Report - softpedia-secure-download.com/dl/72f50eca57214bc6a9554f4245d8464b/6795eb44/100170652/software/portable/system/launchers/WinOFF.zip

Report Overview

Visited public
2025-01-26 08:00:02
Tags
URL
softpedia-secure-download.com/dl/72f50eca57214bc6a9554f4245d8464b/6795eb44/100170652/software/portable/system/launchers/WinOFF.zip
Finishing URL
about:privatebrowsing
IP / ASN
146.70.213.157
#9009 M247 Europe SRL
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
softpedia-secure-download.com	unknown	2015-12-30	2017-02-01	2025-01-19	584 B	819 kB	146.70.213.157

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
softpedia-secure-download.com/dl/72f50eca57214bc6a9554f4245d8464b/6795eb44/100170652/software/portable/system/launchers/WinOFF.zip
IP
146.70.213.157
ASN
#9009 M247 Europe SRL

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
819 kB (818747 bytes)
Hash
1ea8cade6e9c0f9981c26057721d7e1f
4d90cff4e81b8d399258cf013440c9e4b05828a4
af0637ebc5122a93c4da49efb2e29caf999ebbe0c4352a7628732f612893f43d

Archive (9)

Filename

Md5

File type

WinOFF.exe

63360840310e8ac9eb787642a73b016a

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

Cambios.txt

87245e6655c0a30aad833b7a7940c65c

ISO-8859 text, with CRLF line terminators

Changes.txt

8a095ae03ca802456f6e999722d0ce26

ISO-8859 text, with CRLF line terminators

wo_esp.dll

87c103ebefb886b2273089ab5d2d98c5

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

ras.dll

a85eda5fe1d6889e38cdcf46a65a10b7

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

Help.html

80cfd8d156e747f31d3723a18f69b4ab

HTML document, ASCII text, with CRLF line terminators

WinOFF_guardian.exe

0ee3f6c8f81f4fe507392c763647a686

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

WinOFF_launcher.exe

855d0e0982689ba317bf47331ab149d8

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

WinOFF_admin.exe

702f95efc44cf0f5c7676fed9e4d761a

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/67

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

softpedia-secure-download.com/dl/72f50eca57214bc6a9554f4245d8464b/6795eb44/100170652/software/portable/system/launchers/WinOFF.zip

146.70.213.157

200 OK

819 kB

URL User Request GET HTTP/1.1
softpedia-secure-download.com/dl/72f50eca57214bc6a9554f4245d8464b/6795eb44/100170652/software/portable/system/launchers/WinOFF.zip
IP
146.70.213.157:443
ASN
#9009 M247 Europe SRL

Certificate
IssuerSectigo Limited
Subject*.softpedia-secure-download.com
Fingerprint1A:D9:A2:01:25:91:AB:23:D8:31:19:1D:72:25:C9:8B:D9:3B:2F:B3
ValidityMon, 22 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
819 kB (818747 bytes)
Hash
1ea8cade6e9c0f9981c26057721d7e1f
4d90cff4e81b8d399258cf013440c9e4b05828a4
af0637ebc5122a93c4da49efb2e29caf999ebbe0c4352a7628732f612893f43d

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/67

HTTP Headers

GET /dl/72f50eca57214bc6a9554f4245d8464b/6795eb44/100170652/software/portable/system/launchers/WinOFF.zip HTTP/1.1
Host: softpedia-secure-download.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/zip
Accept-Ranges: bytes
ETag: "569373400"
Last-Modified: Mon, 18 Oct 2010 03:29:28 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'unsafe-inline'
Content-Length: 818747
Date: Sun, 26 Jan 2025 07:59:36 GMT
Server: SPD/P5

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (9)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers