Report - 46-4-100-240.top/Getintopc.com/WinRAR_5.9.1.zip?md5=8vQHEWr4OJiuoi5jnbzSxw&expires=1716278866

Report Overview

Visitedpublic

2024-04-23 07:58:53

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
46-4-100-240.top	unknown	2024-01-12	2024-01-12 20:11:15	2024-04-17 17:21:14	547 B	8.5 MB	46.4.100.240

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

File detected

URL

46-4-100-240.top/Getintopc.com/WinRAR_5.9.1.zip?md5=8vQHEWr4OJiuoi5jnbzSxw&expires=1716278866

IP / ASN

46.4.100.240

#24940 Hetzner Online GmbH

File Overview

File TypeZip archive data, at least v1.0 to extract, compression method=store

Size8.5 MB (8515515 bytes)

MD50440bd51aa1374ded68b27d8440cf1ce

SHA12aa6f7f9efb1abd553e040f98791da21285fa7bd

SHA2560a0047f75afedfe2292f73595fca2d0e452f43cd83360c02074f83b02bd47791

Archive (4)

Modified	Filename	Size	MD5	File type
2024-03-23 17:07	Crack.rar	2.2 MB	fbcd0740fed6a9171e4ad89af0331d53	RAR archive data, v5
2024-03-14 16:51	Readme.txt	927 B	4c7de594b9b3d28c4b3bb93846101822	ASCII text, with CRLF line terminators
2020-06-25 00:39	winrar-x64-591.exe	3.2 MB	736892142b2449a8d03281c20caa3a39	PE32+ executable (GUI) x86-64, for MS Windows, 7 sections
2020-06-25 00:39	wrar591.exe	3.0 MB	7f5c2dc621d4510e773f30693f40c683	PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detects an SFX archive with automatic script execution
YARAhub by abuse.ch	malware	Detects an SFX archive with automatic script execution

JavaScript (0)

HTTP Transactions (1)

	URL	IP	Response	Size
	GET 46-4-100-240.top/Getintopc.com/WinRAR_5.9.1.zip?md5=8vQHEWr4OJiuoi5jnbzSxw&expires=1716278866	46.4.100.240	200 OK	8.5 MB
URL 46-4-100-240.top/Getintopc.com/WinRAR_5.9.1.zip?md5=8vQHEWr4OJiuoi5jnbzSxw&expires=1716278866 IP / ASN 46.4.100.240 #24940 Hetzner Online GmbH Requested byN/A Resource Info File typeZip archive data, at least v1.0 to extract, compression method=store First Seen2024-04-21 Last Seen2025-04-06 Times Seen18 Size8.5 MB (8515515 bytes) MD50440bd51aa1374ded68b27d8440cf1ce SHA12aa6f7f9efb1abd553e040f98791da21285fa7bd SHA2560a0047f75afedfe2292f73595fca2d0e452f43cd83360c02074f83b02bd47791 Certificate Info IssuerLet's Encrypt Subject46-4-100-240.top Fingerprint96:88:8B:4B:AC:1D:A3:9A:7C:7F:33:83:AA:68:37:77:84:F7:51:86 ValidityTue, 12 Mar 2024 19:22:17 GMT - Mon, 10 Jun 2024 19:22:16 GMT HTTP Headers GET /Getintopc.com/WinRAR_5.9.1.zip?md5=8vQHEWr4OJiuoi5jnbzSxw&expires=1716278866 HTTP/1.1 Host: 46-4-100-240.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Tue, 23 Apr 2024 07:58:26 GMT content-type: application/zip content-length: 8515515 last-modified: Sat, 23 Mar 2024 16:08:15 GMT etag: "65fefe6f-81efbb" content-disposition: attachment; filename="/Getintopc.com/WinRAR_5.9.1.zip" accept-ranges: bytes X-Firefox-Spdy: h2`

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

File detected

Detections

JavaScript (0)

HTTP Transactions (1)

HTTP Headers