Report - www.any2fe.com.ar/downloads/any2cdcng.zip

Report Overview

Submitted URL
www.any2fe.com.ar/downloads/any2cdcng.zip
IP
162.210.101.149
ASN
#32748 STEADFAST
Submitted
2024-03-29 11:20:30
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.any2fe.com.ar	unknown	unknown	No data	No data	411 B	587 B	162.210.101.149
any2fe.com.ar	unknown	2010-11-15	2016-01-27	2023-10-22	407 B	1.5 MB	162.210.101.149

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
any2fe.com.ar/downloads/any2cdcng.zip
IP
162.210.101.149
ASN
#32748 STEADFAST

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.5 MB (1507143 bytes)
Hash
4aefd1caab261659a0f35ff40b2bf71b
bd57ad4832ba6e7023a177fbad9ccd08338eda33
a8921964e682a3f60f23980fabb76e8e46a311257f440dc3e8b852e1113b6153

Archive (12)

Filename

Md5

File type

any2cabe.csv

92a7d19d38422e681a4f6155683f5b0d

ASCII text, with CRLF line terminators

any2cdc.exe

87eadcedee1dffdb0d4aff14916f6fce

PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

any2out.csv

50d0eca2a165f2f3ed68dd1c9ef2524d

ASCII text, with CRLF line terminators

consulta.bat

b5829bd0d719a8195c24a68a93c81879

ASCII text, with CRLF line terminators

consulta_graf.bat

4961d60ff36f394f6a11ce24f33f270b

ASCII text, with CRLF line terminators

consulta_prod.bat

8649c1d4cdd22ca2eccc9af96b2fef26

ASCII text, with CRLF line terminators

consulta_prod_graf.bat

f066d0499a93b2d91ccece0f11066679

ASCII text, with CRLF line terminators

imagen sincronizacion horaria.jpg

50a92bcb52908016c5f64df9f23f9ab5

JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 444x369, components 3

Instructivo de Uso ANY2CDC.pdf

f995e13ed40447541f1307f44b101d9e

PDF document, version 1.4, 7 pages

test.lic

9380ea73c7179b09007f9a4c6ebf5f19

ASCII text, with very long lines (1844), with no line terminators

test.pfx

0913ad54e2c7d14bd5f69ecd68f6e9b1

data

test.sha

0e197c016ed2ae058d59d72cd81f114b

data

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/65

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

www.any2fe.com.ar/downloads/any2cdcng.zip

162.210.101.149

301 Moved Permanently

252 B

URL User Request GET HTTP/1.1
www.any2fe.com.ar/downloads/any2cdcng.zip
IP
162.210.101.149:80
ASN
#32748 STEADFAST

File type
HTML document, ASCII text
Size
252 B (252 bytes)
Hash
ad6de6b958899cf86f16a35effdffd93
64005ba4982eb9e381eb9c851482d1f119375d24
9fe82e013b9a1dbd430e8da4504c53e71f390d166e02992db10907bc9ec1954d

HTTP Headers

GET /downloads/any2cdcng.zip HTTP/1.1
Host: www.any2fe.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 29 Mar 2024 11:20:04 GMT
Server: Apache
Location: http://any2fe.com.ar/downloads/any2cdcng.zip
Cache-Control: max-age=2592000
Expires: Sun, 28 Apr 2024 11:20:04 GMT
Content-Length: 252
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

any2fe.com.ar/downloads/any2cdcng.zip

162.210.101.149

200 OK

1.5 MB

URL User Request GET HTTP/1.1
any2fe.com.ar/downloads/any2cdcng.zip
IP
162.210.101.149:80
ASN
#32748 STEADFAST

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.5 MB (1507143 bytes)
Hash
4aefd1caab261659a0f35ff40b2bf71b
bd57ad4832ba6e7023a177fbad9ccd08338eda33
a8921964e682a3f60f23980fabb76e8e46a311257f440dc3e8b852e1113b6153

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/65

HTTP Headers

GET /downloads/any2cdcng.zip HTTP/1.1
Host: any2fe.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 11:20:12 GMT
Server: Apache
Last-Modified: Fri, 04 Dec 2020 06:18:38 GMT
ETag: "16ff47-5b59d72760457"
Accept-Ranges: bytes
Content-Length: 1507143
Cache-Control: max-age=2592000
Expires: Sun, 28 Apr 2024 11:20:12 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip