Report - www.coreftp.com/download/CoreftpSetup64.exe

Report Overview

Visitedpublic

2025-08-02 12:53:01

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
www.coreftp.com	unknown	2003-01-17	2017-02-01	2025-05-24	511 B	5.0 MB	191.101.14.206

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

No alerts detected

File detected

URL

www.coreftp.com/download/CoreftpSetup64.exe

IP / ASN

191.101.14.206

#47583 Hostinger International Limited

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections

Size5.0 MB (5016832 bytes)

MD519733b32c5fc9ec6066ba9f2ab964e2d

SHA1ede9e134ff608a69da7be882062e894c5f772cd4

SHA2569c8fa84ca69e46c708b653be8ce6304a1cab8f0b8fe7678e452f95ec366a9753

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files is `SliverFox` malware

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET www.coreftp.com/download/CoreftpSetup64.exe

191.101.14.206

200 OK

5.0 MB

URL User Request GET HTTPS

www.coreftp.com/download/CoreftpSetup64.exe

IP / ASN

191.101.14.206

#47583 Hostinger International Limited

Requested byN/A

Resource Info

File typePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections

First Seen2025-08-02

Last Seen2025-08-02

Times Seen1

Size5.0 MB (5016832 bytes)

MD519733b32c5fc9ec6066ba9f2ab964e2d

SHA1ede9e134ff608a69da7be882062e894c5f772cd4

SHA2569c8fa84ca69e46c708b653be8ce6304a1cab8f0b8fe7678e452f95ec366a9753

Certificate Info

IssuerSectigo Limited

Subjectwww.coreftp.com

FingerprintFD:12:29:5B:03:33:5E:99:80:A0:8B:E7:28:0E:F4:55:E4:06:E2:47

ValidityThu, 10 Oct 2024 00:00:00 GMT - Mon, 10 Nov 2025 23:59:59 GMT

Technology Fingerprints

Debian (Operating systems)

Apache HTTP Server:2.4.62 (Web servers)

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files is `SliverFox` malware

HTTP Headers

GET /download/CoreftpSetup64.exe HTTP/1.1
Host: www.coreftp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 02 Aug 2025 12:52:37 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Wed, 19 Jun 2024 20:06:11 GMT
ETag: "4c8d00-61b43baccb2c0"
Accept-Ranges: bytes
Content-Length: 5016832
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-msdos-program