Report - danaloader.ru/globalfiles/natives.zip

Report Overview

Submitted URL
danaloader.ru/globalfiles/natives.zip
IP
109.107.189.155
ASN
#210644 Aeza International Ltd
Submitted
2024-03-28 10:48:43
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
danaloader.ru	unknown	2024-01-10	2024-01-13	2024-03-28	491 B	3.0 MB	109.107.189.155

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
danaloader.ru/globalfiles/natives.zip
IP
109.107.189.155
ASN
#210644 Aeza International Ltd

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
3.0 MB (3000010 bytes)
Hash
7c213191d07241bcde9bf52977071cc4
a78be38a2288a3deae59ce0e910df333903e340e
d7ce72f5aed1d5e59782a8694a7c21a6f17bd083eef5e313f2ff2fc6c38ed137

Archive (38)

Filename

Md5

File type

glfw.dll

532f9686b0b55b3d7cf9f6733f29ba28

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

glfw.dll.git

9d58a11052847be02502653b9fb9c9bb

ASCII text, with no line terminators

glfw.dll.sha1

f6d4f19a41f245991382bbec2b787919

ASCII text, with CRLF line terminators

glfw32.dll

5c7b7a7e9ceedd779ddf531ea58db8e9

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

glfw32.dll.git

9d58a11052847be02502653b9fb9c9bb

ASCII text, with no line terminators

glfw32.dll.sha1

ea86d55e20e0f21818750c211f45339c

ASCII text, with CRLF line terminators

jemalloc.dll

cdcaa2d4874a0aaab526c52e1fff2fea

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

jemalloc.dll.git

6f4c13fe58b839ee7f057c0213688d38

ASCII text, with no line terminators

jemalloc.dll.sha1

c75adb723dc1e8da6882e971de1a409b

ASCII text, with CRLF line terminators

jemalloc32.dll

93aeb5ec9f94134784373f370d295a61

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

jemalloc32.dll.git

6f4c13fe58b839ee7f057c0213688d38

ASCII text, with no line terminators

jemalloc32.dll.sha1

fbbe79cdea2217e7472b685833415781

ASCII text, with CRLF line terminators

lwjgl.dll

310adc26c92b020fb6d2944092d81312

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

lwjgl.dll.git

e3140dc7f0126f76158089d28efe8d90

ASCII text, with CRLF line terminators

lwjgl.dll.sha1

4f7a6367c6c42a8a1ee061f44ba0684d

ASCII text, with CRLF line terminators

lwjgl32.dll

b8ea778d75b1150ec0eec59d764e57cd

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

lwjgl32.dll.git

e3140dc7f0126f76158089d28efe8d90

ASCII text, with CRLF line terminators

lwjgl32.dll.sha1

584f81d398eba50d1154fc339fbff717

ASCII text, with CRLF line terminators

lwjgl_opengl.dll

780ed18868c28c0c249379982ea3297a

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

lwjgl_opengl.dll.sha1

6ee0f89c37c3fddc254fdb8c7bdb28b0

ASCII text, with CRLF line terminators

lwjgl_opengl32.dll

68b37c18052fb770e77477e1e53a3428

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

lwjgl_opengl32.dll.sha1

18d5a928ba6fa486f936cf3807a8668c

ASCII text, with CRLF line terminators

lwjgl_stb.dll

236817b9ba4f101e25518f1158b7691f

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

lwjgl_stb.dll.sha1

3c0e66f2ec6b7185e3ef60115b79c3b5

ASCII text, with CRLF line terminators

lwjgl_stb32.dll

a0e616c8b75575f45497864d650005ec

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

lwjgl_stb32.dll.sha1

f9fe876da47aa5278e9d5a43672fbd4f

ASCII text, with CRLF line terminators

lwjgl_tinyfd.dll

5dc7452c51330beb7a178d7093cdac49

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

lwjgl_tinyfd.dll.sha1

d1a6d5194c129c008dc8fdb9ff1a6c6a

ASCII text, with CRLF line terminators

lwjgl_tinyfd32.dll

ae277b62653af1bdbb27b73ea98970bb

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

lwjgl_tinyfd32.dll.sha1

38d57c396ac882a59d99a80e984bb5e3

ASCII text, with CRLF line terminators

OpenAL.dll

a21338306c8027ebc459c57db8459777

PE32+ executable (DLL) (console) x86-64, for MS Windows, 7 sections

OpenAL.dll.git

aab7d521c776b290c5eb725832d0c2b5

ASCII text, with no line terminators

OpenAL.dll.sha1

b1b872f6e2250ca8e24beb0cfafa62bc

ASCII text, with CRLF line terminators

OpenAL32.dll

bea36e6601b1b9c5dc85eb66cb438887

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 6 sections

OpenAL32.dll.git

aab7d521c776b290c5eb725832d0c2b5

ASCII text, with no line terminators

OpenAL32.dll.sha1

6eef8babb8dd2c3ab1940937aa387ad6

ASCII text, with CRLF line terminators

SAPIWrapper_x64.dll

214a0bc5ae5882495d94f7779d64b323

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

SAPIWrapper_x86.dll

3d47e750e4ec109d441a427ab8b37614

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	danaloader.ru/globalfiles/natives.zip	109.107.189.155	200 OK	3.0 MB
URL User Request GET HTTP/2 danaloader.ru/globalfiles/natives.zip IP 109.107.189.155:443 ASN #210644 Aeza International Ltd Certificate IssuerLet's Encrypt Subjectdanaloader.ru Fingerprint3D:DA:B6:FC:2C:5D:43:D2:66:35:FB:9A:40:88:A7:65:57:06:AC:9C ValidityWed, 20 Mar 2024 11:57:35 GMT - Tue, 18 Jun 2024 11:57:34 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 3.0 MB (3000010 bytes) Hash 7c213191d07241bcde9bf52977071cc4 a78be38a2288a3deae59ce0e910df333903e340e d7ce72f5aed1d5e59782a8694a7c21a6f17bd083eef5e313f2ff2fc6c38ed137 HTTP Headers `GET /globalfiles/natives.zip HTTP/1.1 Host: danaloader.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.24.0 date: Thu, 28 Mar 2024 10:48:17 GMT content-type: application/zip content-length: 3000010 last-modified: Fri, 23 Feb 2024 10:33:56 GMT etag: "2dc6ca-6120a18d74d00" accept-ranges: bytes strict-transport-security: max-age=31536000 X-Firefox-Spdy: h2`

danaloader.ru/globalfiles/natives.zip

109.107.189.155

200 OK

3.0 MB

URL User Request GET HTTP/2
danaloader.ru/globalfiles/natives.zip
IP
109.107.189.155:443
ASN
#210644 Aeza International Ltd

Certificate
IssuerLet's Encrypt
Subjectdanaloader.ru
Fingerprint3D:DA:B6:FC:2C:5D:43:D2:66:35:FB:9A:40:88:A7:65:57:06:AC:9C
ValidityWed, 20 Mar 2024 11:57:35 GMT - Tue, 18 Jun 2024 11:57:34 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
3.0 MB (3000010 bytes)
Hash
7c213191d07241bcde9bf52977071cc4
a78be38a2288a3deae59ce0e910df333903e340e
d7ce72f5aed1d5e59782a8694a7c21a6f17bd083eef5e313f2ff2fc6c38ed137

HTTP Headers

GET /globalfiles/natives.zip HTTP/1.1
Host: danaloader.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Thu, 28 Mar 2024 10:48:17 GMT
content-type: application/zip
content-length: 3000010
last-modified: Fri, 23 Feb 2024 10:33:56 GMT
etag: "2dc6ca-6120a18d74d00"
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (38)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers