Report - dl.packetstormsecurity.net/Win/STC3.zip

Report Overview

Visited public
2025-06-03 09:17:43
Tags
URL
dl.packetstormsecurity.net/Win/STC3.zip
Finishing URL
about:privatebrowsing
IP / ASN
198.84.60.200
#54876 ROKABEAR
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dl.packetstormsecurity.net	unknown	2001-04-09	2012-05-25	2025-05-29	507 B	2.7 MB	198.84.60.200

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
dl.packetstormsecurity.net/Win/STC3.zip
IP
198.84.60.200
ASN
#54876 ROKABEAR

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.7 MB (2659600 bytes)
Hash
ec404986eb565969ca36e04946f4a252
0d039dcccea38e73454b4702331f658f063696a8
b9f0c6897072c8793d04a9bf3f0836ee4b916a00f2aeb152ba45bb29fd8e5a26

Archive (15)

Filename

Md5

File type

STDOLE2.TLB

5d47465862987fc1d3c36f380b7f4d47

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

COMCAT.DLL

350fcb4ed44af46f28cfaafa37543e3e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

COMDLG32.OCX

169d623c2c604e17e9517f08ae9d16eb

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

DNSLookUp.ocx

579535f32efe5c1968807a2b65f8a56e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

LiesMich.txt

b99f6c5207202b015bcd369f71418835

ISO-8859 text, with CRLF line terminators

MSINET.OCX

7bec181a21753498b6bd001c42a42722

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

MSVBVM60.DLL

faa00af796756ca72a967f625e8e3042

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 5 sections

MSWINSCK.OCX

9484c04258830aa3c2f2a70eb041414c

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

OLEAUT32.DLL

0d303488cce054204c323c37657afa34

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

OLEPRO32.DLL

6568cb4adca8e02088b4b5f37f9e938e

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

Readme.txt

d521a122c9bb13d04de28de5fc9b5bef

ASCII text, with CRLF line terminators

STC.exe

d63b00364271662b9efc555853471c5b

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

ASYCFILT.DLL

ed69e7efaaf20afe0258f3c46d572a99

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

VB6STKIT.DLL

0d756d068cb6fa4ea0d85acd36e40a66

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

wordlist.dic

3c7bc5438d452996f4322e2443c20aef

ASCII text

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table
YARAhub by abuse.ch	malware	Detect pe file that no import table
VirusTotal	malicious	VirusTotal - Scan result 39/68

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

dl.packetstormsecurity.net/Win/STC3.zip

198.84.60.200

200 OK

2.7 MB

URL User Request GET
dl.packetstormsecurity.net/Win/STC3.zip
IP
198.84.60.200:443
ASN
#54876 ROKABEAR

Certificate
IssuerLet's Encrypt
Subjectpacketstormsecurity.com
Fingerprint2D:26:AD:D3:1A:24:77:25:B5:C4:8C:8C:AB:C5:25:11:44:48:9A:F9
ValiditySun, 11 May 2025 08:00:22 GMT - Sat, 09 Aug 2025 08:00:21 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.7 MB (2659600 bytes)
Hash
ec404986eb565969ca36e04946f4a252
0d039dcccea38e73454b4702331f658f063696a8
b9f0c6897072c8793d04a9bf3f0836ee4b916a00f2aeb152ba45bb29fd8e5a26

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 39/68

HTTP Headers

GET /Win/STC3.zip HTTP/1.1
Host: dl.packetstormsecurity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 03 Jun 2025 09:17:19 GMT
Server: Apache/2.4.52 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 05 May 2000 00:13:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Disposition: attachment
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/zip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (15)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers