Report - www.awesync.com/downloads/AweSync.Mail-2.5.0.zip

Report Overview

Submitted URL
www.awesync.com/downloads/AweSync.Mail-2.5.0.zip
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 11:45:19
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.awesync.com	unknown	2009-02-19	2013-08-30	2024-02-15	502 B	15 MB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.awesync.com/downloads/AweSync.Mail-2.5.0.zip
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
15 MB (15133503 bytes)
Hash
c88ad238ccd16117523bb37ddaa78214
ea27952ceb60dbd1ad977b6f90d4de6aa0340055
c386011b8dbda8d23edd2d8e725eb4ec58b62a938364c88d5435bb81c1a66075

Archive (35)

Filename

Md5

File type

commons-codec-1.6.jar

5970f54883b4831b24b97f1125ba27e6

Zip archive data, at least v1.0 to extract, compression method=store

commons-lang3-3.1.jar

71b48e6b3e1b1dc73fe705604b9c7584

Zip archive data, at least v1.0 to extract, compression method=store

commons-logging-1.1.1.jar

ed448347fc0104034aa14c8189bf37de

Zip archive data, at least v1.0 to extract, compression method=store

commons-validator-1.4.0.jar

8f381c168688704a85c550cf343a5ca2

Zip archive data, at least v1.0 to extract, compression method=store

forms_rt.jar

a3e1ecc3760cdbdbed9c0e193669ee3e

Zip archive data, at least v1.0 to extract, compression method=store

gdata-client-1.0.jar

cd00dc4999d7813f16401582dd93a948

Java archive data (JAR)

gdata-contacts-3.0.jar

d07fc71e005171d359440f4a7222f7ad

Java archive data (JAR)

gdata-core-1.0.jar

c51dc9b54e15af5a7de9684cb4516bb1

Java archive data (JAR)

google-api-client-1.22.0.jar

d44da12a0519385b4a7ce513831c70a2

Zip archive data, at least v1.0 to extract, compression method=store

google-api-services-calendar-v3-rev253-1.22.0.jar

50c3202c8a1f791e76edb4f21d321cc5

Zip archive data, at least v2.0 to extract, compression method=store

google-api-services-gmail-v1-rev67-1.22.0.jar

61c6f6d96b1ceca868ae7ebda7accb9d

Zip archive data, at least v2.0 to extract, compression method=store

google-http-client-1.22.0.jar

0d084226eb0d26b9836612ebf7b5e632

Java archive data (JAR)

google-http-client-jackson2-1.22.0.jar

4889275a09f16e8bc8ae0fee19e8227d

Zip archive data, at least v1.0 to extract, compression method=store

google-oauth-client-1.22.0.jar

aa5813cdd8ebf4f3f900d97a724655d6

Zip archive data, at least v1.0 to extract, compression method=store

google-oauth-client-java6-1.22.0.jar

93c8c5a2aefaf1d3e1b84a5fbd8351d4

Zip archive data, at least v1.0 to extract, compression method=store

google-oauth-client-jetty-1.22.0.jar

7b65f54c4a11bffcf42a5fa199aec8d9

Zip archive data, at least v1.0 to extract, compression method=store

gson-2.2.2.jar

e1518f15ce668ab198508939822225d1

Zip archive data, at least v1.0 to extract, compression method=store

guava-11.0.2.jar

bed5977336ea1279d2bad3bb258dc8c3

Zip archive data, at least v1.0 to extract, compression method=store

httpclient-4.0.1.jar

9ca98774860101c06ca9010efd6224a1

Zip archive data, at least v1.0 to extract, compression method=store

httpcore-4.0.1.jar

6c1963fd8ac0c40c004c9e892e0d7703

Zip archive data, at least v1.0 to extract, compression method=store

jackson-core-2.1.3.jar

76ad985a44b331541bdd07243303f6a9

Zip archive data, at least v1.0 to extract, compression method=store

jetty-6.1.26.jar

12b65438bbaf225102d0396c21236052

Zip archive data, at least v1.0 to extract, compression method=store

jetty-util-6.1.26.jar

450fedce4f7f8ad3761577b10a664200

Zip archive data, at least v1.0 to extract, compression method=store

jshortcut.dll

e5d5363469738ce475a581e5eace596d

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

jshortcut.jar

32b51cb9957b03985b9b6237cc818f06

Java archive data (JAR)

keystore.jks

43aa2207fcfcd4469cc10b3ee5f2fca2

Java KeyStore

log4j-1.2.17.jar

fb87bd84e336ca3dc6b6c108f51bf25e

Java archive data (JAR)

mail.jar

6dafd0c26d07c8792bd4e152f2dbfbb8

Zip archive data, at least v1.0 to extract, compression method=store

proguard.jar

a4e5e5a80dc02395e4905662d60c5589

Java archive data (JAR)

Messages.db

15006eb18bde1153dbbe8f438e9ccee0

SQLite 3.x database, last written using SQLite version 0, page size 1024, file counter 141, database pages 0, 1st free page 11, free pages 3, cookie 0x74, schema 1, UTF-8, version-valid-for 0

sqlite-jdbc-3.19.3.jar

a1a75e52fbc6f5b4b988f925643c936f

Zip archive data, at least v1.0 to extract, compression method=store

ui.jar

e6f76b30f46269d4c807efe064d01bb1

Java archive data (JAR)

AweSync.Mail.jar

bfc8259622ad456406e0e950412f98d2

Zip archive data, at least v2.0 to extract, compression method=deflate

log4j.properties

e42a1bc5c9efee55b6f0d22a41242b05

ASCII text, with CRLF line terminators

AweSync.Mail.exe

03e5feab36e2d8e7c7dafe7edcef9ef5

PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
VirusTotal	suspicious	VirusTotal - Scan result 4/62

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.awesync.com/downloads/AweSync.Mail-2.5.0.zip

188.114.96.1

200 OK

15 MB

URL User Request GET HTTP/2
www.awesync.com/downloads/AweSync.Mail-2.5.0.zip
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectawesync.com
Fingerprint90:45:BB:10:DB:AF:91:AE:05:1B:0E:B8:FC:D2:4B:A0:7D:6D:CC:E4
ValidityTue, 07 May 2024 03:25:46 GMT - Mon, 05 Aug 2024 03:25:45 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
15 MB (15133503 bytes)
Hash
c88ad238ccd16117523bb37ddaa78214
ea27952ceb60dbd1ad977b6f90d4de6aa0340055
c386011b8dbda8d23edd2d8e725eb4ec58b62a938364c88d5435bb81c1a66075

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 4/62

HTTP Headers

GET /downloads/AweSync.Mail-2.5.0.zip HTTP/1.1
Host: www.awesync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 11:44:49 GMT
content-type: application/zip
content-length: 15133503
last-modified: Wed, 25 Oct 2017 14:07:31 GMT
etag: "59f09aa3-e6eb3f"
expires: Wed, 07 May 2025 11:44:49 GMT
cache-control: public, max-age=31536000
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZirgqFZ57fH4jdVnjzvuIGvg7xMxEWdE0jDdnPXWvFjCfW21g%2FWLj%2FYXtxEB13uFPyBG68zy64co3qGwCaLL9jMBghSZnW77AAj0APogBYcmcCMG0txGja%2FvpS1gtJL1w38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8800f5d35e3f568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (35)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers