Report - www.bocasystems.com/documents/FGL_viewer

Report Overview

Submitted URL
www.bocasystems.com/documents/FGL_viewer_windows.zip
IP
70.39.149.79
ASN
#54641 IMH-IAD
Submitted
2024-04-16 18:41:10
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.bocasystems.com	unknown	1996-02-22	2012-11-01	2024-04-16	506 B	17 MB	70.39.149.79

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.bocasystems.com/documents/FGL_viewer_windows.zip
IP
70.39.149.79
ASN
#54641 IMH-IAD

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
17 MB (16884663 bytes)
Hash
da8c14b05cf25d57c7237b5f4458cce2
c93b252a47dc3a5d5b5a90bb5aefdc47e309ee97
fc5a83c4787401f27ab45fa9097cf55631bc82d097e4eb4811258759637572af

Archive (13)

Filename

Md5

File type

vcruntime140.dll

a8666a7c014c4125886cc49cdb0ccaa5

PE32+ executable (DLL) (console) x86-64, for MS Windows, 7 sections

vccorlib140.dll

823dc75ea11a7cf77f0bc78ead04551b

PE32+ executable (DLL) (console) x86-64, for MS Windows, 7 sections

icudt65.dll

7707ea963e8204fd16696dbfad28c4f2

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

icuuc65.dll

25fd65f4ec94f47795a7630899077ca6

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections

msvcr120.dll

9c861c079dd81762b6c54e37597b7712

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

msvcp120.dll

46060c35f697281bc5e7337aee3722b1

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

icuin65.dll

e82be653dde13b222d7a4e4adb256dfb

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections

XojoGUIFramework64.dll

6ae9d045ff7158a546d591452efefa48

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections

FGL viewer.exe

7ebda516ba182962626dfb4ac4ee0735

PE32+ executable (GUI) x86-64, for MS Windows, 10 sections

msvcp140.dll

1c33cb1547a1c5ba7455bb0bf0215a7c

PE32+ executable (DLL) (console) x86-64, for MS Windows, 7 sections

cubeSQL_64bit.dll

1c97fde75bcbcfea86d859b9889f19be

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

Appearance Pakx64.dll

80e6e2329194fe53af3a342b030d4e15

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections

MBS_MacOSX_MacOSX_Plugin_20614.dll

bef5a5bdff918276f210e70ecc7026eb

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	www.bocasystems.com/documents/FGL_viewer_windows.zip	70.39.149.79	200 OK	17 MB
URL User Request GET HTTP/2 www.bocasystems.com/documents/FGL_viewer_windows.zip IP 70.39.149.79:443 ASN #54641 IMH-IAD Certificate IssuerSectigo Limited Subjectbocasystems.com FingerprintAB:DF:1E:03:8F:B4:37:73:50:F7:BD:90:EF:6B:33:F7:02:68:F0:88 ValidityMon, 16 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 17 MB (16884663 bytes) Hash da8c14b05cf25d57c7237b5f4458cce2 c93b252a47dc3a5d5b5a90bb5aefdc47e309ee97 fc5a83c4787401f27ab45fa9097cf55631bc82d097e4eb4811258759637572af HTTP Headers `GET /documents/FGL_viewer_windows.zip HTTP/1.1 Host: www.bocasystems.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK last-modified: Tue, 02 Nov 2021 15:19:13 GMT accept-ranges: bytes content-length: 16884663 content-type: application/zip date: Tue, 16 Apr 2024 18:40:37 GMT server: Apache X-Firefox-Spdy: h2`

www.bocasystems.com/documents/FGL_viewer_windows.zip

70.39.149.79

200 OK

17 MB

URL User Request GET HTTP/2
www.bocasystems.com/documents/FGL_viewer_windows.zip
IP
70.39.149.79:443
ASN
#54641 IMH-IAD

Certificate
IssuerSectigo Limited
Subjectbocasystems.com
FingerprintAB:DF:1E:03:8F:B4:37:73:50:F7:BD:90:EF:6B:33:F7:02:68:F0:88
ValidityMon, 16 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
17 MB (16884663 bytes)
Hash
da8c14b05cf25d57c7237b5f4458cce2
c93b252a47dc3a5d5b5a90bb5aefdc47e309ee97
fc5a83c4787401f27ab45fa9097cf55631bc82d097e4eb4811258759637572af

HTTP Headers

GET /documents/FGL_viewer_windows.zip HTTP/1.1
Host: www.bocasystems.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 02 Nov 2021 15:19:13 GMT
accept-ranges: bytes
content-length: 16884663
content-type: application/zip
date: Tue, 16 Apr 2024 18:40:37 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (13)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers