Report - exoside.com/quadremesherdata/quad_remesher_engine_1.0_win.zip

Report Overview

Submitted URL
exoside.com/quadremesherdata/quad_remesher_engine_1.0_win.zip
IP
213.186.33.3
ASN
#16276 OVH SAS
Submitted
2024-04-23 06:29:52
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
5

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
exoside.com	333878	2012-10-04	2017-02-02	2024-04-08	515 B	16 MB	213.186.33.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
exoside.com/quadremesherdata/quad_remesher_engine_1.0_win.zip
IP
213.186.33.3
ASN
#16276 OVH SAS

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
16 MB (15712107 bytes)
Hash
e54da80c1c3c828c1766b364873a7013
ab3ef4706ccb2b2034707037299425eb7ff7c49f
38be011799d1480eea8cb34d83accb96686394a25a1de08d4586a68fb5b4426a

Archive (21)

Filename

Md5

File type

licenses\lesser.txt

a6f89e2100d9b6cdffcea4f398e37343

ASCII text

licenses\lgpl-2.1.txt

b0d181292c99cf9bb2ae9166dd3a0239

ASCII text, with CRLF line terminators

licenses\ReadMe.txt

a638f9bcb11a9067798d235bce2c3194

ASCII text, with CRLF line terminators

platforms\qwindows.dll

851509184103a44d3d02eb56436d73f1

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

resources\images\topwin-close-hl.png

3ddab709343919ae81dc5eb2318d960c

PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced

resources\images\topwin-close.png

5b7c78093094b72ab1da1d21f5c39a2d

PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced

resources\images\topwin-maximize-hl.png

5b49954042c740c91ba8bca31ed1d29c

PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced

resources\images\topwin-maximize.png

b371c66b99238b29c6120621f1cfb776

PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced

resources\images\topwin-minimize-hl.png

6baac652c7b96b49ec0ac949dbdec8ee

PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced

resources\images\topwin-minimize.png

4409b4c00a6b72c6bcb392c7440e9b2c

PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced

ChSolver.dll

3ea8a9cb8a87028053c78b2de587a149

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

libfbxsdk.dll

62695a932517336b591215a8d8ac0358

PE32+ executable (DLL) (console) x86-64, for MS Windows, 8 sections

Qt5Core.dll

ccec07793c90c70ec7ee4bd6f01bd13c

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Qt5Gui.dll

76b128b63cd4da34ba9331f18d5f134d

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

Qt5Network.dll

79c9b526aa415abf66d086834ba326d9

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Qt5OpenGL.dll

1658be0120de558d4794f2f5360c10e9

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Qt5Widgets.dll

2d2bbc295c9825572329b78ab23bc0a4

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

QuadRemesher_EULA.txt

df61c726fd7adbf059ac2a97f1132f90

Unicode text, UTF-8 (with BOM) text, with very long lines (470), with CRLF line terminators

xremesh.exe

fb43c2003ee03f97951ec4469194ad50

PE32+ executable (GUI) x86-64, for MS Windows, 5 sections

xremeshlib.dll

e00feb895937d433e969a88f669075a5

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

xrLicenseManager.exe

29e2f6f156ecfb87841d6f0600e7642e

PE32+ executable (GUI) x86-64, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
CAPEv2 YARA detection rules	malware	Emotet Payload
YARAhub by abuse.ch	malware	meth_stackstrings
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

exoside.com/quadremesherdata/quad_remesher_engine_1.0_win.zip

213.186.33.3

200 OK

16 MB

URL User Request GET HTTP/2
exoside.com/quadremesherdata/quad_remesher_engine_1.0_win.zip
IP
213.186.33.3:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subjectexoside.com
Fingerprint6F:EF:54:64:3B:B5:72:6B:67:EC:A7:B7:FB:F9:75:19:20:FF:2A:D5
ValiditySun, 07 Apr 2024 22:50:21 GMT - Sat, 06 Jul 2024 22:50:20 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
16 MB (15712107 bytes)
Hash
e54da80c1c3c828c1766b364873a7013
ab3ef4706ccb2b2034707037299425eb7ff7c49f
38be011799d1480eea8cb34d83accb96686394a25a1de08d4586a68fb5b4426a

HTTP Headers

GET /quadremesherdata/quad_remesher_engine_1.0_win.zip HTTP/1.1
Host: exoside.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 06:29:18 GMT
content-type: application/zip
content-length: 15712107
server: Apache
last-modified: Wed, 03 May 2023 06:38:26 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2