Report - download.daxa-chart.de/hlp_for_windows

Report Overview

Visitedpublic

2025-01-06 22:20:06

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
download.daxa-chart.de	unknown	unknown	2014-07-17	2023-10-26	499 B	503 B	217.160.0.96
www.daxa-chart.de	unknown	unknown	2016-06-27	2025-01-06	517 B	176 kB	217.160.0.96

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

www.daxa-chart.de/download/hlp_for_windows_10.zip

IP / ASN

217.160.0.96

#8560 IONOS SE

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=store

Size176 kB (176158 bytes)

MD54ec767fa3c9ab1607419df116e98200d

SHA14abdc9064130e46a280fabfe02dffc7b180c79c8

SHA256e610655d7e27b4d2e48f93d78af23a619fc257f27ae392a5211585a96bc8e08a

Archive (4)

Modified	Filename	Size	MD5	File type
2016-01-09 13:34	Install.cmd	5.0 kB	eee3a3cc998379b72fa7671bb42bc4ee	DOS batch file, ISO-8859 text, with CRLF, LF line terminators
2007-02-19 01:41	winhlp32.exe	297 kB	35e1492c80c39055955f6e7575450042	PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
2007-02-19 01:46	winhlp32.exe.mui	31 kB	4ed03cfaff6cfbdbe092148299ca9716	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections
2016-01-13 11:46	Readme.txt	339 B	8a08de231a9be3c80e9e3df46cd89302	ISO-8859 text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	GET download.daxa-chart.de/hlp_for_windows_10.zip	217.160.0.96	301 Moved Permanently	265 B
URL download.daxa-chart.de/hlp_for_windows_10.zip IP / ASN 217.160.0.96 #8560 IONOS SE Requested byN/A Resource Info File typeHTML document, ASCII text First Seen2025-01-06 Last Seen2025-01-06 Times Seen1 Size265 B (265 bytes) MD5052798b98d57f53dd9ae2480e875d2b7 SHA1fcf1c3706140842e568409b01ddd557c94f05b8b SHA2569264ca142e65aed753771ec78c81b610bf3d90a9bb99d1a05d33e32f3faac596 Certificate Info IssuerDigiCert Inc Subject.daxa-chart.de Fingerprint3C:D9:BF:6D:C9:17:48:3E:F1:20:34:7A:F8:90:B1:6E:1E:B1:25:F4 ValiditySun, 22 Sep 2024 00:00:00 GMT - Tue, 07 Oct 2025 23:59:59 GMT HTTP Headers `GET /hlp_for_windows_10.zip HTTP/1.1 Host: download.daxa-chart.de User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently content-type: text/html; charset=iso-8859-1 content-length: 265 location: https://www.daxa-chart.de/download/hlp_for_windows_10.zip date: Mon, 06 Jan 2025 22:19:41 GMT server: Apache X-Firefox-Spdy: h2`

	GET www.daxa-chart.de/download/hlp_for_windows_10.zip	217.160.0.96	200 OK	176 kB
URL www.daxa-chart.de/download/hlp_for_windows_10.zip IP / ASN 217.160.0.96 #8560 IONOS SE Requested byN/A Resource Info File typeZip archive data, at least v2.0 to extract, compression method=store First Seen2025-01-06 Last Seen2025-01-06 Times Seen2 Size176 kB (176158 bytes) MD54ec767fa3c9ab1607419df116e98200d SHA14abdc9064130e46a280fabfe02dffc7b180c79c8 SHA256e610655d7e27b4d2e48f93d78af23a619fc257f27ae392a5211585a96bc8e08a Certificate Info IssuerDigiCert Inc Subject.daxa-chart.de Fingerprint3C:D9:BF:6D:C9:17:48:3E:F1:20:34:7A:F8:90:B1:6E:1E:B1:25:F4 ValiditySun, 22 Sep 2024 00:00:00 GMT - Tue, 07 Oct 2025 23:59:59 GMT HTTP Headers GET /download/hlp_for_windows_10.zip HTTP/1.1 Host: www.daxa-chart.de User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-type: application/zip content-length: 176158 date: Mon, 06 Jan 2025 22:19:41 GMT server: Apache last-modified: Wed, 13 Jan 2016 12:11:22 GMT etag: "2b01e-529361189b67e" accept-ranges: bytes X-Firefox-Spdy: h2`

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

File detected

Detections

JavaScript (0)

HTTP Transactions (2)

HTTP Headers

HTTP Headers