Report - tk-chel.ru/download/AG_4_0

Report Overview

Submitted URL
tk-chel.ru/download/AG_4_0_6.zip
IP
91.225.124.26
ASN
#202800 TechnoKom Ltd
Submitted
2024-03-28 07:51:52
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tk-chel.ru	unknown	2005-01-19	2013-06-07	2024-03-28	486 B	5.9 MB	91.225.124.26

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
tk-chel.ru/download/AG_4_0_6.zip
IP
91.225.124.26
ASN
#202800 TechnoKom Ltd

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
5.9 MB (5911343 bytes)
Hash
bc5a3caaec7c37260808607e08932a9e
587f34b053deb12280a5ba9c4e3bc9d505249597
3496c94bc8555437de33f6610d8bca57a2b80f923817bbe1396c4cfaa4f8ab41

Archive (13)

Filename

Md5

File type

ReportCorrector.exe

93584ab94d91db5a389e64d6dfab4b94

PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

CityGuide.dll

a5dce71c16def582bdd0b3eed1967cf7

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 7 sections

ExtraParams.dll

6cf5c064438b25ce1b31a492d04f87f7

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 7 sections

InternetMaps.dll

cbb60d8c4811e90c3ac76894ab949150

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 7 sections

Maler.dll

7dc8d91e779679a6aeed600b774be240

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 7 sections

sqlite3.dll

f95ecb1014817b02b408b57db6e72ce9

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 8 sections

SuperMaler.dll

a7c4848ddd95109e38e48333b32a6a37

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 7 sections

AGNotifier.exe

255e21431a4d5c0a31c821caec7cbb46

PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections

AutoGRAPH.exe

a31a4aaa7170db739b7ede8ef972b9e7

PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections

MapsUrls.ini

15580eba9c821e8b8393f9ff347a8930

ASCII text, with very long lines (630), with CRLF line terminators

WhatsNew.rtf

0a1424c662d9465168c9823468f675a6

Rich Text Format data, version 1, ANSI, code page 1251, default language ID 1049

ExpressConverter.exe

ad37419c5ded011d83a89f744913ea5d

PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 8 sections

AGUSB.dll

f4a20db6ec8676eaf607096bade7f1f7

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 7 sections

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	tk-chel.ru/download/AG_4_0_6.zip	91.225.124.26	200 OK	5.9 MB
URL User Request GET HTTP/1.1 tk-chel.ru/download/AG_4_0_6.zip IP 91.225.124.26:443 ASN #202800 TechnoKom Ltd Certificate IssuerLet's Encrypt Subjecttk-chel.ru FingerprintB6:17:54:77:D6:5F:5E:E7:8F:C2:83:58:CC:75:CF:94:78:FD:01:1D ValidityMon, 26 Feb 2024 07:09:56 GMT - Sun, 26 May 2024 07:09:55 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 5.9 MB (5911343 bytes) Hash bc5a3caaec7c37260808607e08932a9e 587f34b053deb12280a5ba9c4e3bc9d505249597 3496c94bc8555437de33f6610d8bca57a2b80f923817bbe1396c4cfaa4f8ab41 HTTP Headers `GET /download/AG_4_0_6.zip HTTP/1.1 Host: tk-chel.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 28 Mar 2024 07:51:25 GMT Server: Apache/2.4.56 (Debian) Last-Modified: Thu, 05 Mar 2020 11:09:28 GMT ETag: "5a332f-5a019920adea5" Accept-Ranges: bytes Content-Length: 5911343 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/zip`

tk-chel.ru/download/AG_4_0_6.zip

91.225.124.26

200 OK

5.9 MB

URL User Request GET HTTP/1.1
tk-chel.ru/download/AG_4_0_6.zip
IP
91.225.124.26:443
ASN
#202800 TechnoKom Ltd

Certificate
IssuerLet's Encrypt
Subjecttk-chel.ru
FingerprintB6:17:54:77:D6:5F:5E:E7:8F:C2:83:58:CC:75:CF:94:78:FD:01:1D
ValidityMon, 26 Feb 2024 07:09:56 GMT - Sun, 26 May 2024 07:09:55 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
5.9 MB (5911343 bytes)
Hash
bc5a3caaec7c37260808607e08932a9e
587f34b053deb12280a5ba9c4e3bc9d505249597
3496c94bc8555437de33f6610d8bca57a2b80f923817bbe1396c4cfaa4f8ab41

HTTP Headers

GET /download/AG_4_0_6.zip HTTP/1.1
Host: tk-chel.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 07:51:25 GMT
Server: Apache/2.4.56 (Debian)
Last-Modified: Thu, 05 Mar 2020 11:09:28 GMT
ETag: "5a332f-5a019920adea5"
Accept-Ranges: bytes
Content-Length: 5911343
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (13)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers