Report Overview

  1. Submitted URL

    cdn.gilcdn.com/ContentMediaGenericFiles/6f42f0098c8ea97bd381fd2a59e4b6d5-Full.zip?w=1&h=1&Expires=1713512794&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uZ2lsY2RuLmNvbS9Db250ZW50TWVkaWFHZW5lcmljRmlsZXMvNmY0MmYwMDk4YzhlYTk3YmQzODFmZDJhNTllNGI2ZDUtRnVsbC56aXA~dz0xJmg9MSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTcxMzUxMjc5NH19fV19&Signature=NtVsuO1Zo1wQdjYorz6BjTdrm~EKe8-D~Tu34X1gf-eAfNfwBp2-zbKXS7hz1t2-yzgVpg69wVMAORLoUDKadbZCs0IJRyGrk0guSxWw8jAcHRWBO03VDccXMiHYxZ764g~1-d5Sc5OVzVFlqR22h1b1WhKDDSeYQMl5sTt53OvVS163c2jhaTZY1tFZuFGQqWnkjdP22PLmOBOeAxnN3nyhFkvXTIGtCC3n1irVvXPuwFn8P6I-Ius~exPWA8ymAxOFuutAh3hvPASSFCaF0oTSHMK-HCPe-Ydu0Vmz2M4YHKuBOVoSIUeqFzt7~KRmF6l3IwQKxcVpeiQgHhc4yQ__&Key-Pair-Id=K1FFKFZRWAZSB

  2. IP

    54.230.111.31

    ASN

    #16509 AMAZON-02

  3. Submitted

    2024-04-19 07:42:13

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    0

  4. Threat Detection Systems

    6

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
cdn.gilcdn.comunknown2023-12-132023-12-152024-04-18

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    cdn.gilcdn.com/ContentMediaGenericFiles/6f42f0098c8ea97bd381fd2a59e4b6d5-Full.zip?w=1&h=1&Expires=1713512794&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uZ2lsY2RuLmNvbS9Db250ZW50TWVkaWFHZW5lcmljRmlsZXMvNmY0MmYwMDk4YzhlYTk3YmQzODFmZDJhNTllNGI2ZDUtRnVsbC56aXA~dz0xJmg9MSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTcxMzUxMjc5NH19fV19&Signature=NtVsuO1Zo1wQdjYorz6BjTdrm~EKe8-D~Tu34X1gf-eAfNfwBp2-zbKXS7hz1t2-yzgVpg69wVMAORLoUDKadbZCs0IJRyGrk0guSxWw8jAcHRWBO03VDccXMiHYxZ764g~1-d5Sc5OVzVFlqR22h1b1WhKDDSeYQMl5sTt53OvVS163c2jhaTZY1tFZuFGQqWnkjdP22PLmOBOeAxnN3nyhFkvXTIGtCC3n1irVvXPuwFn8P6I-Ius~exPWA8ymAxOFuutAh3hvPASSFCaF0oTSHMK-HCPe-Ydu0Vmz2M4YHKuBOVoSIUeqFzt7~KRmF6l3IwQKxcVpeiQgHhc4yQ__&Key-Pair-Id=K1FFKFZRWAZSB

  2. IP

    54.230.111.92

  3. ASN

    #16509 AMAZON-02

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=deflate

    Size

    12 MB (11609475 bytes)

  2. Hash

    6f42f0098c8ea97bd381fd2a59e4b6d5

    76089caac8f506564a10da70c60ed8c651d55007

  1. Archive (22)

    2. FilenameMd5File type
    FW1FontWrapper.dll
    daa32fd4ee493fc1fdf0b66991868ef4
    		PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
    Gwen.dll
    367a1b17121dfc7c2347984380939bc2
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Gwen.UnitTest.dll
    90b34cfce1f4caba67f42f4d8f135189
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    LMS.PortableExecutable.dll
    6a52fa924073b0f913855f070dc553a7
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Microsoft.Expression.Drawing.dll
    5bd39a82aacf1aa423e6eeeeda696eea
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Mono.Cecil.dll
    6d6292bc8e698e53e69556add6f62442
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Mono.Cecil.Mdb.dll
    3c6cff9ef0ba7748d6c61dfacb6890a7
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Mono.Cecil.Pdb.dll
    c7a0b5173df5bea531a20fbace30fc89
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Mono.Cecil.Rocks.dll
    7c9a0c59ce05aba61485eb46883ba933
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    RAGEPluginHook.exe
    2bb5335e217544cc5045e36ed5307559
    		PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows, 2 sections
    RPH_Readme.txt
    7b081efb3e794533b99a7c15807ed09a
    		ASCII text, with CRLF line terminators
    SlimDX.dll
    5c243b42d2b0103bbe603cf586ea8467
    		PE32+ executable (DLL) (GUI) x86-64 Mono/.Net assembly, for MS Windows, 7 sections
    XInput1_4.dll
    d2ef25dff3e2ad78f89a527101767707
    		PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
    DotNetZip.license
    44d661570ba6e888aa5a0d0e79a11510
    		ASCII text, with very long lines (405), with CRLF line terminators
    FW1FontWrapper.license
    5d4751d254b5764d04e48273e8fd82cb
    		ASCII text, with very long lines (460), with CRLF line terminators
    Gwen.license
    46df45eb743258ff6cb7ebbb18bc434b
    		ASCII text, with CRLF line terminators
    Mono.Cecil.license
    38cfe826b8d95f757e4a4aa641d01415
    		ASCII text, with CRLF line terminators
    SlimDX.license
    3a43d0e676e71023a3dd899933778027
    		ASCII text, with CRLF line terminators
    RagePluginHookSDK.dll
    3e3b3f854d34e60d5c0b74b93b7e88f9
    		PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows, 2 sections
    RagePluginHookSDK.xml
    4b6d6bd33a64a876f7ccd14e4944b5a5
    		XML 1.0 document, ASCII text, with CRLF line terminators
    cursor_32_2.png
    be981c7e1461188450c1bc0352aee019
    		PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
    DefaultSkin.png
    a7562ebd9a7c54a6575808da4680caf3
    		PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    Detects ConfuserEx packed file
    Public Nextron YARA rulesmalware
    Detects ConfuserEx packed file
    VirusTotalsuspicious
    VirusTotal - Scan result 3/61

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
cdn.gilcdn.com/ContentMediaGenericFiles/6f42f0098c8ea97bd381fd2a59e4b6d5-Full.zip?w=1&h=1&Expires=1713512794&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9jZG4uZ2lsY2RuLmNvbS9Db250ZW50TWVkaWFHZW5lcmljRmlsZXMvNmY0MmYwMDk4YzhlYTk3YmQzODFmZDJhNTllNGI2ZDUtRnVsbC56aXA~dz0xJmg9MSIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTcxMzUxMjc5NH19fV19&Signature=NtVsuO1Zo1wQdjYorz6BjTdrm~EKe8-D~Tu34X1gf-eAfNfwBp2-zbKXS7hz1t2-yzgVpg69wVMAORLoUDKadbZCs0IJRyGrk0guSxWw8jAcHRWBO03VDccXMiHYxZ764g~1-d5Sc5OVzVFlqR22h1b1WhKDDSeYQMl5sTt53OvVS163c2jhaTZY1tFZuFGQqWnkjdP22PLmOBOeAxnN3nyhFkvXTIGtCC3n1irVvXPuwFn8P6I-Ius~exPWA8ymAxOFuutAh3hvPASSFCaF0oTSHMK-HCPe-Ydu0Vmz2M4YHKuBOVoSIUeqFzt7~KRmF6l3IwQKxcVpeiQgHhc4yQ__&Key-Pair-Id=K1FFKFZRWAZSB
54.230.111.92200 OK12 MB