Report - the.earth.li/~sgtatham/putty/0.81/w64/putty.zip

Report Overview

Submitted URL
the.earth.li/~sgtatham/putty/0.81/w64/putty.zip
IP
93.93.131.124
ASN
#44684 Mythic Beasts Ltd
Submitted
2024-04-16 08:47:56
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
the.earth.li	249742	unknown	2012-10-27	2024-04-15	501 B	4.0 MB	93.93.131.124

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
the.earth.li/~sgtatham/putty/0.81/w64/putty.zip
IP
93.93.131.124
ASN
#44684 Mythic Beasts Ltd

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
4.0 MB (3959924 bytes)
Hash
7f603020ee7f5d9f57afaaaabab3a922
662d5eec50fec94d7d754345f1d0edbd7ae19150
7778a9457f089852d4f531554952739f126000cbd61a504f65f168904f5c50f2

Archive (7)

Filename

Md5

File type

PAGEANT.EXE

953b8b1b68c5ac4941dc86d55567f16c

PE32+ executable (GUI) x86-64, for MS Windows, 9 sections

PLINK.EXE

cc62ba67c1200202d1da784ea0313408

PE32+ executable (console) x86-64, for MS Windows, 9 sections

PSCP.EXE

43d79c14ec0cec20b114a34d7997e815

PE32+ executable (console) x86-64, for MS Windows, 9 sections

PSFTP.EXE

dd2932c28f1c29a827c9abc08f05d3ce

PE32+ executable (console) x86-64, for MS Windows, 9 sections

PUTTY.EXE

5efef6cc9cd24baeeed71c1107fc32df

PE32+ executable (GUI) x86-64, for MS Windows, 10 sections

PUTTYGEN.EXE

1e046e1c21903c92276f581be221d46a

PE32+ executable (GUI) x86-64, for MS Windows, 10 sections

PUTTY.CHM

ebf24330322c84a120d17cf29f623a75

MS Windows HtmlHelp Data

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	suspicious	VirusTotal - Scan result 1/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

the.earth.li/~sgtatham/putty/0.81/w64/putty.zip

93.93.131.124

200 OK

4.0 MB

URL User Request GET HTTP/1.1
the.earth.li/~sgtatham/putty/0.81/w64/putty.zip
IP
93.93.131.124:443
ASN
#44684 Mythic Beasts Ltd

Certificate
IssuerLet's Encrypt
Subjectthe.earth.li
Fingerprint90:50:7F:B8:DC:74:DF:1E:69:8F:6E:75:3F:CA:22:3E:4E:35:AD:47
ValidityMon, 11 Mar 2024 01:15:24 GMT - Sun, 09 Jun 2024 01:15:23 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
4.0 MB (3959924 bytes)
Hash
7f603020ee7f5d9f57afaaaabab3a922
662d5eec50fec94d7d754345f1d0edbd7ae19150
7778a9457f089852d4f531554952739f126000cbd61a504f65f168904f5c50f2

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/65

HTTP Headers

GET /~sgtatham/putty/0.81/w64/putty.zip HTTP/1.1
Host: the.earth.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 08:47:30 GMT
Server: Apache
Last-Modified: Sat, 06 Apr 2024 09:54:25 GMT
ETag: "3c6c74-6156a8ebb69fa"
Accept-Ranges: bytes
Content-Length: 3959924
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (7)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers