Report - www.advanced.info/adscan.zip

Report Overview

Submitted URL
www.advanced.info/adscan.zip
IP
185.65.4.93
ASN
#21235 ADVANCED Systemhaus GmbH
Submitted
2024-04-25 06:36:29
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.advanced.info	unknown	2001-07-26	2015-11-22	2023-07-17	482 B	3.9 MB	185.65.4.93

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.advanced.info/adscan.zip
IP
185.65.4.93
ASN
#21235 ADVANCED Systemhaus GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
3.9 MB (3942416 bytes)
Hash
c482d17face12a70c51063e35983bbb8
09bd065edb0ff7d1c699dfa89be8e8dd42963da0
502919298895b913e5b5570feea9666980443dc478bfbdcfed7099d4cb9052de

Archive (12)

Filename

Md5

File type

license.rtf

75b29725bdd80341c84bc70bffd45be4

Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1036

Newtonsoft.Json.dll

081d9558bbb7adce142da153b2d5577a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

PingCastle v3.0.0.pdf

c8f501513b29fb8194a6e02b8f16042f

PDF document, version 1.7, 38 pages

PingCastle.exe

9ccd89413d4e92a7d15b675bb99ebbaf

PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

PingCastle.exe.config

90134fa2c58ebd629e737c78ad2281e1

XML 1.0 document, ASCII text, with very long lines (1057), with CRLF line terminators

PingCastle.pdb

0eca0a4dcf35796791a7e389a8c8c7d7

MSVC program database ver 7.00, 512*4723 bytes

PingCastleAutoUpdater.exe

f899acf132b27e3c0ecce2193ee04cbe

PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

PingCastleAutoUpdater.exe.config

2576603029cc507f8b59c2094c7bac36

XML 1.0 document, ASCII text, with CRLF line terminators

PingCastleAutoUpdater.pdb

bcd63f08524588a816486e4b358b932c

MSVC program database ver 7.00, 512*47 bytes

PingCastleCloud.exe

f2540d333d67db8149f425187c801b4c

PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

PingCastleCloud.exe.config

67762b7cb7020311866b7d28c9408454

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

PingCastleCloud.pdb

3e3198d1594bc79cebcc88370122782d

MSVC program database ver 7.00, 512*1711 bytes

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects .NET red/black-team tools via typelibguid

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	www.advanced.info/adscan.zip	185.65.4.93	200 OK	3.9 MB
URL User Request GET HTTP/2 www.advanced.info/adscan.zip IP 185.65.4.93:443 ASN #21235 ADVANCED Systemhaus GmbH Certificate IssuerGlobalSign nv-sa Subject.advanced.info Fingerprint9B:2A:FA:A2:56:E7:97:10:DA:E9:39:E1:77:B4:27:62:01:87:84:0A ValidityMon, 22 May 2023 08:48:10 GMT - Sat, 22 Jun 2024 08:48:09 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 3.9 MB (3942416 bytes) Hash c482d17face12a70c51063e35983bbb8 09bd065edb0ff7d1c699dfa89be8e8dd42963da0 502919298895b913e5b5570feea9666980443dc478bfbdcfed7099d4cb9052de HTTP Headers `GET /adscan.zip HTTP/1.1 Host: www.advanced.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Thu, 25 Apr 2024 06:36:01 GMT content-type: application/zip content-length: 3942416 last-modified: Wed, 24 Apr 2024 15:51:25 GMT vary: Accept-Encoding etag: "66292a7d-3c2810" accept-ranges: bytes X-Firefox-Spdy: h2`

www.advanced.info/adscan.zip

185.65.4.93

200 OK

3.9 MB

URL User Request GET HTTP/2
www.advanced.info/adscan.zip
IP
185.65.4.93:443
ASN
#21235 ADVANCED Systemhaus GmbH

Certificate
IssuerGlobalSign nv-sa
Subject*.advanced.info
Fingerprint9B:2A:FA:A2:56:E7:97:10:DA:E9:39:E1:77:B4:27:62:01:87:84:0A
ValidityMon, 22 May 2023 08:48:10 GMT - Sat, 22 Jun 2024 08:48:09 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
3.9 MB (3942416 bytes)
Hash
c482d17face12a70c51063e35983bbb8
09bd065edb0ff7d1c699dfa89be8e8dd42963da0
502919298895b913e5b5570feea9666980443dc478bfbdcfed7099d4cb9052de

HTTP Headers

GET /adscan.zip HTTP/1.1
Host: www.advanced.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 06:36:01 GMT
content-type: application/zip
content-length: 3942416
last-modified: Wed, 24 Apr 2024 15:51:25 GMT
vary: Accept-Encoding
etag: "66292a7d-3c2810"
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (12)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers