Report - www.gunnerinc.com/files/gfte.zip

Report Overview

Submitted URL
www.gunnerinc.com/files/gfte.zip
IP
70.32.23.44
ASN
#55293 A2HOSTING
Submitted
2024-05-07 10:03:42
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gunnerinc.com	unknown	2010-06-22	2012-07-17	2024-02-15	486 B	32 kB	70.32.23.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.gunnerinc.com/files/gfte.zip
IP
70.32.23.44
ASN
#55293 A2HOSTING

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
32 kB (31637 bytes)
Hash
050a0211ff883731823b5c2f5bfe1cc1
1facdf21ac0a80998e21a0fc6cf8d9a7d31f9d74
0ed8a83a537ecacadb53886069fec3b80137c33f6b8533c6158e0a6b47051aa0

Archive (4)

Filename

Md5

File type

GFTE.exe

d7cb8fbe84c2994bb10a9576f83ee2d0

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

GFTE System Edit.lnk

3aa60be273f74dc6ad193a09d5fd216c

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Sat Jul 10 00:13:49 2010, mtime=Sat Jul 10 00:22:37 2010, atime=Sat Jul 10 00:22:37 2010, length=75264, window=hide

ReadMe.txt

33eebc0210af00a9cd28d10ba422e869

ASCII text, with CRLF line terminators

Versions.txt

64d6ec86db78c76995316b057c731aeb

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
Public InfoSec YARA rules	malware	Identifies executable artefacts in shortcut (LNK) files.
VirusTotal	suspicious	VirusTotal - Scan result 1/66

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.gunnerinc.com/files/gfte.zip

70.32.23.44

200 OK

32 kB

URL User Request GET HTTP/1.1
www.gunnerinc.com/files/gfte.zip
IP
70.32.23.44:443
ASN
#55293 A2HOSTING

Certificate
IssuerLet's Encrypt
Subjectwebmail.gunnerinc.com
Fingerprint68:B0:86:A9:8D:FE:DA:48:30:FE:22:88:98:92:C2:9B:66:7C:D3:58
ValidityTue, 26 Mar 2024 19:38:35 GMT - Mon, 24 Jun 2024 19:38:34 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
32 kB (31637 bytes)
Hash
050a0211ff883731823b5c2f5bfe1cc1
1facdf21ac0a80998e21a0fc6cf8d9a7d31f9d74
0ed8a83a537ecacadb53886069fec3b80137c33f6b8533c6158e0a6b47051aa0

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/66

HTTP Headers

GET /files/gfte.zip HTTP/1.1
Host: www.gunnerinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 10:03:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 May 2020 00:23:28 GMT
Accept-Ranges: bytes
Content-Length: 31637
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (4)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers