| zerocdn.com/644671689/mz.krn.exe | 176.58.48.48 | 302 Found | 0 B |
URL User Request GET HTTP/1.1zerocdn.com/644671689/mz.krn.exe IP176.58.48.48:443
CertificateIssuerLet's Encrypt Subjectzerocdn.com Fingerprint17:53:BD:08:82:8D:9E:C4:CE:AA:7A:BE:E1:61:D8:92:29:7B:48:1E ValiditySun, 24 Mar 2024 17:45:47 GMT - Sat, 22 Jun 2024 17:45:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /644671689/mz.krn.exe HTTP/1.1
Host: zerocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Thu, 28 Mar 2024 22:51:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Language, Cookie
Location: https://coliseum.zerocdn.com/644671689/mz.krn.exe
Content-Language: en
|
| coliseum.zerocdn.com/644671689/mz.krn.exe | 185.190.188.195 | 200 OK | 122 kB |
URL User Request GET HTTP/1.1coliseum.zerocdn.com/644671689/mz.krn.exe IP185.190.188.195:443
CertificateIssuerLet's Encrypt Subjectzerocdn.com Fingerprint17:53:BD:08:82:8D:9E:C4:CE:AA:7A:BE:E1:61:D8:92:29:7B:48:1E ValiditySun, 24 Mar 2024 17:45:47 GMT - Sat, 22 Jun 2024 17:45:46 GMT
File typePE32+ executable (console) x86-64, for MS Windows, 6 sections Size122 kB (122368 bytes) Hash324330f343df4ac2f7f20db2c15f5e11 835f87e709702252065348bc7cf2f5d531c2ba38 b84a7b9233e5f6f2182535c0de85deb2375c6218fda5070b624710fcd7e74878
Analyzer | Verdict | Alert | YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe | VirusTotal | malicious | |
GET /644671689/mz.krn.exe HTTP/1.1
Host: coliseum.zerocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 28 Mar 2024 22:51:13 GMT
Content-Type: application/x-msdos-program
Content-Length: 122368
Last-Modified: Sun, 03 Mar 2024 10:06:31 GMT
Connection: keep-alive
ETag: "65e44ba7-1de00"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes, bytes
|