Report - amlpages.com/Source/amlpages_ru

Report Overview

Submitted URL
amlpages.com/Source/amlpages_ru_pe.zip
IP
91.189.114.23
ASN
#48287 Jsc Ru-Center
Submitted
2024-03-29 06:49:16
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
amlpages.com	unknown	2006-12-09	2012-06-18	2024-03-28	408 B	6.3 MB	91.189.114.23

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
amlpages.com/Source/amlpages_ru_pe.zip
IP
91.189.114.23
ASN
#48287 Jsc Ru-Center

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
6.3 MB (6272418 bytes)
Hash
1bf18e5e0334471f924864d63040e685
6cb05dccc40b2decc453435f920cc3b32cad9575
134dbe8e4dd6a8a4cfb4197caa5301e28a8a9606598d42983441b8371004eec9

Archive (57)

Filename

Md5

File type

AACu.dll

391ed5233f5b8ef56e42795e2f345867

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

AmlAssistU.dll

9fb3583454f88ba429b4fa752b4c1d58

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

AmlExportU.dll

ca9ac29b25af213eba31878de27a878d

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

AmlImageU.dll

f7019b758785021b924c11287845d037

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

AutoReplaceU.dll

84d75afc3b078dc465f85d8b1ceeb9df

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

PlacementRestorerU.dll

e1df1f9af1d725d452665253f8cbfe96

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

ChangeLog.dll

8dc4e4c7c3402f98620282b9fe49a632

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

PwdGen.dll

811321aaa734b2db3e33f3d4340f5492

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

ThemesU.DLL

343dda962e44f615a21a54f7a6be1d87

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

With_Background_Picture.aptheme

4694473f1170c139f5e7889d3f479bf7

Zip archive data, at least v2.0 to extract, compression method=deflate

Magenta_Plain.aptheme

bd32be1768ad813f38251195cc652108

Zip archive data, at least v2.0 to extract, compression method=deflate

White_Standard.aptheme

2b77e8c9cad7450b7ac950933ec8d086

Zip archive data, at least v2.0 to extract, compression method=deflate

White Letters.aptheme

aac091d720746e63a1b2e0f3b595e16a

Zip archive data, at least v2.0 to extract, compression method=deflate

Present_White_With_Background.aptheme

304e204af156140a1b17b3c78c0b25dd

Zip archive data, at least v2.0 to extract, compression method=deflate

White_Standard_Large_Fonts.aptheme

3f928772cc0f1598aa1ec1ada4ad3106

Zip archive data, at least v2.0 to extract, compression method=deflate

Black.aptheme

8ebed93f278c72ea49763f475a73d7a7

Zip archive data, at least v2.0 to extract, compression method=deflate

AmlPages.exe

9e74640b6d6a0dc788bfa05fc66eef60

PE32 executable (GUI) Intel 80386, for MS Windows, 7 sections

ApExit.exe

bfcb5192402f557b4a41c092e76ba8ca

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

AmlPages.chm

6017476a89a0d7b045de1045bc07e7d2

MS Windows HtmlHelp Data

ColorDlg.dll

b7684d9789959ba6ce31b8ae5828c8fc

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

GGSoundUtil.dll

ec0da6271fbcfa43a96bf22db8536268

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

REUtil.dll

b5406cb3f80b9a4aa48f15426a3f0ea0

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

msftedit.dll

1824704d09fbe4967a6206ffc53ea44c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

RICHED20.DLL

c6cc76bde13e3a2c2275bd44c590d158

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

MSPTLS.DLL

2706258cf6880e0667d20e149b7a7f5a

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

irun.dll

c17b2c0aad82791f9d60608dc6e778e2

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

APIconsLib.icl

7ec416e516416bd8c3b00b1801acd036

MS-DOS executable, NE for MS Windows 3.x (3.0) (DLL or font)

RUN_PORTABLE.bat

e6fbdb838793a7d52a74402debdfb5ce

ASCII text, with CRLF line terminators

tips.txt

1be4d387e229e59bac5dad8cf638d6f5

Unicode text, UTF-16, little-endian text, with very long lines (339), with CRLF line terminators

whatnews.rus

d404267cc51b9f2be4d338309146f917

Non-ISO extended-ASCII text, with CRLF line terminators

README_PORTABLE.txt

652ac30e1331c2fdf0985c15e66e2c29

ISO-8859 text, with very long lines (410), with CRLF line terminators

1c.ash

5c06ae6fcb5e044eeb81b0f6c2601863

Generic INItialization configuration [1C]

AsCarc.ash

6684d0761ad77a745e9bb2b87c2af15d

Generic INItialization configuration [As Carc]

ash.ash

1d8cde57095830f874e88ae56e0b8e53

ISO-8859 text, with CRLF line terminators

cpp.ash

d7a0f9ddd6b81a9b8467e12de0cd4788

ASCII text, with very long lines (584), with CRLF line terminators

delphi.ash

4901e392e63b965be78efd22b83d7734

Generic INItialization configuration [Delphi]

email.ash

d83f7b05991d106391d52ed496ced5a4

ISO-8859 text, with CRLF line terminators

html.ash

18f14c72666be3effbcdf538715cf1f9

Generic INItialization configuration [HTML]

math.ash

149bf5298c741562a0de95d9f4dcab74

Generic INItialization configuration [Math]

mfc.ash

f6d73d006b1e2467c1e1617502272426

ASCII text, with very long lines (584), with CRLF line terminators

nsis.ash

bf2ac7bed4f5263a06c0e56a9d2002dc

Generic INItialization configuration [NSIS]

perl.ash

877b0994506bd5d4cbbb2f81784448eb

Generic INItialization configuration [Perl]

ruby.ash

b6d288ca49688f5a9aba92b659f96b46

Generic INItialization configuration [Ruby]

sql.ash

2bd98dda4437ce5373b821ae239c8715

Generic INItialization configuration [SQL]

vb.ash

9ffdf1210332d809bf212af12618c184

ASCII text, with very long lines (453), with CRLF line terminators

wtl.ash

a90d00b1454ac1b559fbd72da52d921c

ASCII text, with very long lines (584), with CRLF line terminators

java.ash

dc524755cd79fb99af1f5977adfe5b56

Generic INItialization configuration [Java SE 6 Edition]

python.ash

c89792c268c69005158862fe1636a1d9

Generic INItialization configuration [Python (Standard)]

WinDos.ash

f50fb1ddbb480e81ab690704b51661da

ASCII text, with very long lines (543), with CRLF line terminators

vb2013.ash

ea9fb09caffc4c04412d5605b4ab4bea

Generic INItialization configuration [Visual Basic (2013)]

autotext.atx

0f768a98b395be21fa02508bdde3495c

HTML document, Unicode text, UTF-16, little-endian text, with very long lines (512), with CRLF line terminators

cell.gif

fba1cffd5f9b087b9efad22fa4934006

GIF image data, version 89a, 36 x 24

howtoreg.htm

540e4349a043a5e7d3e151fb3ae41aa8

HTML document, ISO-8859 text, with CRLF line terminators

splash.jpg

7f414fe0d8a2dea71d908dd74286710e

JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, comment: "File written by Adobe Photoshop� 5.2", progressive, precision 8, 400x213, components 3

sample.apd

bd9e17fa8033f9f4e217478bfa03ecd0

data

Table 2x2.template

77713a4c3de510d0339f429f89f42993

Rich Text Format data, version 1, ANSI, code page 1251, default language ID 1049

TYPE_YOUR_HEADER.template

58d75f264d8092f5821a716615547172

Rich Text Format data, version 1, ANSI, code page 1251, default language ID 1049

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/64

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

amlpages.com/Source/amlpages_ru_pe.zip

91.189.114.23

200 OK

6.3 MB

URL User Request GET HTTP/1.1
amlpages.com/Source/amlpages_ru_pe.zip
IP
91.189.114.23:80
ASN
#48287 Jsc Ru-Center

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
6.3 MB (6272418 bytes)
Hash
1bf18e5e0334471f924864d63040e685
6cb05dccc40b2decc453435f920cc3b32cad9575
134dbe8e4dd6a8a4cfb4197caa5301e28a8a9606598d42983441b8371004eec9

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/64

HTTP Headers

GET /Source/amlpages_ru_pe.zip HTTP/1.1
Host: amlpages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 29 Mar 2024 06:48:48 GMT
Content-Type: application/zip
Content-Length: 6272418
Connection: keep-alive
Last-Modified: Mon, 25 Mar 2024 07:36:10 GMT
ETag: "5fb5a2-614773a372924"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (57)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers