Report - www.giustizia.it/cmsresources/cms/documents/nsc_massive_applicazione

Report Overview

Visited public
2025-01-30 11:52:36
Tags
Submit Tags
URL
www.giustizia.it/cmsresources/cms/documents/nsc_massive_applicazione_3.5.zip
Finishing URL
about:privatebrowsing
IP / ASN
3.123.216.247
#16509 AMAZON-02
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.giustizia.it	unknown	1997-03-13	2012-10-17	2024-02-06	542 B	8.9 MB	3.123.216.247

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.giustizia.it/cmsresources/cms/documents/nsc_massive_applicazione_3.5.zip
IP
3.123.216.247
ASN
#16509 AMAZON-02

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
8.9 MB (8943787 bytes)
Hash
5980c0d99efba365f848e1424a7c5d42
dcf2605b4cf30223c30ff7574c61a8fa9c48ccfb
4bdfa9a11af9adbcb6f9cf64fb42d5ad756742f520c104631bc6ffb68dff048a

Archive (42)

Filename

Md5

File type

Certificazione-Massiva-Manuale_Utente.pdf

9cadaf3f2579c79724d297a3cc9df9aa

PDF document, version 1.3, 26 page(s)

MASSIVE.CAB

3f28b60f7ef1d22cdff28d21c7052525

Microsoft Cabinet archive data, many, 3904836 bytes, 32 files, at 0x1830 last modified Sun, Oct 30 2019 11:41:20 +A "MASSIVE.exe" last modified Sun, Apr 13 2008 22:13:48 +A "msvbvm60.dll", flags 0x4, ID 35581, number 1, extra bytes 6144 in head, 228 datablocks, 0x1 compression

setup.exe

e3c3df5e1a2e39a62470053ab3ffbe55

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

SETUP.LST

c650c31de8ebafa590dabd70dc25650f

Generic INItialization configuration [Bootstrap Files]

asycfilt.dll

52f0348478fd5a5f05a0a3c0abfdd20a

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

Certificazione-Massiva-Manuale_Utente.pdf

9cadaf3f2579c79724d297a3cc9df9aa

PDF document, version 1.3, 26 page(s)

COMCAT.DLL

3b180da2b50b954a55fe37afba58d428

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

config.ini

d41d8cd98f00b204e9800998ecf8427e

FDF.DLL

8735d2900bbf8f82bdbdfca027f3f413

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

FDF.LIB

cf59b26389cb78c6a3a1eca235abcb5a

current ar archive

FDFACX.DLL

43e604821a0654c378ea28a304d6f974

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

FDFACX.IDL

9cc7b0e82a6e7ab8c6ab8efbd10aad6d

ASCII text, with CRLF line terminators

FdfTk.dll

2a799ba7d16da089e27eb65bff5f86e0

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

FdfTk.lib

f09c46c96b01fb3346aa475e1be7d998

current ar archive

FileCodComuni.txt

0bef1c59bad7b6dc210b57d58aca0fca

CSV ASCII text

FileCodStati.txt

d6008254d00d4b8ff58d739341f17cb5

CSV ASCII text

FLXGDIT.DLL

d4a757242c0688fcad1231777b2fcfa6

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

MASSIVE.BAT

e846d7c8e952a1589872814434d24f9f

DOS batch file, ASCII text, with CRLF line terminators

MASSIVE.DDF

5271b33d29575cbc9a0ad3cf04b5637d

ASCII text, with CRLF line terminators

MASSIVE.exe

6cf825fa241f8afc9b7e01b1a00539ee

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

modello.pdf

88ef5a8b5be484b9d5f220e993a6e46c

PDF document, version 1.6 (zip deflate encoded)

MSCC2IT.DLL

5552cae5a8403999a3f3e625a6e1caa2

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

MSCOMCT2.OCX

c1b4af41a0370e4081d59ac99bcc929d

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

msflxgrd.ocx

07bae8106a135df779abc46ec603ea09

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

MSMASK32.OCX

ce096567abc830c1fe68e00d212d8d92

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

MSMSKIT.DLL

a3845942de436d06343e4f8e6e5f6a32

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

MSSTDFMT.DLL

92b712df390367bfa4252a48d9d71d51

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 6 sections

msvbvm60.dll

02c6e6ffbb5a0db4351a1d91f15c57ef

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

oleaut32.dll

7019d16d504ee7bcb7303775b382514b

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

olepro32.dll

eea7dded2f11300b4b00c81d93a14898

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

SETUP.EXE

e3c3df5e1a2e39a62470053ab3ffbe55

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

setup.inf

817165cc879ef71dfcfeb6965a5ebaaf

Generic INItialization configuration [cabinet list]

Setup.Lst

c650c31de8ebafa590dabd70dc25650f

Generic INItialization configuration [Bootstrap Files]

setup.rpt

2aded98cb6a77d954b363eef6756651f

ASCII text, with CRLF line terminators

SETUP1.EXE

bc11c490e1805a0fc2028a97ce99a758

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

ST6UNST.EXE

438dd6b95a98944eed4c1fa6d9bf619f

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

stdole2.tlb

93feb3c49788c4b6e8585787bfaca673

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

tabctit.dll

2dfc008167b773076eeea9b80907ff01

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

tabctl32.ocx

908938d3ba2d870ee9fc6238a4c6af95

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 4 sections

vb6it.dll

73e7e5f86f5c4525fae9bc7f2239a591

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections

VB6STKIT.DLL

925827000955b6e50a3ed358fe4b94d0

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

XPControls.ocx

2bf35e3379be1fc33d2a7a9652e21c9b

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table
YARAhub by abuse.ch	malware	Detect pe file that no import table
YARAhub by abuse.ch	malware	Detect pe file that no import table
YARAhub by abuse.ch	malware	Detect pe file that no import table
YARAhub by abuse.ch	malware	Detect pe file that no import table
YARAhub by abuse.ch	malware	Detect pe file that no import table
VirusTotal	suspicious	VirusTotal - Scan result 2/67

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET www.giustizia.it/cmsresources/cms/documents/nsc_massive_applicazione_3.5.zip

3.123.216.247

200 OK

8.9 MB

URL User Request GET HTTP/1.1
www.giustizia.it/cmsresources/cms/documents/nsc_massive_applicazione_3.5.zip
IP
3.123.216.247:443
ASN
#16509 AMAZON-02

Certificate
IssuerDigiCert Inc
Subject*.giustizia.it
Fingerprint94:9E:F8:C7:CA:06:0E:63:48:10:A0:31:5B:E5:A1:71:A4:77:94:F1
ValidityTue, 20 Feb 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
8.9 MB (8943787 bytes)
Hash
5980c0d99efba365f848e1424a7c5d42
dcf2605b4cf30223c30ff7574c61a8fa9c48ccfb
4bdfa9a11af9adbcb6f9cf64fb42d5ad756742f520c104631bc6ffb68dff048a

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/67

HTTP Headers

GET /cmsresources/cms/documents/nsc_massive_applicazione_3.5.zip HTTP/1.1
Host: www.giustizia.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
cache-control: private, max-age=86400
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' * ;
accept-ranges: bytes
date: Thu, 30 Jan 2025 11:52:04 GMT
last-modified: Thu, 05 Oct 2023 08:12:08 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
content-length: 8943787
content-type: application/zip
set-cookie: d6a1da9af1d1390df3029fb11809aa19=de367591d5bd6e6c06c204701c9a1c3d; path=/; HttpOnly; Secure; SameSite=None
cookiesession1=678A3E4F8EB63FB13A5DEC3967A435D9;Expires=Fri, 30 Jan 2026 11:52:04 GMT;Path=/

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (42)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers