Report - jsongame.net/resources/pc/win32/patch_10172

Report Overview

Submitted URL
jsongame.net/resources/pc/win32/patch_10172_win32.zip
IP
44.195.164.109
ASN
#14618 AMAZON-AES
Submitted
2024-05-10 23:38:23
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
jsongame.net	unknown	2020-04-12	2020-04-12	2022-11-11	507 B	18 MB	44.195.164.109

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
jsongame.net/resources/pc/win32/patch_10172_win32.zip
IP
44.195.164.109
ASN
#14618 AMAZON-AES

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
18 MB (17581745 bytes)
Hash
2635ce91b83f4d500e3ef95f21468165
c4bc3895ae1fb2682a20c14c5274916ec28b7c01
26f935419c07bd4ac4cb7564de976f6b7d283a55078c4a851924f37fdff12302

Archive (14)

Filename

Md5

File type

patch_10172_win32.pkg

a677fe7716ea3e8eaa2b522dcdbe9864

data

Game_DX11.exe

eb1b88e13e062a27d734dc2e463f529b

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

Game_DX8.exe

474cd3caf3afad022d2b89f0368cd226

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

Game_GLES2.exe

2c3c3ec3c74a16c46793c4c290887a70

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

dbghelp.dll

8d9899d1549cccf4ed2376117084dfa0

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 7 sections

fmod.dll

ddd1acff00ee1f2cd8d3f03c003f9f19

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

fmod64.dll

b26766e9aee6127e843fe0584990272a

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

fmodL64.dll

b26766e9aee6127e843fe0584990272a

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

Game_DX11.exe

963cbd2bbf1ad4a3875e8c07ac19d221

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

Game_DX8.exe

c1a98dc37deea119f2eaa77ec8bf9891

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

Game_GLES2.exe

d18c8052eff7ab9758a8ae56c6781ad4

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

SDL2.dll

2fc5dd383aa116c65ed0555d46dd313f

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

localversion.xml

dddcba1f576d6d57ab604af7ecc09253

XML 1.0 document, ASCII text

Launcher.exe

2ee72d60a73b2652cff2e4d52faf3ec3

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_stackstrings
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_stackstrings
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	jsongame.net/resources/pc/win32/patch_10172_win32.zip	44.195.164.109	200 OK	18 MB
URL User Request GET HTTP/2 jsongame.net/resources/pc/win32/patch_10172_win32.zip IP 44.195.164.109:443 ASN #14618 AMAZON-AES Certificate IssuerLet's Encrypt Subjectcpcalendars.jsongame.net FingerprintC4:67:8E:24:86:2B:D3:EB:DF:88:C2:AF:0F:C8:D4:78:3F:13:EC:9D ValidityFri, 19 Apr 2024 01:38:14 GMT - Thu, 18 Jul 2024 01:38:13 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 18 MB (17581745 bytes) Hash 2635ce91b83f4d500e3ef95f21468165 c4bc3895ae1fb2682a20c14c5274916ec28b7c01 26f935419c07bd4ac4cb7564de976f6b7d283a55078c4a851924f37fdff12302 HTTP Headers `GET /resources/pc/win32/patch_10172_win32.zip HTTP/1.1 Host: jsongame.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/zip last-modified: Mon, 22 Apr 2024 13:34:24 GMT accept-ranges: bytes content-length: 17581745 date: Fri, 10 May 2024 23:37:51 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" X-Firefox-Spdy: h2`

jsongame.net/resources/pc/win32/patch_10172_win32.zip

44.195.164.109

200 OK

18 MB

URL User Request GET HTTP/2
jsongame.net/resources/pc/win32/patch_10172_win32.zip
IP
44.195.164.109:443
ASN
#14618 AMAZON-AES

Certificate
IssuerLet's Encrypt
Subjectcpcalendars.jsongame.net
FingerprintC4:67:8E:24:86:2B:D3:EB:DF:88:C2:AF:0F:C8:D4:78:3F:13:EC:9D
ValidityFri, 19 Apr 2024 01:38:14 GMT - Thu, 18 Jul 2024 01:38:13 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
18 MB (17581745 bytes)
Hash
2635ce91b83f4d500e3ef95f21468165
c4bc3895ae1fb2682a20c14c5274916ec28b7c01
26f935419c07bd4ac4cb7564de976f6b7d283a55078c4a851924f37fdff12302

HTTP Headers

GET /resources/pc/win32/patch_10172_win32.zip HTTP/1.1
Host: jsongame.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/zip
last-modified: Mon, 22 Apr 2024 13:34:24 GMT
accept-ranges: bytes
content-length: 17581745
date: Fri, 10 May 2024 23:37:51 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (14)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers