Report - alexfru.narod.ru/os/winmngr/WinMngrDemo.zip

Report Overview

Submitted URL
alexfru.narod.ru/os/winmngr/WinMngrDemo.zip
IP
193.109.247.229
ASN
#204343 Compubyte Limited
Submitted
2024-05-05 04:21:27
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
alexfru.narod.ru	unknown	1999-12-09	2013-06-19	2018-01-01	497 B	338 kB	193.109.247.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
alexfru.narod.ru/os/winmngr/WinMngrDemo.zip
IP
193.109.247.229
ASN
#204343 Compubyte Limited

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
338 kB (337467 bytes)
Hash
20fead19b34910b95f1576aaa3312812
a0dc510e2d2faca1ebe5cf0d4e4463777d6c4e98
fa68604cb751ce89dfd32e9b98a4aad515d6a65124813248ac85b4bd74bc83ed

Archive (20)

Filename

Md5

File type

ADTFifo.c

bb9b1c5bee6f6bf4cd960c6da0b1d440

C source, ASCII text, with CRLF line terminators

ADTFifo.h

c08984aa9df57b8c44fb0ea57c2e0e5e

C source, ASCII text, with CRLF line terminators

ComDefs.h

a419e6437b14be726265d4242c3b261f

C source, ASCII text, with CRLF line terminators

ComTypes.h

5b180c6c0acd9544f84b587c861ad73d

C source, ASCII text, with CRLF line terminators

Display.c

34418a642b7cfb93539bba270ed076aa

C source, ASCII text, with CRLF line terminators

display.exe

49b61a5f2a4a4751f2e6c20774cebf67

MS-DOS executable, MZ for MS-DOS, COFF for MS-DOS, DJGPP go32 DOS extender

Display.h

7ba805b8a4db5ea162e5019ab237080a

C source, ASCII text, with CRLF line terminators

Fnt8x16.c

9881053a0615fc80b22eeafc55cd6a27

C source, ASCII text, with CRLF line terminators

Fnt8x16.h

2cdb5f65e08038176f9d339d27335422

C source, ASCII text, with CRLF line terminators

mk.bat

beb191866a7fe5a4790ecb437a94ba63

ASCII text, with CRLF line terminators

readme.txt

1f5cad21a0dd804d99025eb6922ea45a

ASCII text, with CRLF line terminators

RectSet.c

ae53e2a088a6d18f60b5b9de616f0767

C source, ASCII text, with CRLF line terminators

RectSet.exe

7044ac249298aab40e54d25afdd65b5e

MS-DOS executable, MZ for MS-DOS, COFF for MS-DOS, DJGPP go32 DOS extender

RectSet.h

59b33fb86ccd0682fe4ca82e255aa50b

C source, ASCII text, with CRLF line terminators

StatText.c

7332465bb2f66ee12bb080d27c62cac6

C source, ASCII text, with CRLF line terminators

StatText.h

bd4f496216d0d8703231e77da8bbdbcf

C source, ASCII text, with CRLF line terminators

Vinca.bmp

b53a4480af731bb78adc296de38aba84

PC bitmap, Windows 3.x format, 1024 x 768 x 24, image size 2359296, cbSize 2359350, bits offset 54

WinMngr.c

0b8d6478a38b78a4eb0c6fe341be2405

C source, ISO-8859 text, with CRLF line terminators

WinMngr.exe

3e9f7c2c8995f590d050608dd9d43c40

MS-DOS executable, MZ for MS-DOS, COFF for MS-DOS, DJGPP go32 DOS extender

WinMngr.h

cd2deba97a36a71dc372b4b0eca8ec23

C source, ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	alexfru.narod.ru/os/winmngr/WinMngrDemo.zip	193.109.247.229	200 OK	338 kB
URL User Request GET HTTP/1.1 alexfru.narod.ru/os/winmngr/WinMngrDemo.zip IP 193.109.247.229:443 ASN #204343 Compubyte Limited Certificate IssuerGlobalSign nv-sa Subject.narod.ru Fingerprint0E:18:34:C8:20:05:D7:5B:55:6F:B7:0A:8F:7B:C9:4C:9B:A5:18:5A ValidityThu, 08 Jun 2023 09:48:54 GMT - Tue, 09 Jul 2024 09:48:53 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 338 kB (337467 bytes) Hash 20fead19b34910b95f1576aaa3312812 a0dc510e2d2faca1ebe5cf0d4e4463777d6c4e98 fa68604cb751ce89dfd32e9b98a4aad515d6a65124813248ac85b4bd74bc83ed HTTP Headers `GET /os/winmngr/WinMngrDemo.zip HTTP/1.1 Host: alexfru.narod.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sun, 05 May 2024 04:21:02 GMT Content-Type: application/zip Content-Length: 337467 Last-Modified: Wed, 03 Apr 2013 17:19:12 GMT Connection: keep-alive Keep-Alive: timeout=15 ETag: "515c6490-5263b" X-Frame-Options: SAMEORIGIN Accept-Ranges: bytes`

alexfru.narod.ru/os/winmngr/WinMngrDemo.zip

193.109.247.229

200 OK

338 kB

URL User Request GET HTTP/1.1
alexfru.narod.ru/os/winmngr/WinMngrDemo.zip
IP
193.109.247.229:443
ASN
#204343 Compubyte Limited

Certificate
IssuerGlobalSign nv-sa
Subject*.narod.ru
Fingerprint0E:18:34:C8:20:05:D7:5B:55:6F:B7:0A:8F:7B:C9:4C:9B:A5:18:5A
ValidityThu, 08 Jun 2023 09:48:54 GMT - Tue, 09 Jul 2024 09:48:53 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
338 kB (337467 bytes)
Hash
20fead19b34910b95f1576aaa3312812
a0dc510e2d2faca1ebe5cf0d4e4463777d6c4e98
fa68604cb751ce89dfd32e9b98a4aad515d6a65124813248ac85b4bd74bc83ed

HTTP Headers

GET /os/winmngr/WinMngrDemo.zip HTTP/1.1
Host: alexfru.narod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 04:21:02 GMT
Content-Type: application/zip
Content-Length: 337467
Last-Modified: Wed, 03 Apr 2013 17:19:12 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "515c6490-5263b"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (20)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers