Report - www.gkclab.com/soft/fc.zip

Report Overview

Submitted URL
www.gkclab.com/soft/fc.zip
IP
157.90.2.153
ASN
#24940 Hetzner Online GmbH
Submitted
2024-04-23 15:34:46
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gkclab.com	unknown	2010-12-14	2013-01-21	2024-02-16	480 B	909 kB	157.90.2.153

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
www.gkclab.com/soft/fc.zip
IP
157.90.2.153
ASN
#24940 Hetzner Online GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
909 kB (909104 bytes)
Hash
87fe6ed9acf94ad1bed309bf79a3dd0e
5319c85a9490d80d52298b6ba2fd4a4237f0e393
b4c62aea931c6b9ab0ae963876885b763a9cef2fe1a7e9f21656fa22a9d493b3

Archive (7)

Filename

Md5

File type

read.txt

55968e93aad3c8b16bb5c0535743f48f

ASCII text, with no line terminators

reboot.bat

acf5d0ef5395938073a64a996112f585

DOS batch file, ASCII text, with CRLF line terminators

shutdown.bat

784982321aa0f520f27c6adc0ac4f302

DOS batch file, ASCII text, with CRLF line terminators

test.bat

42734aa09c70cb549a253869db0d51a1

ASCII text, with CRLF line terminators

FControl.exe

d72d32ed0151e482f9f2032f4c2f3f26

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

help_e.txt

7aeda9c12daf9c469ac74d0c56281462

ASCII text, with CRLF line terminators

help_r.txt

1ac97f84a447881d5adae0d40f63d34b

Non-ISO extended-ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/67

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.gkclab.com/soft/fc.zip

157.90.2.153

200 OK

909 kB

URL User Request GET HTTP/2
www.gkclab.com/soft/fc.zip
IP
157.90.2.153:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subject*.gkclab.com
FingerprintE6:4D:AF:B7:9B:7A:B2:50:B3:CE:03:EA:39:17:0B:89:51:DD:AE:30
ValidityTue, 02 Apr 2024 17:33:42 GMT - Mon, 01 Jul 2024 17:33:41 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
909 kB (909104 bytes)
Hash
87fe6ed9acf94ad1bed309bf79a3dd0e
5319c85a9490d80d52298b6ba2fd4a4237f0e393
b4c62aea931c6b9ab0ae963876885b763a9cef2fe1a7e9f21656fa22a9d493b3

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/67

HTTP Headers

GET /soft/fc.zip HTTP/1.1
Host: www.gkclab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 15:34:20 GMT
content-type: application/zip
content-length: 909104
last-modified: Tue, 14 Mar 2023 10:12:16 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (7)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers