Report - www.workerscollection.com/download/wcoll/MagniGlassWorker

Report Overview

Submitted URL
www.workerscollection.com/download/wcoll/MagniGlassWorker_setup.zip
IP
168.119.38.214
ASN
#24940 Hetzner Online GmbH
Submitted
2024-05-05 20:38:11
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.workerscollection.com	unknown	2005-12-27	2012-07-03	2019-03-24	521 B	598 kB	168.119.38.214

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.workerscollection.com/download/wcoll/MagniGlassWorker_setup.zip
IP
168.119.38.214
ASN
#24940 Hetzner Online GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
598 kB (598020 bytes)
Hash
71d8c27a85a8344010295dc054d91148
8d3b5a762bd1d2d1f512cd13494e78feee7e1ac3
4128089f06a1f3ba5a024c52a5911aef2f875a759a8f163a82847b07806521ac

Archive (5)

Filename

Md5

File type

ReadMe-Rus.txt

99b54f158f13dac3b5e68638f1dc36c7

ISO-8859 text, with very long lines (301), with CRLF line terminators

Setup_MagniGlass.exe

8eb18260693c71c933e73e8ceeef46b8

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

file_id.diz

511be95ecc68e5dc6d530b1f4e06aae5

ISO-8859 text, with very long lines (398), with CRLF line terminators

pad_file.xml

4a14057f799d5e0645c83d615ef296ac

XML 1.0 document, Unicode text, UTF-8 text, with very long lines (503), with CRLF line terminators

ReadMe.txt

d694a322395c70ead1ccca7f7f63ef46

ASCII text, with very long lines (337), with CRLF, NEL line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/62

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.workerscollection.com/download/wcoll/MagniGlassWorker_setup.zip

168.119.38.214

200 OK

598 kB

URL User Request GET HTTP/2
www.workerscollection.com/download/wcoll/MagniGlassWorker_setup.zip
IP
168.119.38.214:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectmail.workerscollection.com
FingerprintDA:D7:C5:12:02:31:E6:E1:6B:D4:98:55:FE:9C:0F:CC:28:24:6D:9C
ValiditySat, 06 Apr 2024 10:11:04 GMT - Fri, 05 Jul 2024 10:11:03 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
598 kB (598020 bytes)
Hash
71d8c27a85a8344010295dc054d91148
8d3b5a762bd1d2d1f512cd13494e78feee7e1ac3
4128089f06a1f3ba5a024c52a5911aef2f875a759a8f163a82847b07806521ac

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/62

HTTP Headers

GET /download/wcoll/MagniGlassWorker_setup.zip HTTP/1.1
Host: www.workerscollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 30 Aug 2012 05:44:13 GMT
etag: "8fec1-4c8752a490540-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: application/zip
date: Sun, 05 May 2024 20:37:45 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (5)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers