Report - www.aggsoft.ru/download/ru/aspmon.ru.zip

Report Overview

Submitted URL
www.aggsoft.ru/download/ru/aspmon.ru.zip
IP
104.238.133.207
ASN
#20473 AS-CHOOPA
Submitted
2024-04-17 02:26:41
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.aggsoft.ru	unknown	2004-04-19	2014-04-29	2024-02-12	494 B	254 kB	104.238.133.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.aggsoft.ru/download/ru/aspmon.ru.zip
IP
104.238.133.207
ASN
#20473 AS-CHOOPA

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
253 kB (252913 bytes)
Hash
2ab8027a2e1ff6d25a7568247c13eea2
cfb473c8924b0a7640959bf44f39c41d65d6072d
cf4c3883cd38b272c56f286b352d10ff1edd62b874a2fa2648bc5ba83d52e378

Archive (10)

Filename

Md5

File type

Mail.url

25ebe5e88aae01ddcfff1e13627d6d55

MS Windows 95 Internet shortcut text (URL=<mailto:info@aggsoft.ru?Subject=Âîïðîñ%20ïî%20ASPM>), ISO-8859 text, with CRLF line terminators

readme.txt

6e9d09f4700b0469d52d347af1192313

ISO-8859 text, with CRLF line terminators

License.rtf

97a5fe31b02e6dcc1e5b1fc9ff96a5c3

Rich Text Format data, version 1, ANSI, code page 1251, default language ID 1049

aspmon.chm

3cf09e9a65d953efbe2893908a386fb6

MS Windows HtmlHelp Data

file_id.diz

6cc1f580fc0345eea449f09f4a246ca9

ISO-8859 text, with CRLF line terminators

Download Updates.url

34d47fb92470d108ad872f4cab827b1e

MS Windows 95 Internet shortcut text (URL=<https://www.aggsoft.ru/serial-port-monitor/download.htm>), ASCII text, with CRLF line terminators

Registration Online.url

7f38bc892715f9f45de99c4f138ffbc9

MS Windows 95 Internet shortcut text (URL=<https://www.aggsoft.ru/serial-port-monitor/buy.htm>), ASCII text, with CRLF line terminators

Technical Support.url

1322d93553a3a73c5c885027dea8b851

MS Windows 95 Internet shortcut text (URL=<https://www.aggsoft.ru/support/>), ASCII text, with CRLF line terminators

Tutorials.url

b636272b4fcab97e17188557b569bea1

MS Windows 95 Internet shortcut text (URL=<https://www.aggsoft.ru/serial-port-monitor/tutor.htm>), ASCII text, with CRLF line terminators

Visit our site.url

78535aa460d14b0205caf857f6e02e4f

MS Windows 95 Internet shortcut text (URL=<https://www.aggsoft.ru/>), ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects possible shortcut usage for .URL persistence

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	www.aggsoft.ru/download/ru/aspmon.ru.zip	104.238.133.207	200 OK	253 kB
URL User Request GET HTTP/1.1 www.aggsoft.ru/download/ru/aspmon.ru.zip IP 104.238.133.207:443 ASN #20473 AS-CHOOPA Certificate IssuerLet's Encrypt Subjectaggsoft.ru FingerprintD7:BC:F9:BF:8D:B1:24:D6:CD:BA:99:39:0D:14:DB:69:D3:A8:5D:3D ValidityMon, 15 Apr 2024 01:38:04 GMT - Sun, 14 Jul 2024 01:38:03 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 253 kB (252913 bytes) Hash 2ab8027a2e1ff6d25a7568247c13eea2 cfb473c8924b0a7640959bf44f39c41d65d6072d cf4c3883cd38b272c56f286b352d10ff1edd62b874a2fa2648bc5ba83d52e378 HTTP Headers `GET /download/ru/aspmon.ru.zip HTTP/1.1 Host: www.aggsoft.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Wed, 17 Apr 2024 02:26:17 GMT Server: Apache Strict-Transport-Security: max-age=63072000; includeSubdomains; Content-Security-Policy: default-src ; font-src ;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Last-Modified: Wed, 15 Apr 2020 04:24:25 GMT ETag: "3dbf1-5a34cb0f15040" Accept-Ranges: bytes Content-Length: 252913 X-XSS-Protection: 1 Access-Control-Allow-Origin: * Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/zip Content-Language: ru

www.aggsoft.ru/download/ru/aspmon.ru.zip

104.238.133.207

200 OK

253 kB

URL User Request GET HTTP/1.1
www.aggsoft.ru/download/ru/aspmon.ru.zip
IP
104.238.133.207:443
ASN
#20473 AS-CHOOPA

Certificate
IssuerLet's Encrypt
Subjectaggsoft.ru
FingerprintD7:BC:F9:BF:8D:B1:24:D6:CD:BA:99:39:0D:14:DB:69:D3:A8:5D:3D
ValidityMon, 15 Apr 2024 01:38:04 GMT - Sun, 14 Jul 2024 01:38:03 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
253 kB (252913 bytes)
Hash
2ab8027a2e1ff6d25a7568247c13eea2
cfb473c8924b0a7640959bf44f39c41d65d6072d
cf4c3883cd38b272c56f286b352d10ff1edd62b874a2fa2648bc5ba83d52e378

HTTP Headers

GET /download/ru/aspmon.ru.zip HTTP/1.1
Host: www.aggsoft.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 02:26:17 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Security-Policy: default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Apr 2020 04:24:25 GMT
ETag: "3dbf1-5a34cb0f15040"
Accept-Ranges: bytes
Content-Length: 252913
X-XSS-Protection: 1
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip
Content-Language: ru

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (10)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers