| www.trane.com/content/dam/Trane/Commercial/software/tools/TracerTU.Setup.11.9.428.exe |  54.240.174.81 | 200 OK | 103 kB |
URL User Request GET HTTP/2www.trane.com/content/dam/Trane/Commercial/software/tools/TracerTU.Setup.11.9.428.exe IP54.240.174.81:443
CertificateIssuerNetwork Solutions L.L.C. Subjecttrane.com Fingerprint86:5B:5B:CE:5E:29:B7:DE:82:3A:2C:82:E1:74:EC:6D:C8:26:43:9F ValidityThu, 14 Dec 2023 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, 5 sections Size103 kB (103445 bytes) Hashbd70fe3776bd4217b1d8b7a3bdf69435 e2cc219be31477f34cdd7c5403d1a1f7dd1c9ded c444d1e28e000d0da8719178efffc02c49e75fa53954895b82c28dc6dd77ab4b
| Analyzer | Verdict | Alert |
|---|
| YARAhub by abuse.ch | malware | Detect pe file that no import table |
GET /content/dam/Trane/Commercial/software/tools/TracerTU.Setup.11.9.428.exe HTTP/1.1
Host: www.trane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-msdownload
content-length: 331045952
date: Tue, 03 Dec 2024 16:36:58 GMT
x-ua-compatible: IE=Edge,chrome=1
set-cookie: AWSALB=7vhQREzn4br5vc0WVv49p40V26KplandePFJxyNloN6JMSFrt4IznVRD14tglTQaR7GkkGR90HqPJUXpYMbmWr/m9zFFi1US62Zgf/kWMjJ/DlkwPp974YCk6V6d; Expires=Tue, 10 Dec 2024 16:36:58 GMT; Path=/
AWSALBCORS=7vhQREzn4br5vc0WVv49p40V26KplandePFJxyNloN6JMSFrt4IznVRD14tglTQaR7GkkGR90HqPJUXpYMbmWr/m9zFFi1US62Zgf/kWMjJ/DlkwPp974YCk6V6d; Expires=Tue, 10 Dec 2024 16:36:58 GMT; Path=/; SameSite=None; Secure
server: Apache
strict-transport-security: max-age=2592000; includeSubDomains
content-disposition: attachment
last-modified: Fri, 22 Nov 2024 18:38:58 GMT
etag: "13bb5c40-62784b2267434"
accept-ranges: bytes
serverid: cs-prd-assets-web01
x-content-type-options: nosniff
cache-control: max-age=60, no-cache
x-xss-protection: 1; mode=block
x-frame-options: ALLOW-FROM https://staging.portal.mythermoking.com, ALLOW-FROM https://login.microsoftonline.com, ALLOW-FROM https://beta.thermoking.com, ALLOW-FROM https://corpextdev.b2clogin.com, ALLOW-FROM https://corpsso.b2clogin.com, https://staging.comfortsite.com, https://nva-av-tkweb1pr, https://igrawsndc012r:10446
content-security-policy: frame-ancestors 'self' *.3sharecorp.com https://corpextdev.b2clogin.com https://corpsso.b2clogin.com https://staging.comfortsite.com https://nva-av-tkweb1pr https://igrawsndc012r:10446 https://elibrary.tranetechnologies.com/
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kECzjeGdHKCa0M3Rg9Mmm8NAbO9qLfJZqJAe6v8fjbWdKOHTSHXBDA==
X-Firefox-Spdy: h2
|