Report - www.aerosoft2.de/downloads/flightkeeper/AS_FSFK_352_NAV_DB

Report Overview

Submitted URL
www.aerosoft2.de/downloads/flightkeeper/AS_FSFK_352_NAV_DB_BUILDER.zip
IP
78.47.47.58
ASN
#24940 Hetzner Online GmbH
Submitted
2024-03-28 11:30:34
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.aerosoft2.de	unknown	unknown	No data	No data	524 B	623 kB	78.47.47.58

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.aerosoft2.de/downloads/flightkeeper/AS_FSFK_352_NAV_DB_BUILDER.zip
IP
78.47.47.58
ASN
#24940 Hetzner Online GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
622 kB (622536 bytes)
Hash
635d242ba13dc1c22928707c1d507aa4
7a5800fd7b353950a0be7bfc9b45dd37ce64cf37
e1f8a67970b1f11e911a3adaaa1597aedb820a379acc8aba3d01c102947f70c0

Archive (5)

Filename

Md5

File type

FSFKNDB.exe

7eb70e04258be58e68a2ea89133122e4

PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

FSFKNDB.exe.manifest

40750c0676f7ace0ba5ecec61ca2d180

XML 1.0 document, ASCII text, with CRLF line terminators

Readme.txt

69b06bac2e9e355d753521e9b955f620

Non-ISO extended-ASCII text, with CRLF line terminators

Main_English.dll

3f27d5e355d4b11555d3d59eddd55112

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

Cities.cfg

ae74eae33d725c7a26eeafbf620742f8

ISO-8859 text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	www.aerosoft2.de/downloads/flightkeeper/AS_FSFK_352_NAV_DB_BUILDER.zip	78.47.47.58	200 OK	622 kB
URL User Request GET HTTP/2 www.aerosoft2.de/downloads/flightkeeper/AS_FSFK_352_NAV_DB_BUILDER.zip IP 78.47.47.58:443 ASN #24940 Hetzner Online GmbH Certificate IssuerDigiCert Inc Subjectaerosoft2.de Fingerprint16:EC:EA:27:94:49:22:CB:70:31:76:7F:92:2F:93:18:C3:5B:04:05 ValidityThu, 03 Aug 2023 00:00:00 GMT - Sat, 03 Aug 2024 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 622 kB (622536 bytes) Hash 635d242ba13dc1c22928707c1d507aa4 7a5800fd7b353950a0be7bfc9b45dd37ce64cf37 e1f8a67970b1f11e911a3adaaa1597aedb820a379acc8aba3d01c102947f70c0 HTTP Headers GET /downloads/flightkeeper/AS_FSFK_352_NAV_DB_BUILDER.zip HTTP/1.1 Host: www.aerosoft2.de User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK last-modified: Thu, 16 Jan 2020 11:41:41 GMT etag: "97fc8-59c404f077b16" accept-ranges: bytes content-length: 622536 content-type: application/zip date: Thu, 28 Mar 2024 11:30:09 GMT server: Apache X-Firefox-Spdy: h2`

www.aerosoft2.de/downloads/flightkeeper/AS_FSFK_352_NAV_DB_BUILDER.zip

78.47.47.58

200 OK

622 kB

URL User Request GET HTTP/2
www.aerosoft2.de/downloads/flightkeeper/AS_FSFK_352_NAV_DB_BUILDER.zip
IP
78.47.47.58:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerDigiCert Inc
Subjectaerosoft2.de
Fingerprint16:EC:EA:27:94:49:22:CB:70:31:76:7F:92:2F:93:18:C3:5B:04:05
ValidityThu, 03 Aug 2023 00:00:00 GMT - Sat, 03 Aug 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
622 kB (622536 bytes)
Hash
635d242ba13dc1c22928707c1d507aa4
7a5800fd7b353950a0be7bfc9b45dd37ce64cf37
e1f8a67970b1f11e911a3adaaa1597aedb820a379acc8aba3d01c102947f70c0

HTTP Headers

GET /downloads/flightkeeper/AS_FSFK_352_NAV_DB_BUILDER.zip HTTP/1.1
Host: www.aerosoft2.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 16 Jan 2020 11:41:41 GMT
etag: "97fc8-59c404f077b16"
accept-ranges: bytes
content-length: 622536
content-type: application/zip
date: Thu, 28 Mar 2024 11:30:09 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (5)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers