Report - dl.cube-soft.jp/archive/cubepdf-utility-4.1.1.exe

Report Overview

Visitedpublic

2024-10-25 09:55:53

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
dl.cube-soft.jp	unknown	2010-05-08	2022-06-24	2024-10-24	503 B	13 MB	133.167.91.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-10-25	medium	dl.cube-soft.jp/archive/cubepdf-utility-4.1.1.exe	pe_detect_tls_callbacks

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

dl.cube-soft.jp/archive/cubepdf-utility-4.1.1.exe

IP / ASN

133.167.91.226

#9371 SAKURA Internet Inc.

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, 10 sections

Size13 MB (12758376 bytes)

MD5a785c9ded654011a98935cec15284fc0

SHA1c4b8c6c614a5d31fb03946d5d96dbfd6b2c99e2d

SHA256e5bf243a5844fd8eca55b4d36a71f9884bc6fb79194b44f57d2fbff168a891fb

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	pe_detect_tls_callbacks

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET dl.cube-soft.jp/archive/cubepdf-utility-4.1.1.exe

133.167.91.226

200 OK

13 MB

URL User Request GET HTTPS

dl.cube-soft.jp/archive/cubepdf-utility-4.1.1.exe

IP / ASN

133.167.91.226

#9371 SAKURA Internet Inc.

Requested byN/A

Resource Info

File typePE32 executable (GUI) Intel 80386, for MS Windows, 10 sections

First Seen2024-10-24

Last Seen2024-10-29

Times Seen5

Size13 MB (12758376 bytes)

MD5a785c9ded654011a98935cec15284fc0

SHA1c4b8c6c614a5d31fb03946d5d96dbfd6b2c99e2d

SHA256e5bf243a5844fd8eca55b4d36a71f9884bc6fb79194b44f57d2fbff168a891fb

Certificate Info

IssuerSectigo Limited

Subject*.cube-soft.jp

Fingerprint7F:94:FE:32:4B:43:46:33:01:0E:EC:EA:AE:05:4D:37:67:DA:C5:8B

ValidityMon, 04 Mar 2024 00:00:00 GMT - Thu, 03 Apr 2025 23:59:59 GMT

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	pe_detect_tls_callbacks

HTTP Headers

GET /archive/cubepdf-utility-4.1.1.exe HTTP/1.1
Host: dl.cube-soft.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Oct 2024 09:55:28 GMT
Content-Type: application/octet-stream
Content-Length: 12758376
Last-Modified: Thu, 24 Oct 2024 00:41:59 GMT
Connection: keep-alive
ETag: "671997d7-c2ad68"
Accept-Ranges: bytes