IP 192.124.249.36:0
Hash 6edf15223a705a85555ea1d39bbc11c0
b39b998b53b447cc2ee6c7f9500953d3201a8bc1
6d0682150e47b3f010da2934e3d292c1b5fe912c489a7aa4d4f58def4e22103e
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 29 Mar 2024 10:00:09 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 29 Mar 2024 02:43:12 GMT
Expires: Sat, 30 Mar 2024 02:43:12 GMT
ETag: "b39b998b53b447cc2ee6c7f9500953d3201a8bc1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
op-com.pci-diagnosetechnik.de/download/dl/Profi/OP-COM-Professional-210420b_DE-Installer.exe
178.77.84.32302 Found 0 B URL User Request GET HTTP/1.1 op-com.pci-diagnosetechnik.de/download/dl/Profi/OP-COM-Professional-210420b_DE-Installer.exe
IP 178.77.84.32:443
ASN #34011 Host Europe GmbH
Certificate IssuerStarfield Technologies, Inc.
Subject*.pci-diagnosetechnik.de
FingerprintE1:21:85:C9:94:6B:F2:3C:15:96:DA:BE:24:39:00:1B:E1:0F:F9:C7
ValidityMon, 12 Jun 2023 23:03:14 GMT - Fri, 12 Jul 2024 23:03:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/dl/Profi/OP-COM-Professional-210420b_DE-Installer.exe HTTP/1.1
Host: op-com.pci-diagnosetechnik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 29 Mar 2024 10:00:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache
X-Content-Security-Policy: default-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; frame-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com; unsafe-eval 'self' https://hcaptcha.com https://*.hcaptcha.com; unsafe-inline 'self' https://hcaptcha.com https://*.hcaptcha.com;
Location: https://op-com.pci-diagnosetechnik.de/wp-content/downloads/dl/Profi/OP-COM-Professional-210420b_DE-Installer.exe
Cache-Control: max-age=172800
Expires: Sun, 31 Mar 2024 10:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: User-Agent
op-com.pci-diagnosetechnik.de/wp-content/downloads/dl/Profi/OP-COM-Professional-210420b_DE-Installer.exe
178.77.84.32200 OK 14 MB URL User Request GET HTTP/1.1 op-com.pci-diagnosetechnik.de/wp-content/downloads/dl/Profi/OP-COM-Professional-210420b_DE-Installer.exe
IP 178.77.84.32:443
ASN #34011 Host Europe GmbH
Certificate IssuerStarfield Technologies, Inc.
Subject*.pci-diagnosetechnik.de
FingerprintE1:21:85:C9:94:6B:F2:3C:15:96:DA:BE:24:39:00:1B:E1:0F:F9:C7
ValidityMon, 12 Jun 2023 23:03:14 GMT - Fri, 12 Jul 2024 23:03:14 GMT
File type PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections
Size 14 MB (13991683 bytes)
Hash a58b236866b5c333b4cabcacea933dc0
0427735d2c3dfc098dac782306eac2bd98a92543
c17d24b0a5126dc60ddff6969a1ea1cb4bad7d6882c3641ce82fdda43b27969e
Analyzer Verdict Alert YARAhub by abuse.ch malware Detect files is `SliverFox` malware
VirusTotal suspicious
GET /wp-content/downloads/dl/Profi/OP-COM-Professional-210420b_DE-Installer.exe HTTP/1.1
Host: op-com.pci-diagnosetechnik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 10:00:09 GMT
Content-Type: application/x-msdos-program
Content-Length: 13991683
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 16 Jun 2021 10:26:29 GMT
ETag: "d57f03-5c4df86085f40"
Accept-Ranges: bytes
Cache-Control: max-age=172800
Expires: Sun, 31 Mar 2024 10:00:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: User-Agent