Report - www.alphaplugins.com/downloads/products/ae/CurtainsInstaller.zip

Report Overview

Submitted URL
www.alphaplugins.com/downloads/products/ae/CurtainsInstaller.zip
IP
198.23.48.184
ASN
#32748 STEADFAST
Submitted
2024-05-07 09:44:01
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.alphaplugins.com	unknown	2006-07-02	2012-06-19	2023-10-06	518 B	1.7 MB	198.23.48.184
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-05-05	512 B	1.2 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.alphaplugins.com/downloads/products/ae/CurtainsInstaller.zip
IP
198.23.48.184
ASN
#32748 STEADFAST

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
1.7 MB (1740956 bytes)
Hash
baa9245eb01de5cde5a88147e94491ca
9909ebe55a2c2b9a7f198a998d575558b11caa28
26fe8d870b889190dbc91425b3e74dc2d7a487913e787cc68367ee90c7b33bc6

Archive (111)

Filename

Md5

File type

Info.plist

9a1144c0818dd2e5d2dbe883c49a2e39

XML 1.0 document, ASCII text

CurtainsInstaller

7d1bf676675c7dd53a606d1d180f0874

PkgInfo

23b7d7d024abb0f558420e098800bf27

ASCII text, with no line terminators

Info.plist

48543d0aad1081efd586494fdf485975

XML 1.0 document, Unicode text, UTF-8 text

Curtains

86ecbba6e322f80b0ebfc2acc2f6aa33

PkgInfo

f28212d63481beda068ff70806cfbdab

ASCII text, with no line terminators

about_down.bmp

05fc3dbe7262fc6ed1be35334ffca0f8

PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54

about_up.bmp

f9983375b7b238938f1d5432976f7f57

PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54

banner.bmp

f4137920eda06e2ecf0c87c86f3288e6

PC bitmap, Windows 3.x format, 360 x 100 x 24, image size 108002, resolution 2834 x 2834 px/m, cbSize 108056, bits offset 54

Curtains.rsrc

57b5e6fa336235c6522f68ec9510f75e

Apple HFS/HFS+ resource fork, map offset 0x238, map length 0x32, data length 0x138, fileRef 0x900, list offset 0x1c, name offset 0x32, 1 type, 0x5069504c 'PiPL' * 1 resource offset 0xa

curtains_logo.pct

6f4373b712c2acfbbf84220c9e733ca0

data

curtains_logoLeft.pct

78911b145fe1ef2f79ee698f95148526

data

help_down.bmp

0494e156ff67b77f61e30e30510308d7

PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54

help_up.bmp

bd62efb184aba899be5664499728eba6

PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54

classes.nib

2f1b2b5cd12c21a001010397cf51243a

XML 1.0 document, ASCII text

info.nib

9621205063f84adaada48b2dcf557001

XML 1.0 document, ASCII text

objects.xib

440bb8483cf1b1e3a896efcde5b05d5e

XML 1.0 document, Unicode text, UTF-8 text

curtainsdoc.htm

688115017a7fa68141e7ab013502fa5a

HTML document, ASCII text, with very long lines (12019), with CRLF line terminators

applewhite.jpg

89751207b2e669238e6b738109431420

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 30x37, components 3

bannerleft.gif

59cfa03e160523f8157aa40e5b24220f

GIF image data, version 89a, 470 x 141

bannermid.gif

90b702ebba2b920b34ad3efa354e1268

GIF image data, version 89a, 1 x 141

bannerright.gif

5037c9d834a4a46a16a1a8988590f09a

GIF image data, version 89a, 12 x 141

b1x7.gif

57b0d2c74017352944f95f97f0a405ad

GIF image data, version 89a, 1 x 7

l5x1.gif

98a9e327bddf5a21f90ec117be8815d7

GIF image data, version 89a, 5 x 1

lb5x7.gif

dcc58f622227c3f511abe7a33e34b275

GIF image data, version 89a, 5 x 7

lt5x5.gif

329782741ea92a3e4011e8266530d97f

GIF image data, version 89a, 5 x 5

r.gif

ca9571e34c147fda79aa0b109e85e871

GIF image data, version 89a, 6 x 1

rb6x7.gif

b1a8602f45373b8b3aa905e38b2ad0f1

GIF image data, version 89a, 6 x 7

rt6x5.gif

18d76d1ab692e7fe7e06325673a8ff1c

GIF image data, version 89a, 6 x 5

t.gif

a96ea23b98d2227deb084f77142daaf8

GIF image data, version 89a, 1 x 5

fill.png

2d1b326146b666aa1c06ff29c922b417

PNG image data, 1 x 20, 8-bit colormap, non-interlaced

lt5x5.gif

8b043ed850893d85458b04fd067ba7ea

GIF image data, version 89a, 5 x 5

rt5x5.gif

d6a8be59e3fe7b1b74e5ac966c82c4f7

GIF image data, version 89a, 5 x 5

t1x5.gif

ef85bb2f02387188a7b6cd6295b67f65

GIF image data, version 89a, 1 x 5

Thumbs.db

68ae5c3feb772509b8ead4c0a05528f3

Composite Document File V2 Document, Cannot read section info

curtains_logo400.jpg

5cefc5441c34b191bfb528f1e1a15d78

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 400x300, components 3

exl.jpg

7a6bff7f10666b577050dbb635744ee2

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 36x49, components 3

fix01.jpg

2aee476e93dba4cc9f2e6b9b4a11da0c

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3

fix02.jpg

9eac168c3ba0e1c5f1f5b9015e96ccf5

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3

i.jpg

423418bf8b3fc21baa516a89203cf6bb

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 38x47, components 3

lens05.jpg

feb57cff5766f78ab325e63bf90dcc01

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 360x303, components 3

mat38.jpg

d3c86cbf2a1c1df0f2bac6709c2fbca8

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3

material.jpg

7dbad75f5d8b3852ca1895042318d9a6

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 480x360, components 3

orient04.jpg

7108fd0d46d84c50b85244d795ed0f22

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3

orient20.jpg

31f2f5f13c09275a276a0700fb749101

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3

b1x4.gif

9ee36356ee2143a123c5c30a607ee695

GIF image data, version 89a, 1 x 4

fill.gif

d8b0d5ff85d11ebd396e25e8a3fce863

GIF image data, version 89a, 1 x 700

fill.png

e78660118e5e2cf798510b86ab9535d0

PNG image data, 1 x 700, 8-bit/color RGB, non-interlaced

l1x1.gif

8cdb8b09a663d7e568bd8c898e0259c3

GIF image data, version 89a, 1 x 1

lb4x4.gif

d46f2fd6b6706387ca943b62778cf93e

GIF image data, version 89a, 4 x 4

lt4x4.gif

aa060da423c28b8978d29c1673321502

GIF image data, version 89a, 4 x 4

r2x1.gif

6c1658149128d9af2b02a2c6d31f5cac

GIF image data, version 89a, 2 x 1

rb5x4.gif

bb99fda2477b704c173dd4e3b3725684

GIF image data, version 89a, 5 x 4

rt5x4.gif

f706e782dff3ac206bdeea11b3051c44

GIF image data, version 89a, 5 x 4

t1x4.gif

b4a4a150354e7cf927470dd3b41c2f0d

GIF image data, version 89a, 1 x 4

1x1.gif

1a358f94896524e7054db6731f1bceef

GIF image data, version 89a, 1 x 1

b1x5.gif

0a2f5a2706089eb0ac9c2a707ca935ba

GIF image data, version 89a, 1 x 5

fill.gif

d114635a88a579cd2c0176afc5c5f68c

GIF image data, version 89a, 1 x 1

l5x1.gif

8a317b1b114d752ce00048f185282c14

GIF image data, version 89a, 5 x 1

lb5x5.gif

020edc9fbc05b97db7b009216d9e44a0

GIF image data, version 89a, 5 x 5

lt5x5.gif

3c27bad0a65677bd8efdb3f30f4aa4e2

GIF image data, version 89a, 5 x 5

r5x1.gif

030e8588c366cece5ac4887e20590442

GIF image data, version 89a, 5 x 1

rb5x5.gif

0ab757ebecdde1052c29bd2e16c451d6

GIF image data, version 89a, 5 x 5

rt5x5.gif

21468c963c7b710a9ffcd5944ad5977d

GIF image data, version 89a, 5 x 5

t1x5.gif

d318221a76b752208bebb78f02dfb629

GIF image data, version 89a, 1 x 5

rend01.jpg

c4f8ece5503d0a8521f0c992dc80df9f

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3

rend02.gif

0973ad56b5213f6f11b46d255e550a85

GIF image data, version 89a, 320 x 240

su.jpg

6df5b7af81b8e4b3e193b1cdd2f2d5a3

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 356x280, components 3

theatr05.jpg

f0ec7b3cd1170cb934118a5abb0296e0

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3

Tkan2Dump01.jpg

93b3dc6a8021e3d0f0019ce33d6b543e

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3

winwhite.jpg

535144efd14537925c18a44334b4a6eb

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 40x35, components 3

Info.plist

fbaffee82e134e6a49d438089f05080e

XML 1.0 document, Unicode text, UTF-8 text

CurtainsTableau

beef1c3035898ed4ee001c6dfe600a89

PkgInfo

f28212d63481beda068ff70806cfbdab

ASCII text, with no line terminators

about_down.bmp

05fc3dbe7262fc6ed1be35334ffca0f8

PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54

about_up.bmp

f9983375b7b238938f1d5432976f7f57

PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54

curtains_banner_tableau.bmp

e10d4f96f6ac8eae343fa92a60af6ba3

PC bitmap, Windows 3.x format, 360 x 100 x 24, image size 108002, resolution 2834 x 2834 px/m, cbSize 108056, bits offset 54

curtains_logo.pct

6f4373b712c2acfbbf84220c9e733ca0

data

curtains_logoLeft.pct

78911b145fe1ef2f79ee698f95148526

data

CurtainsTableau.rsrc

db5848ae35c30b8649e454f7f83b3741

Apple HFS/HFS+ resource fork, map offset 0x240, map length 0x32, data length 0x140, fileRef 0x900, list offset 0x1c, name offset 0x32, 1 type, 0x5069504c 'PiPL' * 1 resource offset 0xa

help_down.bmp

0494e156ff67b77f61e30e30510308d7

PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54

help_up.bmp

bd62efb184aba899be5664499728eba6

PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54

classes.nib

2f1b2b5cd12c21a001010397cf51243a

XML 1.0 document, ASCII text

info.nib

9621205063f84adaada48b2dcf557001

XML 1.0 document, ASCII text

objects.xib

440bb8483cf1b1e3a896efcde5b05d5e

XML 1.0 document, Unicode text, UTF-8 text

Info.plist

a0be7fc3e42cadb1fc00064ea28f7d81

XML 1.0 document, Unicode text, UTF-8 text

CurtainsTheatre

e4ad3ede43dd579fed6d3104ea7e1097

PkgInfo

f28212d63481beda068ff70806cfbdab

ASCII text, with no line terminators

about_down.bmp

05fc3dbe7262fc6ed1be35334ffca0f8

PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54

about_up.bmp

f9983375b7b238938f1d5432976f7f57

PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54

curtains_banner_theatre.bmp

0349301d7cab394adf1e3783e55c698d

PC bitmap, Windows 3.x format, 360 x 100 x 24, image size 108002, resolution 2834 x 2834 px/m, cbSize 108056, bits offset 54

curtains_logo.pct

6f4373b712c2acfbbf84220c9e733ca0

data

curtains_logoLeft.pct

78911b145fe1ef2f79ee698f95148526

data

CurtainsTheatre.rsrc

b08477009a3a75712ab6cace35019fee

Apple HFS/HFS+ resource fork, map offset 0x240, map length 0x32, data length 0x140, fileRef 0x900, list offset 0x1c, name offset 0x32, 1 type, 0x5069504c 'PiPL' * 1 resource offset 0xa

help_down.bmp

0494e156ff67b77f61e30e30510308d7

PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54

help_up.bmp

bd62efb184aba899be5664499728eba6

PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54

classes.nib

2f1b2b5cd12c21a001010397cf51243a

XML 1.0 document, ASCII text

info.nib

9621205063f84adaada48b2dcf557001

XML 1.0 document, ASCII text

objects.xib

440bb8483cf1b1e3a896efcde5b05d5e

XML 1.0 document, Unicode text, UTF-8 text

AlphaStar.icns

90a32d94847c096f03ed69d3fe8a85cc

Mac OS X icon, 38903 bytes, "it32" type

AlphaStarMacIcon64.pct

c7c62b49d6e47fb79eed16cbc4abef9b

data

InfoPlist.strings

fae5aea6f8a3607bfc36c81271cd2618

Unicode text, UTF-16, little-endian text

classes.nib

2f1b2b5cd12c21a001010397cf51243a

XML 1.0 document, ASCII text

info.nib

3ad41a2b903f395503a13ebdef4cd151

XML 1.0 document, ASCII text

objects.xib

3a40879fd1114c7695e9c406070e6925

XML 1.0 document, ASCII text

greenarr.png

5157f090b1658e98beecf5d91d070bdd

PNG image data, 22 x 23, 8-bit/color RGB, non-interlaced

MacInstallerLeft.pct

8802ecdec8b8c69726ea3032d104e0ef

data

MacInstallerRight.pct

7f191a551ecd3cb04841eb47c0e0e27b

data

config.txt

883d1f717905cfed126ee56ebd37c24c

ISO-8859 text

license.txt

64f58b75ba259b5401888c3a8936ae12

ASCII text, with very long lines (949), with CRLF line terminators

StopSign.png

cb989b2b9337ae2599f284c55ecf5de3

PNG image data, 25 x 24, 8-bit/color RGB, non-interlaced

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	www.alphaplugins.com/downloads/products/ae/CurtainsInstaller.zip	198.23.48.184	200 OK	1.7 MB
URL User Request GET HTTP/2 www.alphaplugins.com/downloads/products/ae/CurtainsInstaller.zip IP 198.23.48.184:443 ASN #32748 STEADFAST Certificate IssuerLet's Encrypt Subjectalphaplugins.com Fingerprint9E:6A:F7:53:D7:04:35:0D:83:51:29:E6:B2:55:FE:4A:31:D9:D8:4E ValiditySun, 28 Apr 2024 06:11:42 GMT - Sat, 27 Jul 2024 06:11:41 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 1.7 MB (1740956 bytes) Hash baa9245eb01de5cde5a88147e94491ca 9909ebe55a2c2b9a7f198a998d575558b11caa28 26fe8d870b889190dbc91425b3e74dc2d7a487913e787cc68367ee90c7b33bc6 HTTP Headers GET /downloads/products/ae/CurtainsInstaller.zip HTTP/1.1 Host: www.alphaplugins.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK last-modified: Fri, 02 Jul 2010 12:45:20 GMT etag: "1a909c-48a66f5ae9800" accept-ranges: bytes content-length: 1740956 vary: User-Agent content-type: application/zip date: Tue, 07 May 2024 09:43:35 GMT server: Apache X-Firefox-Spdy: h2`

	aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml	35.244.181.201		444 B
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP 35.244.181.201:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type XML 1.0 document, ASCII text, with very long lines (332) Size 444 B (444 bytes) Hash 3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463 HTTP Headers `GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1 Host: aus5.mozilla.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Cache-Control: no-cache Pragma: no-cache Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx rule-id: unknown rule-data-version: unknown content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=WRsiXMFREV-SGTF5ZEHWE5UH3lL9lfxYRnicCPnExc5nT8YY9AvIGOEvffQ8OdUZ8iYEPkwfCOyYvbpobce5KbKpRNuCYHi10JW3oc975CF94cJxMi62OgYxjmgKDvSJ strict-transport-security: max-age=31536000; x-content-type-options: nosniff content-security-policy: default-src 'none'; frame-ancestors 'none' x-proxy-cache-status: EXPIRED content-encoding: gzip via: 1.1 google date: Tue, 07 May 2024 09:41:38 GMT content-type: text/xml; charset=utf-8 vary: Accept-Encoding content-length: 444 age: 135 cache-control: public,max-age=90 alt-svc: clear X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (111)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers