Report - nightmare.su/Releases/DBDTools.zip

Report Overview

Submitted URL
nightmare.su/Releases/DBDTools.zip
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 15:48:04
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nightmare.su	unknown	2022-07-12	2017-03-11	2024-03-28	488 B	16 MB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
nightmare.su/Releases/DBDTools.zip
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
16 MB (15847433 bytes)
Hash
f6051f2b3b7cb9374c075e7292081431
3bcd04360717cc22e92a3da9b1fcceecf3f09cf1
c160dee542478694a788d11f7fcdba5dded257853339077069d23731b66f3615

Archive (16)

Filename

Md5

File type

Bloodweb

baef5206606ac3905287426355bd7944

ASCII text, with very long lines (65536), with no line terminators

C_Data

6e51b83d5455f82b269490deffd1051a

ASCII text, with very long lines (65536), with no line terminators

DLC

daac24d71f3341870d657107ffe84ef3

JSON text data

Market

917d056f4af3e557db41969def3ced4c

ASCII text, with very long lines (65536), with no line terminators

DBDTools.exe

957688dc0f912c038a60cca21dec21d8

PE32+ executable (console) x86-64, for MS Windows, 8 sections

DBDTools.exe.Config

7b6c4a58d08a5efdf7af17d55ae76ade

XML 1.0 document, ASCII text, with CRLF line terminators

ToolsUpdater.exe

3db3745390f926f07ebb71b7cbbdc400

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

BCMakeCert.dll

02729f68491bd39e50312c64a2942204

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu_UI_v1.5.3.dll

e0ef2817ee5a7c8cd1eb837195768bd2

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

DiscordRPC.dll

3956130e36754f184a0443c850f708f8

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

FiddlerCore.dll

053944ce8a3ff32d51dbfaa2fe322f25

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

FiddlerCore4.dll

9ad919daa8cb63dd54d7ae0d6c463a1f

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Guna.UI.dll

8673eae95d67e5eb19f0eca3111408e8

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Newtonsoft.Json.dll

081d9558bbb7adce142da153b2d5577a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Runtime.CompilerServices.Unsafe.dll

da04a75ddc22118ed24e0b53e474805a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Telerik.NetworkConnections.dll

b6af933b0bbf95aadc0e36a1b1ebcf18

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 45/63

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

nightmare.su/Releases/DBDTools.zip

188.114.97.1

200 OK

16 MB

URL User Request GET HTTP/2
nightmare.su/Releases/DBDTools.zip
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectnightmare.su
FingerprintE9:95:BD:C1:70:2A:8B:AB:FF:13:9A:BB:FC:8C:FC:44:37:85:B0:FF
ValidityFri, 19 Apr 2024 11:41:43 GMT - Thu, 18 Jul 2024 11:41:42 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
16 MB (15847433 bytes)
Hash
f6051f2b3b7cb9374c075e7292081431
3bcd04360717cc22e92a3da9b1fcceecf3f09cf1
c160dee542478694a788d11f7fcdba5dded257853339077069d23731b66f3615

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 45/63

HTTP Headers

GET /Releases/DBDTools.zip HTTP/1.1
Host: nightmare.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 15:47:34 GMT
content-type: application/zip
content-length: 15847433
last-modified: Tue, 19 Mar 2024 12:31:23 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=1800
cf-cache-status: HIT
age: 1155
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MvclfJgWihojf2YabOBgrKK4ehxtZbEBjBYXfl0MVXcOMaWiXFXNjvvRgXbaASJM0KM8hzDF2NAg1QzZ5p3ApqyuVkUxsOhOD1e5Uty%2BNzne9SueK%2BlRfMhTx5j1jfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a7b649bbbd568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2