Report - www.etman2.com.ar/NC/Act.zip

Report Overview

Submitted URL
www.etman2.com.ar/NC/Act.zip
IP
179.43.120.177
ASN
#27823 Dattatec.com
Submitted
2024-04-24 04:03:47
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
5

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.etman2.com.ar	unknown	2009-08-05	2015-03-21	2024-03-11	482 B	3.1 MB	179.43.120.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.etman2.com.ar/NC/Act.zip
IP
179.43.120.177
ASN
#27823 Dattatec.com

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
3.1 MB (3106679 bytes)
Hash
6fcee5fa16e8deba78d9f44d182486f2
677440629b6ff1dc8c0016a29854fdbe7e42f797
8a9a16f3a83e338b881338728f3f475ef51a9af44e3e3ef26e02e13535367284

Archive (21)

Filename

Md5

File type

Ionic.Zip.dll

f6933bf7cee0fd6c80cdf207ff15a523

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Pedidos.exe

2d7d6198e74019044904321ca92367c6

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Data.SQLite.dll

c24d8a3af83c9aa4844b40e89e55fed9

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

SQLite.Interop.dll

d5d111ab9e9e02f31a7261fb3c9f4a9c

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections

SQLite.Interop.dll

87becf5782ae6a051e122dcfa8c019b5

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

banner.gif

63cdb69c4b286df5b1e8468f3bfd6f5a

GIF image data, version 89a, 702 x 102

Catalogo.exe

e9b4d3c90b2743299788096c9a0538cb

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Catalogo.exe.config

a1310b1cb95ded2e2df8061e6ca65cf9

XML 1.0 document, ASCII text, with CRLF line terminators

CBClassCatalog.dll

cbd6d2b3816f18b5668b87944afc5548

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

CBClassModule.dll

7e68b77cbbae562b16aecb69a25356ca

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

CBPreload.exe

c0b1d036f2a5b66ee1ad4b2118629653

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Ccpbar.exe

826480195097393c9c06b3a30db512ab

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

Etman.ini

82870fa3a3875a9b72089d8846a367a7

Generic INItialization configuration [LOG]

EtmanP2.db

ee4249cabfff2b7b78b09d7c744af65e

SQLite 3.x database, last written using SQLite version 3008010, page size 1024, file counter 34, database pages 32, cookie 0x1e, schema 4, UTF-8, version-valid-for 34

Icono.ico

7ce3e773f3c9b811fd7cb7802166ae48

MS Windows icon resource - 1 icon, 32x32, 8 colors

sqlite3.exe

d9fc2ef852b4aa2e1c5ddc4f180494cc

PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 7 sections

sqlite3811.exe

4a4ad34b149c86b7f873dec37f46562f

PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 8 sections

Listas.dat

7541503c78e7dbe143f8633a6f809ea3

HTML document, ASCII text, with CRLF line terminators

Pedido.dat

655c75b87e200f86026354fad32c108b

HTML document, ASCII text, with CRLF line terminators

Presupuesto.dat

60bfd1142d4eaef691605503938a0017

HTML document, ASCII text, with CRLF line terminators

Version.txt

15a904995e8d85170b33871911081410

Unicode text, UTF-8 (with BOM) text, with no line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
VirusTotal	suspicious	VirusTotal - Scan result 1/62

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.etman2.com.ar/NC/Act.zip

179.43.120.177

200 OK

3.1 MB

URL User Request GET HTTP/1.1
www.etman2.com.ar/NC/Act.zip
IP
179.43.120.177:443
ASN
#27823 Dattatec.com

Certificate
IssuerSectigo Limited
Subjectetman2.com.ar
FingerprintB4:91:38:94:A7:1B:16:A0:47:90:E4:3F:D2:7E:6B:AE:DE:1F:D8:7A
ValidityFri, 12 May 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
3.1 MB (3106679 bytes)
Hash
6fcee5fa16e8deba78d9f44d182486f2
677440629b6ff1dc8c0016a29854fdbe7e42f797
8a9a16f3a83e338b881338728f3f475ef51a9af44e3e3ef26e02e13535367284

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/62

HTTP Headers

GET /NC/Act.zip HTTP/1.1
Host: www.etman2.com.ar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 04:03:21 GMT
Server: Apache
Last-Modified: Mon, 28 May 2018 22:46:42 GMT
ETag: "2f6777-56d4be439c51f"
Accept-Ranges: bytes
Content-Length: 3106679
Keep-Alive: timeout=20, max=300
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (21)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers