| GET www.ashampoo.com/ashampoo_winoptimizer_free_sm.exe |  18.197.209.74 | 302 Found | 26 MB |
URL User Request GET www.ashampoo.com/ashampoo_winoptimizer_free_sm.exe IP18.197.209.74:443
CertificateIssuerDigiCert Inc Subjectashampoo.com FingerprintD5:E7:32:D8:53:C4:9B:28:01:C3:36:39:98:E0:DE:CF:8E:F4:F8:55 ValidityFri, 26 Apr 2024 00:00:00 GMT - Fri, 25 Apr 2025 23:59:59 GMT
Size26 MB (25584512 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ashampoo_winoptimizer_free_sm.exe HTTP/1.1
Host: www.ashampoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Mon, 24 Mar 2025 02:03:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31556926
Cache-Control: no-cache, private
Location: https://cdn1.ashampoo.net/public/ashglob/5806/ashampoo_winoptimizer_free_30303.exe
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImsrRjNjZUtldmlaVDJwU01TeE5rREE9PSIsInZhbHVlIjoiemxGaDFFZHhjVWpnRzg3REFjeXJqeXcvNHRERlVxcktKVGNRdUllbkxEbVpJSkZoWDNIYkJyblhOdk10N3RzQmhFMUxmTzB1eGZ2ZlBRalhFYi94Qm01cE54VVRrRXVVZlloZ0pOTkN6d1Vja2pPM0dUWXhwSnB5MGNGa0tGNG8iLCJtYWMiOiI2YjQzZjY3NWYwZDIxMTYyMDdlZTY5NWMyMTU2YjgzZjA3M2M0MjU2YjRlYzMwNGMyODFmNWUxZjQ4N2U4ODUwIiwidGFnIjoiIn0%3D; expires=Mon, 24 Mar 2025 04:03:02 GMT; Max-Age=7200; path=/; secure; samesite=lax
ashampoo_session=eyJpdiI6ImZtalNGQ3pzR3lzYTBxVUJkTnVpL2c9PSIsInZhbHVlIjoiRHlHZm5xOHQvL2s3UzZFM3lXeTcvKyt4TEc4cmgraGJnelcyY0dIaE1uVldjL0l4WlhjeVF6elpGRGZQeFJ0SDhJNVhXa0JGdXVmREFxWjNMMzlOYXdJSzZ3NXI2YVQraGtrOU8zcUY0S2kxeVBnQVVqbmhDNjdWV1k5aUdWaGoiLCJtYWMiOiJjZTczNzVhNjFmODI2MTVhM2IzMmFiZDM3ZTRiNmJkOThjNWY4YjFmMjc1NWM4OTFiMDgyMjZlODdlMmM2NzRkIiwidGFnIjoiIn0%3D; expires=Mon, 24 Mar 2025 04:03:02 GMT; Max-Age=7200; path=/; secure; httponly; samesite=lax
Access-Control-Allow-Origin: *
Content-Security-Policy: frame-ancestors 'self' https://*.ashampoo.com https://*.cms.test
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
|
| GET cdn1.ashampoo.net/public/ashglob/5806/ashampoo_winoptimizer_free_30303.exe |  143.204.55.125 | 200 OK | 26 MB |
URL User Request GET cdn1.ashampoo.net/public/ashglob/5806/ashampoo_winoptimizer_free_30303.exe IP143.204.55.125:443
CertificateIssuerAmazon Subject*.ashampoo.net Fingerprint2A:BB:66:C0:9F:5D:F7:C5:DE:24:69:92:34:75:01:1B:53:47:7E:19 ValidityFri, 13 Sep 2024 00:00:00 GMT - Sun, 12 Oct 2025 23:59:59 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, 8 sections Size26 MB (25584512 bytes) Hash0ad93d624a6b67a6d9522d10f21302c9 d883986a034e4017d7bdb3b4b4d41bcb64c18aef f18d76d4516c7e2195bcd5490aafcfa2fec95ff1a71dc9e5f433b3e712bc432d
| Analyzer | Verdict | Alert |
|---|
| YARAhub by abuse.ch | malware | Detect pe file that no import table |
GET /public/ashglob/5806/ashampoo_winoptimizer_free_30303.exe HTTP/1.1
Host: cdn1.ashampoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 25584512
date: Sun, 23 Mar 2025 12:50:42 GMT
last-modified: Mon, 24 Jul 2023 12:12:41 GMT
etag: "f4c2c9824f2ef69132256480e29f698c"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OrN68nPGljXfPJR7QRt9dElLAQXaoFEHATspVzSbd5d1t5253q_HNQ==
age: 47541
X-Firefox-Spdy: h2
|