Report - www.cultix.com/prog/percel/percel50.zip

Report Overview

Submitted URL
www.cultix.com/prog/percel/percel50.zip
IP
62.210.16.61
ASN
#12876 Scaleway S.a.s.
Submitted
2024-04-24 20:44:34
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.cultix.com	unknown	2000-04-10	2014-10-25	2023-11-10	409 B	874 kB	62.210.16.61

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.cultix.com/prog/percel/percel50.zip
IP
62.210.16.61
ASN
#12876 Scaleway S.a.s.

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
874 kB (874063 bytes)
Hash
66c05fbd5635de117b25ba62abf2bb56
628098cb10542559d3ca25d23d26f07559e156e2
1b9b8bb97e2a888cc3a5009e40ed85db87999d521c9af822bb6936391fad097c

Archive (7)

Filename

Md5

File type

percel50.exe

7bf68b4d1fbc140d336e394bc14dfc85

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

prcinf.dat

8dff2a9ce84d0710f845cd9e1aff52e9

ISO-8859 text, with CRLF line terminators

prcsco.dat

3dba25fa610f916aca8e3d1ec8c21b20

CSV text

VB6FR.DLL

c845380c64f8db0538eb4af4689ec2f7

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections

VB6STKIT.DLL

f553fcc870628ec30a2674b5831c3cce

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

MSVBVM60.DLL

8d4e57dc2a426ca2fb79bc1900f7b544

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 5 sections

percel.dat

a3ca5cd43098b8c994cd05f36e98ccee

CSV text

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	www.cultix.com/prog/percel/percel50.zip	62.210.16.61	200 OK	874 kB
URL User Request GET HTTP/1.1 www.cultix.com/prog/percel/percel50.zip IP 62.210.16.61:80 ASN #12876 Scaleway S.a.s. File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 874 kB (874063 bytes) Hash 66c05fbd5635de117b25ba62abf2bb56 628098cb10542559d3ca25d23d26f07559e156e2 1b9b8bb97e2a888cc3a5009e40ed85db87999d521c9af822bb6936391fad097c HTTP Headers `GET /prog/percel/percel50.zip HTTP/1.1 Host: www.cultix.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Wed, 24 Apr 2024 20:44:08 GMT Content-Type: application/zip Content-Length: 874063 Connection: keep-alive Last-Modified: Sun, 02 Jan 2011 15:18:08 GMT ETag: "d564f-498de8afd5d27" Accept-Ranges: bytes`

www.cultix.com/prog/percel/percel50.zip

62.210.16.61

200 OK

874 kB

URL User Request GET HTTP/1.1
www.cultix.com/prog/percel/percel50.zip
IP
62.210.16.61:80
ASN
#12876 Scaleway S.a.s.

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
874 kB (874063 bytes)
Hash
66c05fbd5635de117b25ba62abf2bb56
628098cb10542559d3ca25d23d26f07559e156e2
1b9b8bb97e2a888cc3a5009e40ed85db87999d521c9af822bb6936391fad097c

HTTP Headers

GET /prog/percel/percel50.zip HTTP/1.1
Host: www.cultix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 20:44:08 GMT
Content-Type: application/zip
Content-Length: 874063
Connection: keep-alive
Last-Modified: Sun, 02 Jan 2011 15:18:08 GMT
ETag: "d564f-498de8afd5d27"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (7)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers