Report - bcalc.w8.pl/download/bcalc13010

Report Overview

Submitted URL
bcalc.w8.pl/download/bcalc13010_win32.zip
IP
79.190.140.146
ASN
#5617 Orange Polska Spolka Akcyjna
Submitted
2024-05-07 12:02:16
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
5

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bcalc.w8.pl	unknown	2003-08-05	2017-04-03	2023-12-31	411 B	3.0 MB	79.190.140.146

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
bcalc.w8.pl/download/bcalc13010_win32.zip
IP
79.190.140.146
ASN
#5617 Orange Polska Spolka Akcyjna

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
3.0 MB (3035360 bytes)
Hash
148ac888355bb6744dac2490dd6f7863
9f0d520f4a930ada5a17e7abef0d6877f951f45a
27291ea66c692e086b9b1c6e0315e58a19c99736e7320afeeda7e4d8cc06677a

Archive (21)

Filename

Md5

File type

README.txt

8bce1d26540abe915ebf0d4e43476b1e

ASCII text, with CRLF line terminators

bcalcgui.exe

10fc3087f865f59f6f22c69671623839

PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections

bcalconsole.exe

fe286bd1c300774b05dba1937ecfa3f4

PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections

bbo_vugraph.lua

c8890f7d9cd252cab0dce8b8a4e13446

HTML document, ASCII text

lodz_bez_atu.lua

757bdc791ba4739473be535ebf4e055f

Unicode text, UTF-8 text

lodz_zarzewie.lua

f1fd48bf62b6381b9273088541ccb708

Unicode text, UTF-8 text

pzbs_GPPPar.lua

deac8e003395eb14590f0ee2083ae485

ASCII text

pzbs_wyn.lua

c31a7ecec4e911e23da114fa05791580

HTML document, ASCII text

radom.lua

3d7ba6c69b8a5a51670178594adb4adb

ASCII text

bcalcgui.mo

32acc5725c75558604aa481bf1f4572a

GNU message catalog (little endian), revision 0.0, 75 messages, Project-Id-Version: bcalcgui ' rozg. EAST'

bcalconsole.mo

3069b637be9c101dc656cd458bc170ba

GNU message catalog (little endian), revision 0.0, 25 messages, Project-Id-Version: bcalconsole ' sek'

guicommon.mo

0504e7794e34d0618c2723c1365854b8

GNU message catalog (little endian), revision 0.0, 12 messages, Project-Id-Version: guicommon '&Anuluj'

sdsolvergui.mo

7d61742a0f5ac7bc5740a075fb4bc45d

GNU message catalog (little endian), revision 0.0, 29 messages, Project-Id-Version: sdsolvergui '<'

libboost_regex-mgw46-mt-1_48.dll

3a897ae9be0d82108c53ba60a85ac78e

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 20 sections

libboost_thread-mgw46-mt-1_48.dll

609cc2642b9bd0c7eb57520b90924b05

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 20 sections

libcurl-4.dll

fc915de58894fb60e96b5aafec012f72

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 17 sections

libgcc_s_dw2-1.dll

c4b4409f186da70fcf2bcc60d5f05489

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 7 sections

libiconv-2.dll

c56f8afa71e6c827f77defbe07f378e2

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 18 sections

libintl-8.dll

5f919f43a99bd228db0418aaaf16c992

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 18 sections

libstdc++-6.dll

6ea6167ea40d237ad2e28b8d9252abe1

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

singledummy.exe

cc0e5b1d94503f403f07a624d2c033c3

PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_stackstrings
VirusTotal	suspicious	VirusTotal - Scan result 1/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

bcalc.w8.pl/download/bcalc13010_win32.zip

79.190.140.146

200 OK

3.0 MB

URL User Request GET HTTP/1.1
bcalc.w8.pl/download/bcalc13010_win32.zip
IP
79.190.140.146:80
ASN
#5617 Orange Polska Spolka Akcyjna

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
3.0 MB (3035360 bytes)
Hash
148ac888355bb6744dac2490dd6f7863
9f0d520f4a930ada5a17e7abef0d6877f951f45a
27291ea66c692e086b9b1c6e0315e58a19c99736e7320afeeda7e4d8cc06677a

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/65

HTTP Headers

GET /download/bcalc13010_win32.zip HTTP/1.1
Host: bcalc.w8.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 12:01:49 GMT
Server: Apache/2.4.59 (Debian)
Last-Modified: Sat, 05 Jan 2013 21:50:37 GMT
ETag: "2e50e0-4d2919616a540"
Accept-Ranges: bytes
Content-Length: 3035360
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (21)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers