Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| app-updater1.app | 104.21.83.80 | |
| app-updater.app | 104.21.0.101 |
GET
403
https://app-updater.app/api/getFile?fn=tg.exe
REQUEST
RESPONSE
BODY
| : | GET /api/getFile?fn=tg.exe HTTP/1.1 |
| Host: | app-updater.app |
| Connection: | Keep-Alive |
| : | HTTP/1.1 403 Forbidden |
| Date: | Mon, 03 Mar 2025 05 |
| Content-Type: | text/html; charset=UTF-8 |
| Transfer-Encoding: | chunked |
| Connection: | keep-alive |
| X-Frame-Options: | SAMEORIGIN |
| Report-To: | {"endpoints" |
| NEL: | {"success_fraction" |
| Server: | cloudflare |
| CF-RAY: | 91a6cfaefb9beb22-SJC |
GET
200
https://app-updater1.app/api/getFile?fn=tg.exe
REQUEST
RESPONSE
BODY
| : | GET /api/getFile?fn=tg.exe HTTP/1.1 |
| Host: | app-updater1.app |
| Connection: | Keep-Alive |
| : | HTTP/1.1 200 OK |
| Date: | Mon, 03 Mar 2025 05 |
| Content-Type: | application/vnd.microsoft.portable-executable |
| Content-Length: | 1705472 |
| Connection: | keep-alive |
| Content-Disposition: | attachment; filename=tg.exe; filename*=UTF-8''tg.exe |
| CF-Cache-Status: | DYNAMIC |
| Report-To: | {"endpoints" |
| NEL: | {"success_fraction" |
| Server: | cloudflare |
| CF-RAY: | 91a6cfb53d962584-SJC |
| alt-svc: | h3=" |
| server-timing: | cfL4;desc="?proto=TCP&rtt=136894&min_rtt=136244&rtt_var=39408&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2857&recv_bytes=371&delivery_rate=21432&cwnd=33&unsent_bytes=0&cid=c6d65c76d4905e1f&ts=593&x=0" |
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
