

PE32+ executable (DLL) (console) x86-64, for MS Windows, 5 sections

CDM 2 04 16 Release Info.doc

85694542480a9a8a4aca97b2a2bfc8c6

Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.2, Code page: 1252, Title: FTDI CDM Drivers - Revision Comments May 18, 2006, Author: Andrew Miller, Template: Normal.dot, Last Saved By: Mark Adamson, Revision Number: 2, Name of Creating Application: Microsoft Office Word, Total Editing Time: 01:00, Last Printed: Mon Sep 17 15:09:00 2007, Create Time/Date: Wed Feb 25 08:49:00 2009, Last Saved Time/Date: Wed Feb 25 08:49:00 2009, Number of Pages: 1, Number of Words: 1613, Number of Characters: 9196, Security: 0

FTBUSUI.dll

e3974afac60ee2c3ec118d560c7fe98c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

FTD2XX.dll

aa8046aa6726e0a2b0cda65fb5d2cd8d

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

ftd2xx.h

ddf5dda0d9c77aa541f9a971d8e2d8bc

C source, ISO-8859 text, with CRLF line terminators

ftdibus.cat

6e1d27ee9f13d41735ae6453ce815393

DER Encoded PKCS#7 Signed Data

FTDIBUS.INF

ca8e068b824ed9fbb9f04d72a8c58aa9

Windows setup INFormation

FTDIBUS.sys

b283f1bc1ff852bd232449a4b3e3ce63

PE32 executable (native) Intel 80386, for MS Windows, 7 sections

ftdiport.cat

1312414bcf075b1edd11f2b4ad0a0d72

DER Encoded PKCS#7 Signed Data

ftdiport.inf

87e3cf7ecc1acfb24b03d616083c07ef

Windows setup INFormation

FTDIUN2K.INI

02bcef1f27dbe8b5a168940ad8b9efc0

ASCII text, with CRLF line terminators

FTDIUNIN.exe

9a411917e84142c706358a74e753ab38

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

ftbusui.dll

db550ebe6b18ce0ea0acabc420e3d8d6

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

ftcserco.dll

ce43ca06f113199fe466f8e62a010e9c

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

ftd2xx.dll

c42d0f96ce90fb6d3b96de21886e778e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

ftd2xx.lib

2d5cbe3b885d014143073b92325ce774

current ar archive

ftdibus.sys

d25c535dc57dab5a6298cd8b23a62743

PE32 executable (native) Intel 80386, for MS Windows, 7 sections

ftlang.dll

bce6ef5d348387f4b80761d446bbbdb1

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

ftser2k.sys

a4727c98df89ed909aac5f814125e0de

PE32 executable (native) Intel 80386, for MS Windows, 8 sections

ftserui2.dll

72c05ba42ca2ef93b4e63f3a10e7439f

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

LogoVerificationReport.pdf

30fc02865244d8f994b82570d51b781d

PDF document, version 1.4, 1 pages

ROM.INI

9defa9efcb7b026d620169c6226d1eb8

ASCII text, with CRLF line terminators

ftd2xx.lib

bb4101ff1e874b5c6b446e6db3c588b3

current ar archive

ftd2xx.lib

c35a5b96fbef4a5cd999cecc4c274a1b

current ar archive

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	titronics.com/wp-content/uploads/2020/09/TytronDriver.zip	68.66.224.17	200 OK	1.7 MB
URL User Request GET HTTP/2 titronics.com/wp-content/uploads/2020/09/TytronDriver.zip IP 68.66.224.17:443 ASN #55293 A2HOSTING Certificate IssuerLet's Encrypt Subjectwebdisk.purechiromarketing.com Fingerprint85:5C:65:B2:93:7B:07:93:A6:27:64:41:3E:76:85:01:B3:49:82:22 ValidityTue, 26 Mar 2024 14:32:19 GMT - Mon, 24 Jun 2024 14:32:18 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 1.7 MB (1671931 bytes) Hash 7c087829f897c6a52460e10d995305c3 8818c2b7684c2a83a439a3413e96d040f2410ea7 4576d45becae20b9271579cc27e9d697aa1a41bd03ab0fe8ba84122fe2bb043c HTTP Headers `GET /wp-content/uploads/2020/09/TytronDriver.zip HTTP/1.1 Host: titronics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/zip last-modified: Tue, 01 Sep 2020 16:50:16 GMT etag: "1982fb-5f4e7bc8-336b45f9ca9e2451;;;" accept-ranges: bytes content-length: 1671931 date: Wed, 24 Apr 2024 10:15:32 GMT server: LiteSpeed strict-transport-security: max-age=63072000; includeSubDomains x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" X-Firefox-Spdy: h2

titronics.com/wp-content/uploads/2020/09/TytronDriver.zip

68.66.224.17

200 OK

1.7 MB

URL User Request GET HTTP/2
titronics.com/wp-content/uploads/2020/09/TytronDriver.zip
IP
68.66.224.17:443
ASN
#55293 A2HOSTING

Certificate
IssuerLet's Encrypt
Subjectwebdisk.purechiromarketing.com
Fingerprint85:5C:65:B2:93:7B:07:93:A6:27:64:41:3E:76:85:01:B3:49:82:22
ValidityTue, 26 Mar 2024 14:32:19 GMT - Mon, 24 Jun 2024 14:32:18 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.7 MB (1671931 bytes)
Hash
7c087829f897c6a52460e10d995305c3
8818c2b7684c2a83a439a3413e96d040f2410ea7
4576d45becae20b9271579cc27e9d697aa1a41bd03ab0fe8ba84122fe2bb043c

HTTP Headers

GET /wp-content/uploads/2020/09/TytronDriver.zip HTTP/1.1
Host: titronics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/zip
last-modified: Tue, 01 Sep 2020 16:50:16 GMT
etag: "1982fb-5f4e7bc8-336b45f9ca9e2451;;;"
accept-ranges: bytes
content-length: 1671931
date: Wed, 24 Apr 2024 10:15:32 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (31)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers