Report - ginkosolutions.com/download-auth/HandmadeToolbox.zip

Report Overview

Submitted URL
ginkosolutions.com/download-auth/HandmadeToolbox.zip
IP
192.185.6.38
ASN
#19871 NETWORK-SOLUTIONS-HOSTING
Submitted
2024-04-20 11:25:28
Access
public
Website Title
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ginkosolutions.com	unknown	2011-03-25	2015-06-23	2024-02-15	506 B	3.1 MB	192.185.6.38

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
ginkosolutions.com/download-auth/HandmadeToolbox.zip
IP
192.185.6.38
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
3.1 MB (3119476 bytes)
Hash
d6f89813d873bfa074dc4e3f2a3f87be
eadc433ce8b6f474182273a4d93b4070268fd9dc
2c5b742e0353d466f7e3ef866a0cca023fb31063723bdd38f4dea6fc42aaf6fc

Archive (11)

Filename

Md5

File type

EntityFramework.dll

6fc8d87fce0782c97f439bb77b304539

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

EntityFramework.SqlServer.dll

3653cdbb89bab51db802dc4e2e928b3c

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

EntityFramework.SqlServerCompact.dll

b1d7c827d6cdbd6f429125ec5087e281

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Etsy.sdf

0dd034f3fe58e76188a23ab2aefe93b1

data

Handmade Toolbox.exe

8f547edb31ee996fbfb42ae6f5d3df78

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 4 sections

Handmade Toolbox.exe.config

4b0482e7327cce9b3628e251cf0623d9

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (392), with CRLF line terminators

Logger.sdf

94c90691746afcc583e432606d7df8db

data

System.Data.SqlServerCe.dll

de710d68f76e076e161226836792c025

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

EULA.txt

2a3b63b151c315d650f5d7ef5e0f192d

ASCII text, with very long lines (795), with CRLF line terminators

READ ME FIRST.txt

6baf815ad81e3932f06d460205b465bb

ASCII text, with very long lines (649), with CRLF line terminators

Terms and Conditions.txt

7396aa62be0bbb88351d17dd7f83c390

ASCII text, with very long lines (385), with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Size
	ginkosolutions.com/download-auth/HandmadeToolbox.zip	192.185.6.38	3.1 MB
URL ginkosolutions.com/download-auth/HandmadeToolbox.zip IP 192.185.6.38:0 ASN #19871 NETWORK-SOLUTIONS-HOSTING File type Zip archive data, at least v1.0 to extract, compression method=store Size 3.1 MB (3119476 bytes) Hash d6f89813d873bfa074dc4e3f2a3f87be eadc433ce8b6f474182273a4d93b4070268fd9dc 2c5b742e0353d466f7e3ef866a0cca023fb31063723bdd38f4dea6fc42aaf6fc HTTP Headers `GET /download-auth/HandmadeToolbox.zip HTTP/1.1 Host: ginkosolutions.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/x-zip-compressed last-modified: Sat, 29 Oct 2016 03:40:59 GMT accept-ranges: bytes etag: "65465d439631d21:0" server: Microsoft-IIS/10.0 x-powered-by: ASP.NET x-powered-by-plesk: PleskWin date: Sat, 20 Apr 2024 11:24:53 GMT content-length: 3119476 X-Firefox-Spdy: h2`

ginkosolutions.com/download-auth/HandmadeToolbox.zip

192.185.6.38

3.1 MB

URL
ginkosolutions.com/download-auth/HandmadeToolbox.zip
IP
192.185.6.38:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
3.1 MB (3119476 bytes)
Hash
d6f89813d873bfa074dc4e3f2a3f87be
eadc433ce8b6f474182273a4d93b4070268fd9dc
2c5b742e0353d466f7e3ef866a0cca023fb31063723bdd38f4dea6fc42aaf6fc

HTTP Headers

GET /download-auth/HandmadeToolbox.zip HTTP/1.1
Host: ginkosolutions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-zip-compressed
last-modified: Sat, 29 Oct 2016 03:40:59 GMT
accept-ranges: bytes
etag: "65465d439631d21:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 20 Apr 2024 11:24:53 GMT
content-length: 3119476
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (11)

Detections

JavaScript (0)

HTTP Transactions (1)

URL

IP

ASN

File type

Size

Hash

HTTP Headers