Report - dropmefiles.cc/ua/zip/7840486d157118e50c7ec204618abb3f/0/CBGH9Nk6

Report Overview

Submitted URL
dropmefiles.cc/ua/zip/7840486d157118e50c7ec204618abb3f/0/CBGH9Nk6
IP
91.203.63.10
ASN
#44894 Ukrchermetavtomatika LLC
Submitted
2024-04-23 07:36:35
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dropmefiles.cc	unknown	2021-11-22	2022-01-04	2024-03-26	519 B	2.4 MB	91.203.63.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
dropmefiles.cc/ua/zip/7840486d157118e50c7ec204618abb3f/0/CBGH9Nk6
IP
91.203.63.10
ASN
#44894 Ukrchermetavtomatika LLC

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.4 MB (2387551 bytes)
Hash
cc590260fe4a31e22442bdd9c83f07ed
c7fee74174a2a1157acf80d26e60425be09f6f0c
d986aa47477684f65879a042590a0c3c915f9e6b6451f9cc53facb2a3ed0c3d1

Archive (1)

Filename

Md5

File type

signed_build.exe

83da94d985990c9b106b667c70a72119

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects XMRIG crypto coin miners
Public Nextron YARA rules	malware	Detects Monero Crypto Coin Miner
Public Nextron YARA rules	malware	Detects Monero mining software
Elastic Security YARA Rules	malware	MacOS.Cryptominer.Generic
Elastic Security YARA Rules	malware	MacOS.Cryptominer.Xmrig

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Size
	dropmefiles.cc/ua/zip/7840486d157118e50c7ec204618abb3f/0/CBGH9Nk6	91.203.63.10	2.4 MB
URL dropmefiles.cc/ua/zip/7840486d157118e50c7ec204618abb3f/0/CBGH9Nk6 IP 91.203.63.10:0 ASN #44894 Ukrchermetavtomatika LLC File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 2.4 MB (2387551 bytes) Hash cc590260fe4a31e22442bdd9c83f07ed c7fee74174a2a1157acf80d26e60425be09f6f0c d986aa47477684f65879a042590a0c3c915f9e6b6451f9cc53facb2a3ed0c3d1 HTTP Headers GET /ua/zip/7840486d157118e50c7ec204618abb3f/0/CBGH9Nk6 HTTP/1.1 Host: dropmefiles.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 07:36:09 GMT Server: Apache/2.4.54 (Debian) Set-Cookie: PHPSESSID=a26494cc62addcac10edf9f3c6e15f16; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Disposition: attachment; filename="dropmefiles.cc_CBGH9Nk6.zip" Keep-Alive: timeout=5 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: application/x-zip`

dropmefiles.cc/ua/zip/7840486d157118e50c7ec204618abb3f/0/CBGH9Nk6

91.203.63.10

2.4 MB

URL
dropmefiles.cc/ua/zip/7840486d157118e50c7ec204618abb3f/0/CBGH9Nk6
IP
91.203.63.10:0
ASN
#44894 Ukrchermetavtomatika LLC

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.4 MB (2387551 bytes)
Hash
cc590260fe4a31e22442bdd9c83f07ed
c7fee74174a2a1157acf80d26e60425be09f6f0c
d986aa47477684f65879a042590a0c3c915f9e6b6451f9cc53facb2a3ed0c3d1

HTTP Headers

GET /ua/zip/7840486d157118e50c7ec204618abb3f/0/CBGH9Nk6 HTTP/1.1
Host: dropmefiles.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 07:36:09 GMT
Server: Apache/2.4.54 (Debian)
Set-Cookie: PHPSESSID=a26494cc62addcac10edf9f3c6e15f16; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Disposition: attachment; filename="dropmefiles.cc_CBGH9Nk6.zip"
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/x-zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (1)

Detections

JavaScript (0)

HTTP Transactions (1)

URL

IP

ASN

File type

Size

Hash

HTTP Headers