Report - spyderrock.com/t1me1674-EADLCUnlockerv2.7z

Report Overview

Submitted URL
spyderrock.com/t1me1674-EADLCUnlockerv2.7z
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-27 20:33:02
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
spyderrock.com	unknown	2023-06-25	2023-06-25	2024-04-17	496 B	187 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
spyderrock.com/t1me1674-EADLCUnlockerv2.7z
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET

File type
7-zip archive data, version 0.4
Size
186 kB (186052 bytes)
Hash
29a21fd888e2799bf49b770e11b935c4
69ece59bfddaea77e90b3b37000b0d650aa0abbe
a6a23ac80e625a89dee394a155ff00c320bad63053ab704083fb56a8044e5ef9

Archive (31)

Filename

Md5

File type

config.ini

9cd8592f5b8934fec8b47994c4fda5b6

Generic INItialization configuration [autoupdate]

g_Cities Skylines.ini

b7f9bf30d6947aff647b416da0fd551f

ASCII text, with CRLF line terminators

g_Dead Space 2023.ini

fc3f0c4d744a4310c775b2879399c468

ASCII text, with CRLF line terminators

g_Dead Space 3.ini

19f5deda4368c463d16687109abf543d

ASCII text, with CRLF line terminators

g_F1 22.ini

51fff0fdf96929ece2b1ca964d006550

Unicode text, UTF-8 text, with CRLF line terminators

g_F1 23.ini

18416efa57d527355f065064172a821d

ASCII text, with CRLF line terminators

g_Frostpunk.ini

fb2516caacebcdb02e9f2194ba72de12

ASCII text, with CRLF line terminators

g_GRID Legends.ini

c2dc8a3df7745fc6bafb633d4ea33fb5

ASCII text, with CRLF line terminators

g_It Takes Two.ini

31561acf01f495280b2e03ec26b7812f

ASCII text, with CRLF line terminators

g_Mutant Year Zero.ini

d2df62135af50232e599c5be5f1105b3

ASCII text, with CRLF line terminators

g_My Time at Portia.ini

ede7b7058e8c95575ef5517d36784fe2

ASCII text, with CRLF line terminators

g_Need For Speed Heat.ini

c11c8268aa87fd021f691d4ae9529ccb

ASCII text, with CRLF line terminators

g_Need For Speed Most Wanted.ini

53020d0ff8e79ee8305061d5d3964927

ASCII text, with CRLF line terminators

g_Need For Speed Payback.ini

c49b925d0158a9c34e976d436c8ac2a0

ASCII text, with CRLF line terminators

g_Need For Speed Unbound.ini

2910635a112c6e379bffb313215035bf

ASCII text, with CRLF line terminators

g_Northgard.ini

43b7f6386594bb53e06aa1b750950f47

ASCII text, with CRLF line terminators

g_STAR WARS Jedi Fallen Order.ini

473c794e2d9ce2a2a68879595b0e7f04

ASCII text, with CRLF line terminators

g_STAR WARS Jedi Survivor.ini

85ec254324d2b9b8bd33fc7e1023d873

ASCII text, with CRLF line terminators

g_SimCity 2013.ini

2a83a1d376bd05d4c5516aa75c9d7786

ASCII text, with CRLF line terminators

g_Tales of Kenzera ZAU.ini

bd254a902a564a63590230d825614a2b

ASCII text, with CRLF line terminators

g_The Sims 3.ini

55daa556f13a5d4d7fe9aecf7d8a4d64

ASCII text, with CRLF line terminators

g_The Sims 4.ini

4eb9550c60ffbeed1281110b1da4850d

Unicode text, UTF-8 text, with CRLF line terminators

g_The Sinking City.ini

7a4cd7023da1924c4e9b8a062742ed5f

ASCII text, with CRLF line terminators

g_The Surge.ini

7b0cffc89d868888402003be8d94c0e7

ASCII text, with CRLF line terminators

g_This War of Mine.ini

d60f144dce2ff1ecbe28b1b5b6276f3e

ASCII text, with CRLF line terminators

g_Tropico 6.ini

768e49dae6976e945da44c075a1dd38d

ASCII text, with CRLF line terminators

readme.txt

45ff53386616d443567474ef3024da6b

ASCII text, with CRLF line terminators

setup.bat

313b65ba5a36ba99e5f05f8e060a6882

ASCII text, with very long lines (321), with CRLF line terminators

setup_linux.sh

1742976191440d52facbcde93b399a94

Bourne-Again shell script, ASCII text executable

version.dll

b69243228b677fdacac06ce9365a4571

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 9 sections

version.dll

2ef99a682256f6b9820b876a9eb2950a

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

spyderrock.com/t1me1674-EADLCUnlockerv2.7z

188.114.96.1

200 OK

186 kB

URL User Request GET HTTP/2
spyderrock.com/t1me1674-EADLCUnlockerv2.7z
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectspyderrock.com
FingerprintFC:3D:C8:EB:28:28:EC:F5:E0:64:4D:A1:E9:68:DC:11:F9:D7:5A:A7
ValidityTue, 19 Mar 2024 20:41:45 GMT - Mon, 17 Jun 2024 20:41:44 GMT

File type
7-zip archive data, version 0.4
Size
186 kB (186052 bytes)
Hash
29a21fd888e2799bf49b770e11b935c4
69ece59bfddaea77e90b3b37000b0d650aa0abbe
a6a23ac80e625a89dee394a155ff00c320bad63053ab704083fb56a8044e5ef9

HTTP Headers

GET /t1me1674-EADLCUnlockerv2.7z HTTP/1.1
Host: spyderrock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Apr 2024 20:32:37 GMT
content-length: 186052
content-disposition: attachment; filename="EA%20DLC%20Unlocker%20v2.7z"
etag: "6bd04be27b2f5301bfd04e418206da20-1"
last-modified: Wed, 24 Apr 2024 11:28:53 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDBE9T8aMSUNUlLyqcdIH27mys%2BUw%2FNIbvQSutemdBOk3v8FzFPGe1ned%2FwdwKe08WjFP3Tff7%2Bt4iiVM%2BUwIDDkIryBuh%2FOGNECbiUZNWPfU6th5zkf05NqsPcOGngYgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b195390d6db51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2