Report - www.any2fe.com.ar/downloads/any2gfedemo.zip

Report Overview

Submitted URL
www.any2fe.com.ar/downloads/any2gfedemo.zip
IP
162.210.101.149
ASN
#32748 STEADFAST
Submitted
2024-03-29 11:20:30
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.any2fe.com.ar	unknown	unknown	No data	No data	413 B	591 B	162.210.101.149
any2fe.com.ar	unknown	2010-11-15	2016-01-27	2023-10-22	409 B	1.8 MB	162.210.101.149

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
any2fe.com.ar/downloads/any2gfedemo.zip
IP
162.210.101.149
ASN
#32748 STEADFAST

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.8 MB (1807631 bytes)
Hash
9395a8e65b50ca1b3b8f907bd977a634
58ec131739912aeb058fb4addafecdad27c1e739
14bee6be4527c5657f8a3cdc8cef02eb0a4745d811d6911befbc025dc4661b44

Archive (22)

Filename

Md5

File type

any2gfe.exe

8dff8803d25f5eccdbdc473b50253bca

PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections

consultarcbtes.bat

090677c12b03d5e2271aa0eceb5e71f6

ASCII text, with CRLF line terminators

consultarcomitente.bat

87eedc428e7fb2935169ade96dbc9763

ASCII text, with CRLF line terminators

consultarcta.bat

7ba322a6dab23a9eb5482a3121e9f45d

ASCII text, with CRLF line terminators

consultarctasctes.bat

30716b0c1b5ce45f6cd43fa70540baa2

ASCII text, with CRLF line terminators

consultarfacinf.bat

ce568ac189106e1405b9c68bf4415078

ASCII text, with CRLF line terminators

consultarmonto.bat

2539f22bf4e764a58d7ce5342a03a54f

ASCII text, with CRLF line terminators

consultarmontog.bat

806cd3354b578dd42f15e38796247f2e

ASCII text, with CRLF line terminators

DESCRIPCION CAMPOS CONSULTA CC.docx

5399070650013486e57b3f3d91884549

Microsoft Word 2007+

DESCRIPCION CAMPOS CONSULTA L1.docx

2c004b96f30b409b65aadb338953ec8e

Microsoft Word 2007+

DESCRIPCION CAMPOS CONSULTA L2.docx

ff9c2d6e97dc2189c625805535795338

Microsoft Word 2007+

GESTION FACTURA DE CREDITO ELECTRONICA.pdf

523138637e735ca73405d71fbb1f00d3

PDF document, version 1.5, 5 pages

informaragt.bat

e04cf10be9f38764fa742f7c60859e40

ASCII text, with CRLF line terminators

libeay32.dll

320fd1d9fc94e40cedcba3f9cc7aec43

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

openssl.cfg

7df26c55291b33344dc15e3935dabaf3

ASCII text

openssl.cnf

4f6da66f07971186a0bbdc2c21bab282

ASCII text

openssl.exe

fd89d60f3605e6f8970d5fa9f354ae68

PE32 executable (console) Intel 80386, for MS Windows, 4 sections

setopenssl.bat

e09cdd4818f2a005f317c91e93ebf066

ASCII text, with CRLF line terminators

ssleay32.dll

f0b439ccad4238004001fcca94fb24fe

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

test.pfx

0913ad54e2c7d14bd5f69ecd68f6e9b1

data

test.sha

7de58b85421f590da36c5e6c2f65bb29

data

vertablas.bat

0be68de7956f2928684bb9229ee6fb6d

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	www.any2fe.com.ar/downloads/any2gfedemo.zip	162.210.101.149	301 Moved Permanently	254 B
URL User Request GET HTTP/1.1 www.any2fe.com.ar/downloads/any2gfedemo.zip IP 162.210.101.149:80 ASN #32748 STEADFAST File type HTML document, ASCII text Size 254 B (254 bytes) Hash 013bb847226eca58949ebed0572ffd06 e087a1ad857bdfbfc78d60022c123ebee5913d4b d5e9baf751e9fd585a4180c3905c7a6e4631396ee3c5937adf462c18deb57c5f HTTP Headers `GET /downloads/any2gfedemo.zip HTTP/1.1 Host: www.any2fe.com.ar User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Date: Fri, 29 Mar 2024 11:20:04 GMT Server: Apache Location: http://any2fe.com.ar/downloads/any2gfedemo.zip Cache-Control: max-age=2592000 Expires: Sun, 28 Apr 2024 11:20:04 GMT Content-Length: 254 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1`

	any2fe.com.ar/downloads/any2gfedemo.zip	162.210.101.149	200 OK	1.8 MB
URL User Request GET HTTP/1.1 any2fe.com.ar/downloads/any2gfedemo.zip IP 162.210.101.149:80 ASN #32748 STEADFAST File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 1.8 MB (1807631 bytes) Hash 9395a8e65b50ca1b3b8f907bd977a634 58ec131739912aeb058fb4addafecdad27c1e739 14bee6be4527c5657f8a3cdc8cef02eb0a4745d811d6911befbc025dc4661b44 HTTP Headers `GET /downloads/any2gfedemo.zip HTTP/1.1 Host: any2fe.com.ar User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 29 Mar 2024 11:20:13 GMT Server: Apache Last-Modified: Tue, 21 Jan 2020 20:47:03 GMT ETag: "1b950f-59cac829a1fc0" Accept-Ranges: bytes Content-Length: 1807631 Cache-Control: max-age=2592000 Expires: Sun, 28 Apr 2024 11:20:13 GMT Vary: User-Agent Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/zip`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (22)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers