Report - hangvogel.hypermart.net/dbx2mail/dbx2mail.zip

Report Overview

Visited public
2025-05-27 00:04:00
Tags
Submit Tags
URL
hangvogel.hypermart.net/dbx2mail/dbx2mail.zip
Finishing URL
about:privatebrowsing
IP / ASN
38.113.1.157
#29873 BIZLAND-SD
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
hangvogel.hypermart.net	unknown	1997-08-25	2017-02-09	2025-04-28	513 B	257 kB	38.113.1.157

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
hangvogel.hypermart.net/dbx2mail/dbx2mail.zip
IP
38.113.1.157
ASN
#29873 BIZLAND-SD

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
257 kB (256834 bytes)
Hash
b6baebfb3352ae00f3944f9cb85f77ef
6d632834b20d6e81c5ac740fbcd21b081b8bbe64
a301dabd40e2269a7deddcd17b253de70f9ecb35679e94d98e710bb1b8dae273

Archive (18)

Filename

Md5

File type

update.txt

330817424873ca8266f3fdfc0981a180

ASCII text, with very long lines (469), with CRLF line terminators

agreement.txt

bbca0984b311455fb2f9ba5a37bdf4e9

ASCII text, with very long lines (397), with CRLF line terminators

contact.txt

e974d7637c6ecaf808c9f84de7b88781

ASCII text, with CRLF line terminators

contents.txt

e6565794ad828b39c673fadd040b3c26

ASCII text, with CRLF line terminators

dbx2mail.exe

56f4cd9f659d97429a3cd653a67c51f2

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

dbx2mail.chm

fea06a472456752341021c9663507a77

MS Windows HtmlHelp Data

dbx2mail.ico

f60fb35ccbcb95b21e565d1aea96dcca

MS Windows icon resource - 1 icon, 32x32, 16 colors

file.txt

18765e9a04e5f10f747cd6ef6a40a151

ASCII text, with CRLF line terminators

input.txt

28a63efb69e61356c1bf2c63823fd60a

ASCII text, with very long lines (468), with CRLF line terminators

install.txt

3eef3907e25aa964e3f7632d03e61083

ASCII text, with CRLF line terminators

introducing.txt

b22c804d386a85ce3638332bda7b19f6

ASCII text, with very long lines (505), with CRLF line terminators

languages.txt

61c651fedaca96ad0676ae5a997764b0

ISO-8859 text, with CRLF line terminators

options.txt

66e8366d9df17453868fc861f903ff54

ASCII text, with CRLF line terminators

output.txt

f6b209b8186e2146d0a2275eb2b8eca7

ASCII text, with very long lines (432), with CRLF line terminators

readme.txt

a96da582cd1dfba6a7279659326ceafb

ASCII text, with CRLF line terminators

3a6c0eb3f1414882b21f0af7572a8399

ASCII text, with very long lines (457), with CRLF line terminators

require.txt

f5c53361e42379d8ddb197ae66f1418e

ASCII text, with CRLF line terminators

shorthow.txt

e34cd7e7ddc7158adf0960d1a3ec78c6

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Scans presence of the found strings using the in-house brute force method
VirusTotal	suspicious	VirusTotal - Scan result 1/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET hangvogel.hypermart.net/dbx2mail/dbx2mail.zip

38.113.1.157

200 OK

257 kB

URL User Request GET
hangvogel.hypermart.net/dbx2mail/dbx2mail.zip
IP
38.113.1.157:443
ASN
#29873 BIZLAND-SD

Certificate
IssuerSectigo Limited
Subject*.hypermart.net
Fingerprint67:16:FF:EA:81:29:3F:A7:73:BB:21:EA:BD:DE:F2:D7:F2:0F:E8:CA
ValidityTue, 27 Aug 2024 00:00:00 GMT - Wed, 27 Aug 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
257 kB (256834 bytes)
Hash
b6baebfb3352ae00f3944f9cb85f77ef
6d632834b20d6e81c5ac740fbcd21b081b8bbe64
a301dabd40e2269a7deddcd17b253de70f9ecb35679e94d98e710bb1b8dae273

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/65

HTTP Headers

GET /dbx2mail/dbx2mail.zip HTTP/1.1
Host: hangvogel.hypermart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 27 May 2025 00:03:28 GMT
Content-Type: application/zip
Content-Length: 256834
Connection: keep-alive
Server: Apache
X-Robots-Tag: noindex, nofollow
Last-Modified: Thu, 15 Feb 2007 18:07:43 GMT
ETag: "3eb42-42987bc4d354d"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Tue, 27 May 2025 04:03:28 GMT
Age: 0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (18)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers