| www.rarlab.com/rar/winrar-x64-623.exe |  51.195.68.162 | 200 OK | 3.6 MB |
URL User Request GET HTTP/2www.rarlab.com/rar/winrar-x64-623.exe IP51.195.68.162:443
CertificateIssuerLet's Encrypt Subjectrarlab.com Fingerprint6C:33:63:EB:26:F7:27:5C:B6:00:8E:09:C2:B4:2A:2F:9D:49:7A:E3 ValidityTue, 25 Jul 2023 21:11:05 GMT - Mon, 23 Oct 2023 21:11:04 GMT
File typePE32+ executable (GUI) x86-64, for MS Windows\012- data Size3.6 MB (3595296 bytes) Hash3ed4b9fbeb6f8d08c3d411e996257623 73ac7dc89458debcf42d63db71ce31fa481fec29 3d019e60c0def88892ad89023d2e15133fc940fef140faeeaa414ad38f8ef3bf
| Analyzer | Verdict | Alert |
|---|
| YARAhub by abuse.ch | malware | Detects an SFX archive with automatic script execution |
GET /rar/winrar-x64-623.exe HTTP/1.1
Host: www.rarlab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 10 Aug 2023 07:15:45 GMT
server: Apache
last-modified: Tue, 01 Aug 2023 09:26:48 GMT
etag: "36dc20-601d92571a600"
accept-ranges: bytes
content-length: 3595296
content-type: application/octet-stream
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
X-Firefox-Spdy: h2
|
| en.winrar-full.com/go/?https://www.rarlab.com/rar/winrar-x64-623.exe |  188.114.96.1 | 302 Found | 3.6 MB |
URL User Request GET HTTP/2en.winrar-full.com/go/?https://www.rarlab.com/rar/winrar-x64-623.exe IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectwinrar-full.com Fingerprint07:DC:A9:D9:91:3E:4F:70:6E:2E:4B:00:92:3E:D2:44:8D:9F:0C:4A ValidityWed, 21 Jun 2023 16:50:51 GMT - Tue, 19 Sep 2023 16:50:50 GMT
Size3.6 MB (3595296 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/?https://www.rarlab.com/rar/winrar-x64-623.exe HTTP/1.1
Host: en.winrar-full.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 10 Aug 2023 07:15:45 GMT
content-type: text/html; charset=UTF-8
location: https://www.rarlab.com/rar/winrar-x64-623.exe
x-powered-by: PHP/7.4.29
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leNmrmPuwcr0P0vCczi%2FmHauFIdjs3mXSVt7FsG%2B6n9XBT%2BZI%2FFW%2BfuuRSDEIA6vfhGTS7HgATP%2FJurFCKq604%2BH7Ns1Y6B9b1oUeVSscYJehwaLx4iMtG7wFSUlURI6ps66328%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f46730f6fb2b515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|