Report - www.chat.ru/~vn

Report Overview

Submitted URL
www.chat.ru/~vn_alex/wintop.zip
IP
77.244.218.84
ASN
#50340 OOO Network of data-centers Selectel
Submitted
2024-05-07 22:52:28
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.chat.ru	unknown	1996-11-05	2017-02-03	2020-10-15	401 B	431 B	77.244.218.84
vn-alex.chat.ru	unknown	1996-11-05	2013-09-24	2019-01-28	396 B	14 kB	77.244.218.85

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
vn-alex.chat.ru/wintop.zip
IP
77.244.218.85
ASN
#50340 OOO Network of data-centers Selectel

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
14 kB (14096 bytes)
Hash
d2e18d6bb2609acf264178f0c316ce5d
dbb9a443eb3922040af3c7682a64c587d01862d3
e72a8cb6c536c846f1a7ff082aad85ac7e8201c2ac2f9dc7d0eef8144ed91816

Archive (6)

Filename

Md5

File type

Wintop.vxd

b58625a64a886de59a5ec6a218d2ae50

MS-DOS executable, LE executable for MS Windows (VxD)

Wintop.exe

bca0c4fe032ccc34df12f171827dd7bc

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

Wintop.inf

12b88e2a5766eb9428c5078831bec306

Windows setup INFormation

Wintop.txt

d9bf8446783ad5cf2c46c169575389f5

ASCII text, with CRLF line terminators

Readme.txt

28c0b03c29e920c51c2c2bbbe590db78

ASCII text, with CRLF line terminators

file_id.diz

5f6144d12de93abdf4877730b68a0916

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/64

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

www.chat.ru/~vn_alex/wintop.zip

77.244.218.84

302 Found

217 B

URL User Request GET HTTP/1.1
www.chat.ru/~vn_alex/wintop.zip
IP
77.244.218.84:80
ASN
#50340 OOO Network of data-centers Selectel

File type
HTML document, ASCII text
Size
217 B (217 bytes)
Hash
ce8fa90e902a2b04438e04bdc3f55856
8cada8703c5158d0e84f6a5d760531df78417dbd
06ced3c31486c6c9bfb4b1ce6fe7b8008f4e0eb5afdeb1ad8ce6a75e9cdd2e2e

HTTP Headers

GET /~vn_alex/wintop.zip HTTP/1.1
Host: www.chat.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/0.7.67
Date: Tue, 07 May 2024 22:52:01 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Location: http://vn-alex.chat.ru/wintop.zip
Content-Length: 217

vn-alex.chat.ru/wintop.zip

77.244.218.85

200 OK

14 kB

URL User Request GET HTTP/1.1
vn-alex.chat.ru/wintop.zip
IP
77.244.218.85:80
ASN
#50340 OOO Network of data-centers Selectel

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
14 kB (14096 bytes)
Hash
d2e18d6bb2609acf264178f0c316ce5d
dbb9a443eb3922040af3c7682a64c587d01862d3
e72a8cb6c536c846f1a7ff082aad85ac7e8201c2ac2f9dc7d0eef8144ed91816

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/64

HTTP Headers

GET /wintop.zip HTTP/1.1
Host: vn-alex.chat.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 07 May 2024 22:52:02 GMT
Content-Type: application/zip
Content-Length: 14096
Last-Modified: Tue, 21 Jul 2015 16:41:56 GMT
Connection: keep-alive
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (6)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers