Report Overview
Visitedpublic
2024-11-03 21:40:00
Tags
Submit Tags
URL
www.qslonline.de/hk/download/hamfunktag.zip
Finishing URL
about:privatebrowsing
IP / ASN
192.124.249.90
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
www.qslonline.de 1 alert(s) on this Domain | unknown | unknown | 2018-11-09 | 2024-11-03 | 497 B | 8.0 MB | 192.124.249.90 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Mnemonic Secure DNS
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
www.qslonline.de/hk/download/hamfunktag.zip
IP / ASN
192.124.249.90
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=deflate
Size8.0 MB (8019410 bytes)
MD5194cfec36b57958535b2c888f144b4c9
SHA1e3391cff28d60c165864c136b8cadf8cd47d421f
Archive (8)
| Filename | MD5 | File type |
|---|---|---|
| HAMCONT.HLP | 18cf36d5f2839f1944fff535c9fc6d32 | MS Windows 3.1 help, Mon Oct 5 13:28:53 2009, 15329 bytes |
| hamcont.doc | 80c091310f24e150e29a7947df4f8d37 | Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1252, Title: bersicht, Author: DM2FDO, Template: Normal.dot, Last Saved By: Internet, Revision Number: 10, Name of Creating Application: Microsoft Word 9.0, Create Time/Date: Thu Sep 19 15:46:00 2002, Last Saved Time/Date: Mon Oct 5 13:30:00 2009, Number of Pages: 1, Number of Words: 1062, Number of Characters: 6056, Security: 0 |
| hamcont.cnt | c8010571fae5ad314eaa90dc3714121f | MS Windows help file Content, based "hamcont.hlp", ISO-8859 text, with CRLF line terminators |
| borlndmm.dll | 4553fc3048f2088bb2ae609a6c68645f | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 10 sections |
| hamcont.chm | 4cdf959c2bbcf7976149ce142d933acc | MS Windows HtmlHelp Data |
| daten.db | 5c20d40fafa9fc7fe98589bfb6b2dcc7 | SQLite 3.x database, last written using SQLite version 3008006, file counter 88, database pages 383, cookie 0x4c, schema 4, UTF-8, version-valid-for 88 |
| DelZip192.dll | 8cae54ab7086ae3a186dfaf5583c6159 | PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 7 sections |
| hamfunktagkassel.exe | f15063efaee2d076855131cddba19c7a | PE32 executable (GUI) Intel 80386, for MS Windows, 11 sections |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | pe_detect_tls_callbacks |
| VirusTotal | suspicious |
JavaScript (0)
No Javascripts found
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
GET www.qslonline.de/hk/download/hamfunktag.zip | 192.124.249.90 | 200 OK | 8.0 MB | |||||||
URL www.qslonline.de/hk/download/hamfunktag.zip IP / ASN 192.124.249.90 Requested byN/A Resource Info File typeZip archive data, at least v2.0 to extract, compression method=deflate First Seen2024-11-03 Last Seen2024-11-03 Times Seen2 Size8.0 MB (8019410 bytes) MD5194cfec36b57958535b2c888f144b4c9 SHA1e3391cff28d60c165864c136b8cadf8cd47d421f SHA25695b6a07a7f376c3e4d32f368f926eae93ea9e837a3dca9ee454171e888f50294 Certificate Info IssuerStarfield Technologies, Inc. Subjectqslonline.de Fingerprint3A:40:5E:60:C0:1E:14:74:EB:97:98:2A:9F:3C:94:0D:42:A0:94:E9 ValidityFri, 16 Aug 2024 14:44:49 GMT - Sat, 16 Aug 2025 14:44:49 GMT Detections
HTTP Headers | ||||||||||