| www.smartftp.com/get/SFTPMSI86.exe | 148.251.142.74 | 301 Moved Permanently | 171 B |
URL User Request GET HTTP/2www.smartftp.com/get/SFTPMSI86.exe IP148.251.142.74:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subject*.smartftp.com Fingerprint65:41:46:95:BE:B9:23:79:D1:6B:82:4C:25:15:68:E8:5C:D8:BA:9A ValidityTue, 02 Apr 2024 02:16:02 GMT - Mon, 01 Jul 2024 02:16:01 GMT
File typeHTML document, ASCII text Hash597e7b74a22b91eb5869fc63e112f836 ce3965e9a2c725cdda8023167ab669664e2b6ee7 083bc0915d175bd0489fd599395533c363f3f9f52cd628fbc7216617d79bb5a1
GET /get/SFTPMSI86.exe HTTP/1.1
Host: www.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.smartftp.com/get/Client?platform=x86
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
date: Fri, 26 Apr 2024 05:31:34 GMT
content-length: 171
X-Firefox-Spdy: h2
|
| www.smartftp.com/get/Client?platform=x86 | 148.251.142.74 | 302 Found | 0 B |
URL User Request GET HTTP/2www.smartftp.com/get/Client?platform=x86 IP148.251.142.74:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subject*.smartftp.com Fingerprint65:41:46:95:BE:B9:23:79:D1:6B:82:4C:25:15:68:E8:5C:D8:BA:9A ValidityTue, 02 Apr 2024 02:16:02 GMT - Mon, 01 Jul 2024 02:16:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/Client?platform=x86 HTTP/1.1
Host: www.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://static.smartftp.com/static/Products/Client/10.0.3050.0/x86/SmartFTP-Setup.exe
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
date: Fri, 26 Apr 2024 05:31:34 GMT
content-length: 0
X-Firefox-Spdy: h2
|
| static.smartftp.com/static/Products/Client/10.0.3050.0/x86/SmartFTP-Setup.exe | 104.21.12.126 | 200 OK | 786 kB |
URL User Request GET HTTP/2static.smartftp.com/static/Products/Client/10.0.3050.0/x86/SmartFTP-Setup.exe IP104.21.12.126:443
CertificateIssuerLet's Encrypt Subjectsmartftp.com FingerprintCA:D2:C3:BA:44:F6:84:DE:A8:B8:83:75:39:E1:D0:1A:1C:6B:77:B5 ValidityThu, 07 Mar 2024 13:13:40 GMT - Wed, 05 Jun 2024 13:13:39 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections Size786 kB (786432 bytes) Hash120f91f742a782b74482e15e20283b49 998514c8d5c20d83935275709a03f45d07c35192 66ae713f04303dbdfe3f0bc982247c13a4fb392273591fe6dac0ea22ff5e0187
Analyzer | Verdict | Alert | YARAhub by abuse.ch | malware | Detect files is `SliverFox` malware | YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
GET /static/Products/Client/10.0.3050.0/x86/SmartFTP-Setup.exe HTTP/1.1
Host: static.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 05:31:36 GMT
content-type: application/octet-stream
content-length: 11697360
last-modified: Sat, 17 Dec 2022 05:21:21 GMT
etag: "66b04066d711d91:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
cache-control: max-age=7200
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a42ffd2c5a5693-OSL
X-Firefox-Spdy: h2
|