Report - www.g7jjf.com/riscos/RPC.zip

Report Overview

Submitted URL
www.g7jjf.com/riscos/RPC.zip
IP
79.99.42.22
ASN
#8560 IONOS SE
Submitted
2024-05-05 06:04:15
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.g7jjf.com	unknown	2002-10-22	2013-11-17	2024-02-11	482 B	7.7 MB	79.99.42.22

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.g7jjf.com/riscos/RPC.zip
IP
79.99.42.22
ASN
#8560 IONOS SE

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
7.7 MB (7723366 bytes)
Hash
ac86dfa2b2fe0fe74b333e003903fa05
ea286019af9cafb4612b304487006e1436c6d968
ee0ba839a88e3313013ce981da910696a7255b4b04550629523e1be30f887c63

Archive (12)

Filename

Md5

File type

.DS_Store

b6e2addc9a8090d02dc4e20bb165f2ca

Apple Desktop Services Store

._.DS_Store

e86c11b3d51d7a3a7ee390bbe6092820

AppleDouble encoded Macintosh file

cmos.ram

f9d85f15c8e03918146a6f1379ffc7e5

data

hd4.hdf

9cdfa9ebe55511a838bc8527e823432a

data

.DS_Store

7ec672df7b7b3b1ac7523518a79d8c3d

Apple Desktop Services Store

._.DS_Store

e86c11b3d51d7a3a7ee390bbe6092820

AppleDouble encoded Macintosh file

HOSTFS.TXT

021fd3316270cba08b9b614431dc1d59

ASCII text, with CRLF line terminators

.DS_Store

95774ecfeae25276b1e476cee88193d3

Apple Desktop Services Store

._.DS_Store

e86c11b3d51d7a3a7ee390bbe6092820

AppleDouble encoded Macintosh file

roms.txt

87e506d00c7657d2a5a28c95e62b0b2a

ASCII text, with CRLF line terminators

rpc.cfg

811c5cc0115aa72c08e14e2c177aa52e

ASCII text

RPCEmu

5be7057c2cde9ca67cfba61c44eaecaf

Mach-O i386 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|SUBSECTIONS_VIA_SYMBOLS>

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
CAPEv2 YARA detection rules	malware	Cobalt Strike Beacon Payload

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	www.g7jjf.com/riscos/RPC.zip	79.99.42.22	200 OK	7.7 MB
URL User Request GET HTTP/2 www.g7jjf.com/riscos/RPC.zip IP 79.99.42.22:443 ASN #8560 IONOS SE Certificate IssuerLet's Encrypt Subjectg7jjf.com Fingerprint89:FE:14:FD:49:62:9B:79:5B:9F:75:9F:50:BE:A1:35:9D:E8:72:80 ValidityWed, 24 Apr 2024 07:44:24 GMT - Tue, 23 Jul 2024 07:44:23 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 7.7 MB (7723366 bytes) Hash ac86dfa2b2fe0fe74b333e003903fa05 ea286019af9cafb4612b304487006e1436c6d968 ee0ba839a88e3313013ce981da910696a7255b4b04550629523e1be30f887c63 HTTP Headers `GET /riscos/RPC.zip HTTP/1.1 Host: www.g7jjf.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 05 May 2024 06:03:45 GMT content-type: application/zip content-length: 7723366 last-modified: Fri, 26 May 2023 18:08:36 GMT etag: "6470f5a4-75d966" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2`

www.g7jjf.com/riscos/RPC.zip

79.99.42.22

200 OK

7.7 MB

URL User Request GET HTTP/2
www.g7jjf.com/riscos/RPC.zip
IP
79.99.42.22:443
ASN
#8560 IONOS SE

Certificate
IssuerLet's Encrypt
Subjectg7jjf.com
Fingerprint89:FE:14:FD:49:62:9B:79:5B:9F:75:9F:50:BE:A1:35:9D:E8:72:80
ValidityWed, 24 Apr 2024 07:44:24 GMT - Tue, 23 Jul 2024 07:44:23 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
7.7 MB (7723366 bytes)
Hash
ac86dfa2b2fe0fe74b333e003903fa05
ea286019af9cafb4612b304487006e1436c6d968
ee0ba839a88e3313013ce981da910696a7255b4b04550629523e1be30f887c63

HTTP Headers

GET /riscos/RPC.zip HTTP/1.1
Host: www.g7jjf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 06:03:45 GMT
content-type: application/zip
content-length: 7723366
last-modified: Fri, 26 May 2023 18:08:36 GMT
etag: "6470f5a4-75d966"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (12)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers