IP 172.64.149.23:0
Hasha20a646f79a798897054f01986f938cb 3d221b39c80db6ce2200b40fd6ba36148f14cb4d 7131cd015dcf1e616d9e6548e4ac8cd872f92f291fd7b5b8eecc32de059e61e4
POST / HTTP/1.1
Host: geant.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 May 2024 00:28:51 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 10 May 2024 09:18:54 GMT
Expires: Fri, 17 May 2024 09:18:53 GMT
Etag: "3d221b39c80db6ce2200b40fd6ba36148f14cb4d"
Cache-Control: max-age=549601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 881e0d246af9b505-OSL
|
| GET moodle.univ-angers.fr/pluginfile.php/1070579/mod_folder/content/0/cft-aca.exe?forcedownload=1 |  193.49.144.245 | 200 OK | 1.8 MB |
URL User Request GET HTTP/1.1moodle.univ-angers.fr/pluginfile.php/1070579/mod_folder/content/0/cft-aca.exe?forcedownload=1 IP193.49.144.245:443
CertificateIssuerGEANT Vereniging Subject*.univ-angers.fr Fingerprint08:94:2F:19:9D:76:BB:2E:DF:A1:63:37:BD:16:B2:6D:D6:B5:8E:DB ValidityMon, 05 Feb 2024 00:00:00 GMT - Tue, 04 Feb 2025 23:59:59 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, 4 sections Size1.8 MB (1754687 bytes) Hashebc4a627e1356c8fd2734b0529596873 323aabe3e55374fd2ac0e608156ed72a65aafa24 2056b369e4c2427b00e005312f97d9bd950d5fea551f1756a04043cb4b02034c
| Analyzer | Verdict | Alert |
|---|
| VirusTotal | suspicious | |
GET /pluginfile.php/1070579/mod_folder/content/0/cft-aca.exe?forcedownload=1 HTTP/1.1
Host: moodle.univ-angers.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sat, 11 May 2024 00:28:51 GMT
server: Apache/2.4.52 (Ubuntu)
content-disposition: attachment; filename="cft-aca.exe"
cache-control: private, max-age=10, no-transform
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma:
accept-ranges: bytes
set-cookie: MoodleSession=m5a3aeogd236768hoqn51kusbh; path=/; secure
etag: "323aabe3e55374fd2ac0e608156ed72a65aafa24"
last-modified: Sat, 06 Oct 2018 08:55:51 GMT
transfer-encoding: chunked
content-type: application/octet-stream
|