Report - www.bamsoftware.com/hacks/zipbomb/zipbomb-woot19.zip

Report Overview

Visited public
2025-04-30 16:58:33
Tags
URL
www.bamsoftware.com/hacks/zipbomb/zipbomb-woot19.zip
Finishing URL
about:privatebrowsing
IP / ASN
69.164.193.231
#63949 Akamai Connected Cloud
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.bamsoftware.com	unknown	2000-04-19	2014-03-13	2025-04-27	520 B	15 MB	69.164.193.231

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.bamsoftware.com/hacks/zipbomb/zipbomb-woot19.zip
IP
69.164.193.231
ASN
#63949 Akamai Connected Cloud

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
15 MB (14636412 bytes)
Hash
8eed92878c47ccdbd392d5d7bd9d4287
bd560936e9d72b112fae373448c9efeb3e991166
7a2275871c12bb1906d5bbf954cd7d709de1f09ecbf5274ed4b8069ff072fd7c

Archive (44)

Filename

Md5

File type

README

130510c656c0da401f19d3b7e773bef0

Unicode text, UTF-8 text

common.asy

d84c2adc0a85cb0e0a5ee6072b0ec1e3

C source, ASCII text

overlap.asy

be119428910710020eeef7070af33777

ASCII text

quote.asy

adc255b96b586cbfd43fff9efbdcd2bd

ASCII text

normal.asy

9278a33ca0e9def09a6bfa850116016d

ASCII text

graphs.R

e091e229b468eb622acac3d6d195b263

JavaScript source, ASCII text

Makefile

aff113cba7c64dba8e7027ca0db7bd83

makefile script, ASCII text

zipped_size.R

6cc31934290a9bca2fb1abadf8fecf4c

JavaScript source, Unicode text, UTF-8 text

compressed_size.sh

6aaec2e1c76858774f651f71900e4165

Bourne-Again shell script, ASCII text executable

README

a03c6266e054edde0717f644769ba65d

ASCII text

max_uncompressed_size.pdf

a8a6ac171f18f0c3f2953611ff29b802

PDF document, version 1.5, 1 page(s)

zipped_size.csv

594e9fd9bff25b4ab5e9dc71c41a572b

CSV ASCII text

Makefile

378458a8674a50686dcf523bac26755f

makefile script, ASCII text

zipped_size.pdf

e08538673738704726165b0625ae224c

PDF document, version 1.5, 1 page(s)

zlib_deflate.c

b5c1f504fb017b91120903425a989717

C source, ASCII text

versions.txt

e324b7feedb85ae9d29ebc237fb1841c

data

bulk_deflate

82f96d92cf8316b3908c28671070cabb

Python script, ASCII text executable

compressed_size.csv

95d920ccd7c5b616d295a37d498dae4e

CSV ASCII text

optimize.R

b88a0fd4239cf543190e52e80eb31fe3

JavaScript source, Unicode text, UTF-8 text

zbbz2.zip

2d717649e7a6694ec80c10a1c5dc9a11

Zip archive data, at least v4.6 to extract, compression method=bzip2

ratio

6be36ebf199052e55a4c7200e74f6da0

Python script, ASCII text executable

.gitignore

b7ef5bbee8f6da1eaf1b70590de4ebbf

ASCII text

zbsm.zip

75a6181a92b3a596f51d0fb8913aaef2

Zip archive data, at least v2.0 to extract, compression method=deflate

Makefile

120e292a76e483f7909b7dec17193ea4

makefile script, ASCII text

zblg.zip

207b597f03033b2e0644bbbc29f04053

Zip archive data, at least v2.0 to extract, compression method=deflate

overlap.zip

8855f5109482fdd53b59ad5b2feb38e7

Zip archive data, at least v2.0 to extract, compression method=deflate

zbxl.zip

da596c5fa1bfe53dc6ef777e810c2e7d

Zip archive data, at least v4.5 to extract, compression method=deflate

zipbomb

8b005777a82e3335bfc72cd92f56533c

Python script, Unicode text, UTF-8 text executable

zblg.extra.zip

789dfc527249631873015b9969867090

Zip archive data, at least v2.0 to extract, compression method=deflate

zbxl.extra.zip

b21e51f926fdf0c7e6b4d082817c80c3

Zip archive data, at least v4.5 to extract, compression method=deflate

zbsm.extra.zip

2ea8ec87ac718e2dc728bebd5774657d

Zip archive data, at least v2.0 to extract, compression method=deflate

optimize.out

c293e7ad1bcc6599928460e802d9052d

ASCII text

bad_crc32.zip

b891c81e8a77274040596850e56a9708

Zip archive data, at least v1.0 to extract, compression method=store

short.zip

f2beabe2289a921496b71b10d349c4ff

Zip archive data, at least v2.0 to extract, compression method=deflate

42.password.zip

1df9a18b18332f153918030b7b516615

Zip archive data, at least v5.1 to extract, compression method=AES Encrypted

zero_crc32.zip

f5a4d7064b5d5e5288ff2764092cfe09

Zip archive data, at least v1.0 to extract, compression method=store

README

ae2db8ca172990ed0513592d05115c15

unified diff output text, 1st line "## Sample zip files for testing the features of different parsers", 2nd line "", 3rd line "42.zip - http://www.unforgettable.dk/42.zip", Unicode text, UTF-8 text

file_size_0xffffffff.zip

2208896ba9041cb7b6899a4a36ccc6f1

Zip archive data, at least v2.0 to extract, compression method=deflate

42.zip

d9050d6ba1e86a0decc9262dd8f3038d

Zip archive data, at least v2.0 to extract, compression method=deflate

droste.zip

aa10cf5ab9632c5f591757d4451dcedc

Zip archive data, at least v2.0 to extract, compression method=deflate

r.zip

1d22c4a605c19602e41ec9726a74b949

Zip archive data, at least v2.0 to extract, compression method=deflate

file_count_0xffff.zip

70686bbc7eba69da56ffb77a153188eb

Zip archive data, at least v1.0 to extract, compression method=store

mismatched_filename.zip

f0a763b73cef7780dca1a37f71893c05

Zip archive data, at least v1.0 to extract, compression method=store

long.zip

e43964badabf73e70137585f0545f547

Zip archive data, at least v2.0 to extract, compression method=deflate

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 24/45

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.bamsoftware.com/hacks/zipbomb/zipbomb-woot19.zip

69.164.193.231

200 OK

15 MB

URL User Request GET
www.bamsoftware.com/hacks/zipbomb/zipbomb-woot19.zip
IP
69.164.193.231:443
ASN
#63949 Akamai Connected Cloud

Certificate
IssuerLet's Encrypt
Subjectbamsoftware.com
FingerprintD7:1C:DE:1D:BC:A5:6D:DD:B1:81:DB:39:3D:79:6F:75:C4:EE:5B:C7
ValidityTue, 29 Apr 2025 04:03:48 GMT - Mon, 28 Jul 2025 04:03:47 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
15 MB (14636412 bytes)
Hash
8eed92878c47ccdbd392d5d7bd9d4287
bd560936e9d72b112fae373448c9efeb3e991166
7a2275871c12bb1906d5bbf954cd7d709de1f09ecbf5274ed4b8069ff072fd7c

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 24/45

HTTP Headers

GET /hacks/zipbomb/zipbomb-woot19.zip HTTP/1.1
Host: www.bamsoftware.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Apr 2025 16:57:33 GMT
Server: Apache/2.4.62 (Debian)
Vary: User-Agent,Referer
Last-Modified: Tue, 02 Jul 2019 05:05:40 GMT
ETag: "df557c-58cabb22ad100"
Accept-Ranges: bytes
Content-Length: 14636412
Strict-Transport-Security: max-age=15768000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (44)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers