Report - www.amlpages.com/Source/AmlMaple

Report Overview

Submitted URL
www.amlpages.com/Source/AmlMaple_pe.zip
IP
91.189.114.29
ASN
#48287 Jsc Ru-Center
Submitted
2024-04-24 11:02:23
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.amlpages.com	unknown	2006-12-09	2012-06-18	2024-04-18	409 B	1.5 MB	91.189.114.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.amlpages.com/Source/AmlMaple_pe.zip
IP
91.189.114.29
ASN
#48287 Jsc Ru-Center

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.5 MB (1485288 bytes)
Hash
4e73d4e9a4c90024b124605a9e7da1ff
9aa5228801f8933b0a7a1606da6d340e49243971
b4c0e0a57fc3d27c6e5c51f464fa426823bb26eb2fa934b65738c470a1a8d0bc

Archive (53)

Filename

Md5

File type

AmlMaple.exe

17e7c1604763cd572602b3a644c85b10

PE32 executable (GUI) Intel 80386, for MS Windows, 7 sections

AM_Exit.exe

07cbc2b398d9b5cfd99405c784fff1e7

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

AM_Restorer.exe

6d39d29fe6ab21e3c9aa9713fd905112

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

FlgCrt.dll

443c8959419c776298e3f5d7b6e94868

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

AmlMaple.dll

e6f8bbcbd9f544567fb590ddce5745f7

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

GGSoundUtil.dll

ec0da6271fbcfa43a96bf22db8536268

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

SHOW_SETTINGS.Bat

69a8ad4d3225a20eeb165171bae864fc

ASCII text, with no line terminators

SHOW_DETECT_langs.Bat

eefdf9f07192b1cbc53787aba36afa04

ASCII text, with CRLF line terminators

SHOW_COMMAND_LINE_KEYS.Bat

5405971d228c58bfa22f0ded06d70645

ASCII text, with no line terminators

SHOW_MENU.Bat

1e5a83a54e7d2f418f2f0e85a8b6aa78

ASCII text, with no line terminators

182eccb76dea7e9a196db422269b0eaf

ASCII text, with CRLF line terminators

arabic.lng

390254e158334b995bee3c48d86858e8

Unicode text, UTF-16, little-endian text, with very long lines (1663), with CRLF line terminators

Belorussian.lng

c40b5d987fc6da84d48b31666804a69c

Unicode text, UTF-16, little-endian text, with very long lines (1561), with CRLF line terminators

BrazilianPortuguese.lng

6ba266730a2cbce1090c35f84601f980

Unicode text, UTF-16, little-endian text, with very long lines (1639), with CRLF, NEL line terminators

Bulgarian.lng

344bcb5ff2140eef1682fc4107c3987a

Generic INItialization configuration [Strings]

Chinese Simplified.lng

0d3e5bf4beff42fdba7d195aa3f1e15c

Unicode text, UTF-16, little-endian text, with very long lines (1601), with CRLF line terminators

French.lng

253e3dee3c789591a82746ff375813ca

Unicode text, UTF-16, little-endian text, with very long lines (1872), with CRLF line terminators

German.lng

ee4eb5d7e0a79b41761ab748312f6bb0

Unicode text, UTF-16, little-endian text, with very long lines (1747), with CRLF line terminators

Hebrew.lng

7b3ba90add656b7687de74e41fa923d2

Unicode text, UTF-16, little-endian text, with very long lines (1892), with CRLF line terminators

Hellenic.lng

4001546a3c0836877d00097f7b0cb368

Unicode text, UTF-16, little-endian text, with very long lines (1904), with CRLF line terminators

Indonesian.lng

31732b0c8a132f27bd23c79b4d5c992e

Unicode text, UTF-16, little-endian text, with CRLF, LF line terminators

Italian.lng

b7e96d130f474c62b32120dce92ef0ad

Unicode text, UTF-16, little-endian text, with very long lines (1892), with CRLF, CR line terminators

Kazakh.lng

6ca627a1b0a8bb558b81fae7723f3c29

Unicode text, UTF-16, little-endian text, with very long lines (1892), with CRLF line terminators

Korean.lng

886b9135d55fcc95a659e81c15504fdd

Unicode text, UTF-16, little-endian text, with very long lines (1800), with CRLF line terminators

Lithuanian.lng

82db41b360baa2af0ae2d6ac83d5d713

Unicode text, UTF-16, little-endian text, with very long lines (1747), with CRLF line terminators

LocalizationExample.lng

1e93ecab6e6c747fd144655072a0ebdd

Generic INItialization configuration [Strings]

Magyar.lng

ae447e596a2823d64ee9249938a97838

Generic INItialization configuration [Strings]

Norwegian.lng

8f03d587f5d7056a7ded2ca9538af6dc

data

Polish.lng

cc12145d783bd4c6f24d5855d1941e1a

Unicode text, UTF-16, little-endian text, with very long lines (1527), with CRLF line terminators

Russian.lng

0c304a9072d14db03b5c94b8f0907f4b

Unicode text, UTF-16, little-endian text, with very long lines (1561), with CRLF line terminators

Serbian.lng

e7a687ec60dedb77fe47ecc253e18432

Unicode text, UTF-16, little-endian text, with very long lines (1747), with CRLF, CR line terminators

Sinhala.lng

edb57bea4c085e99c3acea20c2385cc1

Unicode text, UTF-16, little-endian text, with very long lines (1649), with CRLF line terminators

Spanish.lng

a3c27e33faf6f814278bfdcbad69f272

Unicode text, UTF-16, little-endian text, with very long lines (1587), with CRLF line terminators

Turkish.lng

0563542dbb63c96979f0461bb5fc97ff

Generic INItialization configuration [Strings]

Ukrainian.lng

a5f8662915b166347df0e554d69762e2

Unicode text, UTF-16, little-endian text, with very long lines (1716), with CRLF line terminators

start.wav

839db382bef79964e7fb1174ae3655a0

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 11025 Hz

start_asadmin.wav

8344819b5ff3358384154470ef6384d0

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 11025 Hz

encode.wav

d74b213adbc4df73254385e3602b550d

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 16000 Hz

already_work.wav

447d045c5384e21f5ff0cf17c1b8923f

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 11025 Hz

lang_blinked.wav

65b63d9d165f571e9133a707f6070601

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 8000 Hz

chpok.wav

49e13c82cf3551bc0c7b035bece010bb

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 16000 Hz

chpok_rev.wav

51988d7d861c6913edaac5fd60b997b7

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 16000 Hz

no_newver.wav

933ae6d6ececf86d41a7352e723696c9

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 8000 Hz

has_newver.wav

815242d4f0e8dc73c92e017331770d48

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 8000 Hz

Help_En.chm

733e8b2b5d3da24880af67c6e0631676

MS Windows HtmlHelp Data

Help_Ru.chm

dbc9b88d2bb3cef980c7ee1fc2c33bb1

MS Windows HtmlHelp Data

Help_By.chm

4eb6151e43d5a70c9fe5c13d5b96af2d

MS Windows HtmlHelp Data

Help_UK.chm

e213f51180b58c820ce99e8f6a50c34d

MS Windows HtmlHelp Data

ReadMe_Portable.txt

f093d690411f04f99c7c43b337605b90

ISO-8859 text, with CRLF line terminators

licence_en.txt

15bcb7952263249908fb158a05b010b0

ASCII text, with CRLF line terminators

history.txt

73e0a7ffafcb40a8d686b6a4cd7e5489

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

UpdateReport_Ru.htm

e27d1b9d9e37ff78407ccf3a216ae3e7

HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (447), with CRLF line terminators

UpdateReport_Pl.htm

40881d45f4c7068ce70e0a84380aa7c2

HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (498), with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/66

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.amlpages.com/Source/AmlMaple_pe.zip

91.189.114.29

1.5 MB

URL User Request GET
www.amlpages.com/Source/AmlMaple_pe.zip
IP
91.189.114.29:0
ASN
#48287 Jsc Ru-Center

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.5 MB (1485288 bytes)
Hash
4e73d4e9a4c90024b124605a9e7da1ff
9aa5228801f8933b0a7a1606da6d340e49243971
b4c0e0a57fc3d27c6e5c51f464fa426823bb26eb2fa934b65738c470a1a8d0bc

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/66

HTTP Headers

GET /Source/AmlMaple_pe.zip HTTP/1.1
Host: www.amlpages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 11:01:56 GMT
Content-Type: application/zip
Content-Length: 1485288
Connection: keep-alive
Last-Modified: Thu, 04 Apr 2024 14:32:42 GMT
ETag: "16a9e8-61546364732e7"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (53)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers