| GET uup.rg-adguard.net/dl/aria2/aria2c_x86.exe | 172.67.174.18 | 200 OK | 4.8 MB |
URL User Request GET HTTP/2uup.rg-adguard.net/dl/aria2/aria2c_x86.exe IP 172.67.174.18:443
CertificateIssuerGoogle Trust Services Subjectrg-adguard.net Fingerprint25:A0:A5:06:5B:31:64:13:76:D9:B2:16:F2:62:B2:95:AF:A6:63:08 ValidityThu, 12 Sep 2024 09:30:18 GMT - Wed, 11 Dec 2024 09:30:17 GMT
File typePE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 7 sections Size4.8 MB (4810752 bytes) Hash717d0f91d78f95fa0e9a43474eff12ba e95f036d1298e564c3cac417d6710abe3f1fdf6c 1677867238f99fc42a05130198140fff5ea7d26496b1b796578de671593d280b
Analyzer | Verdict | Alert | YARAhub by abuse.ch | malware | meth_stackstrings | YARAhub by abuse.ch | malware | pe_detect_tls_callbacks |
GET /dl/aria2/aria2c_x86.exe HTTP/1.1
Host: uup.rg-adguard.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Nov 2024 12:42:30 GMT
content-type: application/octet-stream
content-length: 4810752
last-modified: Wed, 08 Nov 2017 12:47:56 GMT
etag: "496800-55d7818bc3700"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulzPKmLGFBNX0asv%2BhJP0KzROGgV32QR4QMuswG%2BT8j%2Fi5PVxmNu%2BzvigEnbiY%2BW%2FFzXXW%2FqwKa%2BrazmZ1%2BR5tG73wVRwaR5Cim2D2nDzfkx4KNJM3Phit1GaLvjtj8FIKp8FvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8dc434741a337260-HAM
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=22114&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3283&recv_bytes=1266&delivery_rate=205254&cwnd=252&unsent_bytes=0&cid=2ae3886745d99f64&ts=66&x=0"
X-Firefox-Spdy: h2
|