Report - dmitrybrant.com/files/pngview.zip

Report Overview

Submitted URL
dmitrybrant.com/files/pngview.zip
IP
69.163.236.9
ASN
#26347 DREAMHOST-AS
Submitted
2024-05-07 08:52:16
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dmitrybrant.com	unknown	2000-03-10	2012-08-20	2023-03-20	487 B	62 kB	69.163.236.9

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
dmitrybrant.com/files/pngview.zip
IP
69.163.236.9
ASN
#26347 DREAMHOST-AS

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
61 kB (61214 bytes)
Hash
a396c93b04abe9522bbe972c2faf4c49
4debbf84c01c216cd43c4a38003940b49e35da35
4dbdff8a0da32dac86385d7d7a6502ddc21e8e88839e934e2a20aad68a268d48

Archive (7)

Filename

Md5

File type

pngview.exe

1659cb34f89e790781ea94947440386b

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

zlib32.dll

2392d684644606972b408967405cfa88

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

Form1.frm

88d6be90d864d55709239be5cb699a68

ASCII text, with CRLF line terminators

Form2.frm

06fe9605bc5051dcfaaa985e1e29a64d

ASCII text, with CRLF line terminators

PngView.bas

2745b92c60b3e9aac61250a725d6b009

ASCII text, with CRLF line terminators

PngView.vbp

dca842f03fed3a9705738e08d2901598

ASCII text, with CRLF line terminators

PngView.vbw

8fc8b67398c6f1be60bb28fb3286093b

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/63

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

dmitrybrant.com/files/pngview.zip

69.163.236.9

200 OK

61 kB

URL User Request GET HTTP/2
dmitrybrant.com/files/pngview.zip
IP
69.163.236.9:443
ASN
#26347 DREAMHOST-AS

Certificate
IssuerLet's Encrypt
Subjectwww.dmitrybrant.com
Fingerprint02:A1:7A:9A:E3:62:B1:D0:A7:B9:52:F4:54:9B:56:EF:05:04:5E:C9
ValiditySat, 20 Apr 2024 11:56:02 GMT - Fri, 19 Jul 2024 11:56:01 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
61 kB (61214 bytes)
Hash
a396c93b04abe9522bbe972c2faf4c49
4debbf84c01c216cd43c4a38003940b49e35da35
4dbdff8a0da32dac86385d7d7a6502ddc21e8e88839e934e2a20aad68a268d48

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/63

HTTP Headers

GET /files/pngview.zip HTTP/1.1
Host: dmitrybrant.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 08:51:51 GMT
server: Apache
last-modified: Sat, 18 Mar 2023 18:58:14 GMT
etag: "ef1e-5f73146a85ecf"
accept-ranges: bytes
content-length: 61214
cache-control: max-age=172800
expires: Thu, 09 May 2024 08:51:51 GMT
vary: User-Agent
content-type: application/zip
X-Firefox-Spdy: h2