Report Overview
Submitted URL
www.alphaplugins.com/downloads/products/ae/CurtainsInstaller.zip
IP
198.23.48.184
ASN
#32748 STEADFAST
Submitted
2024-05-07 09:44:01
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
www.alphaplugins.com | unknown | 2006-07-02 | 2012-06-19 | 2023-10-06 | 518 B | 1.7 MB | 198.23.48.184 |
aus5.mozilla.org | 2548 | 1998-01-24 | 2015-10-27 | 2024-05-05 | 512 B | 1.2 kB | 35.244.181.201 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
www.alphaplugins.com/downloads/products/ae/CurtainsInstaller.zip
IP
198.23.48.184
ASN
#32748 STEADFAST
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
1.7 MB (1740956 bytes)
Hash
baa9245eb01de5cde5a88147e94491ca
9909ebe55a2c2b9a7f198a998d575558b11caa28
Archive (111)
Filename | Md5 | File type | |||
---|---|---|---|---|---|
Info.plist | 9a1144c0818dd2e5d2dbe883c49a2e39 | XML 1.0 document, ASCII text | |||
CurtainsInstaller | 7d1bf676675c7dd53a606d1d180f0874
| Mach-O universal binary with 2 architectures: [i386: - Mach-O i386 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] [ - ppc: - Mach-O ppc executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] | |||
PkgInfo | 23b7d7d024abb0f558420e098800bf27 | ASCII text, with no line terminators | |||
Info.plist | 48543d0aad1081efd586494fdf485975 | XML 1.0 document, Unicode text, UTF-8 text | |||
Curtains | 86ecbba6e322f80b0ebfc2acc2f6aa33
| Mach-O universal binary with 2 architectures: [ppc: - Mach-O ppc bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] [ - i386: - Mach-O i386 bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] | |||
PkgInfo | f28212d63481beda068ff70806cfbdab | ASCII text, with no line terminators | |||
about_down.bmp | 05fc3dbe7262fc6ed1be35334ffca0f8 | PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54 | |||
about_up.bmp | f9983375b7b238938f1d5432976f7f57 | PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54 | |||
banner.bmp | f4137920eda06e2ecf0c87c86f3288e6 | PC bitmap, Windows 3.x format, 360 x 100 x 24, image size 108002, resolution 2834 x 2834 px/m, cbSize 108056, bits offset 54 | |||
Curtains.rsrc | 57b5e6fa336235c6522f68ec9510f75e | Apple HFS/HFS+ resource fork, map offset 0x238, map length 0x32, data length 0x138, fileRef 0x900, list offset 0x1c, name offset 0x32, 1 type, 0x5069504c 'PiPL' * 1 resource offset 0xa | |||
curtains_logo.pct | 6f4373b712c2acfbbf84220c9e733ca0 | data | |||
curtains_logoLeft.pct | 78911b145fe1ef2f79ee698f95148526 | data | |||
help_down.bmp | 0494e156ff67b77f61e30e30510308d7 | PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54 | |||
help_up.bmp | bd62efb184aba899be5664499728eba6 | PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54 | |||
classes.nib | 2f1b2b5cd12c21a001010397cf51243a | XML 1.0 document, ASCII text | |||
info.nib | 9621205063f84adaada48b2dcf557001 | XML 1.0 document, ASCII text | |||
objects.xib | 440bb8483cf1b1e3a896efcde5b05d5e | XML 1.0 document, Unicode text, UTF-8 text | |||
curtainsdoc.htm | 688115017a7fa68141e7ab013502fa5a | HTML document, ASCII text, with very long lines (12019), with CRLF line terminators | |||
applewhite.jpg | 89751207b2e669238e6b738109431420 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 30x37, components 3 | |||
bannerleft.gif | 59cfa03e160523f8157aa40e5b24220f | GIF image data, version 89a, 470 x 141 | |||
bannermid.gif | 90b702ebba2b920b34ad3efa354e1268 | GIF image data, version 89a, 1 x 141 | |||
bannerright.gif | 5037c9d834a4a46a16a1a8988590f09a | GIF image data, version 89a, 12 x 141 | |||
b1x7.gif | 57b0d2c74017352944f95f97f0a405ad | GIF image data, version 89a, 1 x 7 | |||
l5x1.gif | 98a9e327bddf5a21f90ec117be8815d7 | GIF image data, version 89a, 5 x 1 | |||
lb5x7.gif | dcc58f622227c3f511abe7a33e34b275 | GIF image data, version 89a, 5 x 7 | |||
lt5x5.gif | 329782741ea92a3e4011e8266530d97f | GIF image data, version 89a, 5 x 5 | |||
r.gif | ca9571e34c147fda79aa0b109e85e871 | GIF image data, version 89a, 6 x 1 | |||
rb6x7.gif | b1a8602f45373b8b3aa905e38b2ad0f1 | GIF image data, version 89a, 6 x 7 | |||
rt6x5.gif | 18d76d1ab692e7fe7e06325673a8ff1c | GIF image data, version 89a, 6 x 5 | |||
t.gif | a96ea23b98d2227deb084f77142daaf8 | GIF image data, version 89a, 1 x 5 | |||
fill.png | 2d1b326146b666aa1c06ff29c922b417 | PNG image data, 1 x 20, 8-bit colormap, non-interlaced | |||
lt5x5.gif | 8b043ed850893d85458b04fd067ba7ea | GIF image data, version 89a, 5 x 5 | |||
rt5x5.gif | d6a8be59e3fe7b1b74e5ac966c82c4f7 | GIF image data, version 89a, 5 x 5 | |||
t1x5.gif | ef85bb2f02387188a7b6cd6295b67f65 | GIF image data, version 89a, 1 x 5 | |||
Thumbs.db | 68ae5c3feb772509b8ead4c0a05528f3 | Composite Document File V2 Document, Cannot read section info | |||
curtains_logo400.jpg | 5cefc5441c34b191bfb528f1e1a15d78 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 400x300, components 3 | |||
exl.jpg | 7a6bff7f10666b577050dbb635744ee2 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 36x49, components 3 | |||
fix01.jpg | 2aee476e93dba4cc9f2e6b9b4a11da0c | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3 | |||
fix02.jpg | 9eac168c3ba0e1c5f1f5b9015e96ccf5 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3 | |||
i.jpg | 423418bf8b3fc21baa516a89203cf6bb | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 38x47, components 3 | |||
lens05.jpg | feb57cff5766f78ab325e63bf90dcc01 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 360x303, components 3 | |||
mat38.jpg | d3c86cbf2a1c1df0f2bac6709c2fbca8 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3 | |||
material.jpg | 7dbad75f5d8b3852ca1895042318d9a6 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 480x360, components 3 | |||
orient04.jpg | 7108fd0d46d84c50b85244d795ed0f22 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3 | |||
orient20.jpg | 31f2f5f13c09275a276a0700fb749101 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3 | |||
b1x4.gif | 9ee36356ee2143a123c5c30a607ee695 | GIF image data, version 89a, 1 x 4 | |||
fill.gif | d8b0d5ff85d11ebd396e25e8a3fce863 | GIF image data, version 89a, 1 x 700 | |||
fill.png | e78660118e5e2cf798510b86ab9535d0 | PNG image data, 1 x 700, 8-bit/color RGB, non-interlaced | |||
l1x1.gif | 8cdb8b09a663d7e568bd8c898e0259c3 | GIF image data, version 89a, 1 x 1 | |||
lb4x4.gif | d46f2fd6b6706387ca943b62778cf93e | GIF image data, version 89a, 4 x 4 | |||
lt4x4.gif | aa060da423c28b8978d29c1673321502 | GIF image data, version 89a, 4 x 4 | |||
r2x1.gif | 6c1658149128d9af2b02a2c6d31f5cac | GIF image data, version 89a, 2 x 1 | |||
rb5x4.gif | bb99fda2477b704c173dd4e3b3725684 | GIF image data, version 89a, 5 x 4 | |||
rt5x4.gif | f706e782dff3ac206bdeea11b3051c44 | GIF image data, version 89a, 5 x 4 | |||
t1x4.gif | b4a4a150354e7cf927470dd3b41c2f0d | GIF image data, version 89a, 1 x 4 | |||
1x1.gif | 1a358f94896524e7054db6731f1bceef | GIF image data, version 89a, 1 x 1 | |||
b1x5.gif | 0a2f5a2706089eb0ac9c2a707ca935ba | GIF image data, version 89a, 1 x 5 | |||
fill.gif | d114635a88a579cd2c0176afc5c5f68c | GIF image data, version 89a, 1 x 1 | |||
l5x1.gif | 8a317b1b114d752ce00048f185282c14 | GIF image data, version 89a, 5 x 1 | |||
lb5x5.gif | 020edc9fbc05b97db7b009216d9e44a0 | GIF image data, version 89a, 5 x 5 | |||
lt5x5.gif | 3c27bad0a65677bd8efdb3f30f4aa4e2 | GIF image data, version 89a, 5 x 5 | |||
r5x1.gif | 030e8588c366cece5ac4887e20590442 | GIF image data, version 89a, 5 x 1 | |||
rb5x5.gif | 0ab757ebecdde1052c29bd2e16c451d6 | GIF image data, version 89a, 5 x 5 | |||
rt5x5.gif | 21468c963c7b710a9ffcd5944ad5977d | GIF image data, version 89a, 5 x 5 | |||
t1x5.gif | d318221a76b752208bebb78f02dfb629 | GIF image data, version 89a, 1 x 5 | |||
rend01.jpg | c4f8ece5503d0a8521f0c992dc80df9f | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3 | |||
rend02.gif | 0973ad56b5213f6f11b46d255e550a85 | GIF image data, version 89a, 320 x 240 | |||
su.jpg | 6df5b7af81b8e4b3e193b1cdd2f2d5a3 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 356x280, components 3 | |||
theatr05.jpg | f0ec7b3cd1170cb934118a5abb0296e0 | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3 | |||
Tkan2Dump01.jpg | 93b3dc6a8021e3d0f0019ce33d6b543e | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 320x240, components 3 | |||
winwhite.jpg | 535144efd14537925c18a44334b4a6eb | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 40x35, components 3 | |||
Info.plist | fbaffee82e134e6a49d438089f05080e | XML 1.0 document, Unicode text, UTF-8 text | |||
CurtainsTableau | beef1c3035898ed4ee001c6dfe600a89
| Mach-O universal binary with 2 architectures: [ppc: - Mach-O ppc bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] [ - i386: - Mach-O i386 bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] | |||
PkgInfo | f28212d63481beda068ff70806cfbdab | ASCII text, with no line terminators | |||
about_down.bmp | 05fc3dbe7262fc6ed1be35334ffca0f8 | PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54 | |||
about_up.bmp | f9983375b7b238938f1d5432976f7f57 | PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54 | |||
curtains_banner_tableau.bmp | e10d4f96f6ac8eae343fa92a60af6ba3 | PC bitmap, Windows 3.x format, 360 x 100 x 24, image size 108002, resolution 2834 x 2834 px/m, cbSize 108056, bits offset 54 | |||
curtains_logo.pct | 6f4373b712c2acfbbf84220c9e733ca0 | data | |||
curtains_logoLeft.pct | 78911b145fe1ef2f79ee698f95148526 | data | |||
CurtainsTableau.rsrc | db5848ae35c30b8649e454f7f83b3741 | Apple HFS/HFS+ resource fork, map offset 0x240, map length 0x32, data length 0x140, fileRef 0x900, list offset 0x1c, name offset 0x32, 1 type, 0x5069504c 'PiPL' * 1 resource offset 0xa | |||
help_down.bmp | 0494e156ff67b77f61e30e30510308d7 | PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54 | |||
help_up.bmp | bd62efb184aba899be5664499728eba6 | PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54 | |||
classes.nib | 2f1b2b5cd12c21a001010397cf51243a | XML 1.0 document, ASCII text | |||
info.nib | 9621205063f84adaada48b2dcf557001 | XML 1.0 document, ASCII text | |||
objects.xib | 440bb8483cf1b1e3a896efcde5b05d5e | XML 1.0 document, Unicode text, UTF-8 text | |||
Info.plist | a0be7fc3e42cadb1fc00064ea28f7d81 | XML 1.0 document, Unicode text, UTF-8 text | |||
CurtainsTheatre | e4ad3ede43dd579fed6d3104ea7e1097
| Mach-O universal binary with 2 architectures: [ppc: - Mach-O ppc bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] [ - i386: - Mach-O i386 bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] | |||
PkgInfo | f28212d63481beda068ff70806cfbdab | ASCII text, with no line terminators | |||
about_down.bmp | 05fc3dbe7262fc6ed1be35334ffca0f8 | PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54 | |||
about_up.bmp | f9983375b7b238938f1d5432976f7f57 | PC bitmap, Windows 3.x format, 54 x 54 x 24, image size 8858, resolution 2834 x 2834 px/m, cbSize 8912, bits offset 54 | |||
curtains_banner_theatre.bmp | 0349301d7cab394adf1e3783e55c698d | PC bitmap, Windows 3.x format, 360 x 100 x 24, image size 108002, resolution 2834 x 2834 px/m, cbSize 108056, bits offset 54 | |||
curtains_logo.pct | 6f4373b712c2acfbbf84220c9e733ca0 | data | |||
curtains_logoLeft.pct | 78911b145fe1ef2f79ee698f95148526 | data | |||
CurtainsTheatre.rsrc | b08477009a3a75712ab6cace35019fee | Apple HFS/HFS+ resource fork, map offset 0x240, map length 0x32, data length 0x140, fileRef 0x900, list offset 0x1c, name offset 0x32, 1 type, 0x5069504c 'PiPL' * 1 resource offset 0xa | |||
help_down.bmp | 0494e156ff67b77f61e30e30510308d7 | PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54 | |||
help_up.bmp | bd62efb184aba899be5664499728eba6 | PC bitmap, Windows 3.x format, 73 x 40 x 24, image size 8802, resolution 2834 x 2834 px/m, cbSize 8856, bits offset 54 | |||
classes.nib | 2f1b2b5cd12c21a001010397cf51243a | XML 1.0 document, ASCII text | |||
info.nib | 9621205063f84adaada48b2dcf557001 | XML 1.0 document, ASCII text | |||
objects.xib | 440bb8483cf1b1e3a896efcde5b05d5e | XML 1.0 document, Unicode text, UTF-8 text | |||
AlphaStar.icns | 90a32d94847c096f03ed69d3fe8a85cc | Mac OS X icon, 38903 bytes, "it32" type | |||
AlphaStarMacIcon64.pct | c7c62b49d6e47fb79eed16cbc4abef9b | data | |||
InfoPlist.strings | fae5aea6f8a3607bfc36c81271cd2618 | Unicode text, UTF-16, little-endian text | |||
classes.nib | 2f1b2b5cd12c21a001010397cf51243a | XML 1.0 document, ASCII text | |||
info.nib | 3ad41a2b903f395503a13ebdef4cd151 | XML 1.0 document, ASCII text | |||
objects.xib | 3a40879fd1114c7695e9c406070e6925 | XML 1.0 document, ASCII text | |||
greenarr.png | 5157f090b1658e98beecf5d91d070bdd | PNG image data, 22 x 23, 8-bit/color RGB, non-interlaced | |||
MacInstallerLeft.pct | 8802ecdec8b8c69726ea3032d104e0ef | data | |||
MacInstallerRight.pct | 7f191a551ecd3cb04841eb47c0e0e27b | data | |||
config.txt | 883d1f717905cfed126ee56ebd37c24c | ISO-8859 text | |||
license.txt | 64f58b75ba259b5401888c3a8936ae12 | ASCII text, with very long lines (949), with CRLF line terminators | |||
StopSign.png | cb989b2b9337ae2599f284c55ecf5de3 | PNG image data, 25 x 24, 8-bit/color RGB, non-interlaced |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | meth_get_eip |
YARAhub by abuse.ch | malware | meth_get_eip |
YARAhub by abuse.ch | malware | meth_get_eip |
YARAhub by abuse.ch | malware | meth_get_eip |
JavaScript (0)
HTTP Transactions (2)
URL | IP | Response | Size | |
---|---|---|---|---|
www.alphaplugins.com/downloads/products/ae/CurtainsInstaller.zip | 198.23.48.184 | 200 OK | 1.7 MB | |
HTTP Headers
| ||||
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | 444 B | ||
HTTP Headers
| ||||