{"report_id":"173825ed-52e7-4fd9-bda4-0637e8ce0b49","version":6,"status":"done","tags":[],"date":"2024-01-18T08:55:31Z","url":{"schema":"http","addr":"drive.printersmaster.com/wp-content/uploads/2021/03/Epson-L405-Resetter.zip","fqdn":"drive.printersmaster.com","domain":"printersmaster.com","tld":"com"},"ip":{"addr":"65.108.9.234","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T03:37:55Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"drive.printersmaster.com","ip":{"addr":"65.108.9.234","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2020-11-18","domain_rank":0,"first_seen":"2021-03-07 11:36:54","last_seen":"2024-01-16 12:57:27","alert_count":1,"request_count":1,"received_data":5871500,"sent_data":529,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"4b7a56ab3ab2bd89fd933c977c5fa861","sha1":"1577dc26aea21d70daee132e2ff0a488d97c3777","sha256":"02ae1d51fcd305a803bbe59fe8ba9fe7bae3155088e081f4ff35b839878e4024","sha512":"68a2efe16d7a7638c1bd325e8ac0c209caeb2b88721f2a66a93e56debb662e8aa99e6e9e0f07bab54f700396593c4790b7b7e83a7293013d74a92114af40e878","magic":"Zip archive data, at least v1.0 to extract, compression method=store","size":5871126,"url":{"schema":"https","addr":"drive.printersmaster.com/wp-content/uploads/2021/03/Epson-L405-Resetter.zip","fqdn":"drive.printersmaster.com","domain":"printersmaster.com","tld":"com"},"ip":{"addr":"65.108.9.234","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"archive":[{"path":"Epson L405 Resetter (www.PrinterGuider.com)/AdjProg.exe","filename":"AdjProg.exe","modified":"","Modified":"2018-10-12T16:11:08+05:00","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections","size":4169728,"md5":"5aebf3c44ac1cf99eb386efbdee3da0d","sha1":"2451b306810154bd9f48cc621cc10c2d3332eb87","sha256":"bef273f0cf318edc1b58d2960f6669e1e8bcb82d941d8f03d2f2ba7e5c503db9","sha512":"91690b920b5a8bae3ceabdadcf4526dd2f29cf25aef98205646878ebe8acd84e2e3a766310a78e94586362b488725db1091528699ec076803dd8dad1f607625d","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-06-12","alert":"Scan result 47/70","trigger":"bef273f0cf318edc1b58d2960f6669e1e8bcb82d941d8f03d2f2ba7e5c503db9","verdict":"malicious","severity":"","comment":"malicious - 47/70","link":"https://www.virustotal.com/gui/file/bef273f0cf318edc1b58d2960f6669e1e8bcb82d941d8f03d2f2ba7e5c503db9","meta":null}]}},{"path":"Epson L405 Resetter (www.PrinterGuider.com)/apdadrv.dll","filename":"apdadrv.dll","modified":"","Modified":"2017-11-11T07:23:52+05:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections","size":102400,"md5":"6cbaa51b63f66018f8b9d1b39ede7feb","sha1":"c4532e38f0651c7557a122064a660200a8c56ca7","sha256":"77b718b6c42376501ea36be816cb905ee8105ccda7a06fa0587e7fd694ad4abb","sha512":"902dbeb71c3b6eaf62f6f02081ff1685c34d85e904b626a3b3c99043c18fa512ddbd02f7b7cdeadac6d7acb0422f4d65b0111a623a1305fd3169ffd66efa22e8","alerts":{"urlquery":null,"analyzer":null}},{"path":"Epson L405 Resetter (www.PrinterGuider.com)/Keygen/ECCfunctions.dll","filename":"ECCfunctions.dll","modified":"","Modified":"2018-10-11T14:40:02+05:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections","size":158208,"md5":"22395bf616cd1b209d074913c930e02a","sha1":"3a0ece8ce46a5b9d85b5154896a85843e6eaaf30","sha256":"42bdfc6e7f5419aeaf1c848f6a52875cea4d71989a72a9d32e1e8bd29ecbf858","sha512":"ac2c289513390d9df4b007923ad0f67ce6011ad7da3d5d0e9ca455285cd602e371da5f79fb4a697d9cacd53d54e72af30f31843822c4825e54c3afd03c8f1d41","alerts":{"urlquery":null,"analyzer":null}},{"path":"Epson L405 Resetter (www.PrinterGuider.com)/Keygen/GeneratorDatabase.abs","filename":"GeneratorDatabase.abs","modified":"","Modified":"2019-04-10T00:50:37+05:00","magic":"data","size":82300,"md5":"85784a77135d9e384a3e74b274dc1dd9","sha1":"db69d84f393e4d8375aa6e05c51d6e525f289aaa","sha256":"c9594d1fe6855c67d03c4fd39560baa155328aca0c2744780f649469e8a3a002","sha512":"b37f04d6e5b2d64842fe4424b4624eeaa3977078e07e6458733181b3827bf2cea63b2b8d2a32648c1acb8f4f72d307360fd240e4b021ab81844c750b0912ea99","alerts":{"urlquery":null,"analyzer":null}},{"path":"Epson L405 Resetter (www.PrinterGuider.com)/Keygen/GeneratorSeed.gns","filename":"GeneratorSeed.gns","modified":"","Modified":"2018-10-11T14:40:02+05:00","magic":"data","size":4593,"md5":"4a0552c63f16e158d2842789ae53590e","sha1":"e9c56f2bc97e0def27761fdc84d6b3d84b03946c","sha256":"136305fd0c3346133c5195ea63c7eaee050c7b4de3bd5d31efd9d29b47406a50","sha512":"88701210b1fc110c88f16ed403d62918665bfc7f6d92cfa5d29c7440f79ded9fc9138d0a97cd2eb4b0dba7d7132fab363752203a63240480148c3411b0d174f8","alerts":{"urlquery":null,"analyzer":null}},{"path":"Epson L405 Resetter (www.PrinterGuider.com)/Keygen/WinLicenseSDK.dll","filename":"WinLicenseSDK.dll","modified":"","Modified":"2018-10-11T14:40:02+05:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections","size":170496,"md5":"d90c96dbfa873779f2327cbd35da282d","sha1":"aaa6c492095e6889fd8c0c5b6ee1495050846852","sha256":"0deabc8f6005df13aec5a2dea3ff99ce7a314eeb4ffce6f6b62dc6bb7df95e4c","sha512":"33285349ac47a9ce11c6717c8b2a6138d996fefd8404dfcb24d51b0ebbdc074a04e521f9339d04e01535fff6a7405e6657d16fd161eb47ba83ce4e469fdc8d07","alerts":{"urlquery":null,"analyzer":null}},{"path":"Epson L405 Resetter (www.PrinterGuider.com)/Keygen/WLGen_Epson L405.exe","filename":"WLGen_Epson L405.exe","modified":"","Modified":"2014-07-18T02:30:52+05:00","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections","size":3497472,"md5":"482383625afe37e564f986e964a0d2ba","sha1":"6a6f8a830585f2e79e20bf885775bcf832a95787","sha256":"480cdccfa85f39861eae9a842a8bbaa8c8e25331ee826e476940f36ff4463e93","sha512":"a0885d8f8fbfc2dfe8ce566f2ab1c054b5f9d609a8dd9af96c3b74dc28d635dce45123d608a32dba7f289b3a4b8779cfdeb35e3c7efc971ceba167652391118e","alerts":{"urlquery":null,"analyzer":null}},{"path":"Epson L405 Resetter (www.PrinterGuider.com)/StrGene.dll","filename":"StrGene.dll","modified":"","Modified":"2017-11-11T07:23:52+05:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections","size":57344,"md5":"5e9b43ffb570bde219c3c63bf0a50f6a","sha1":"93269b8dd85b650a04f96ad79876b36f508ca6f3","sha256":"6d468ed2ef32d8f7486de26e817ff9e1e8bfac2e2ad7ff191722c2b29e0344c7","sha512":"8faacf4b12e02b387da689f5eaf03843b5be75ee2f8992dbced6c00f28e3bf044a5ab47f0efd09a5938929d6fa448f6ab8dc996c4daab26787ee6008a8b41713","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2021-03-31","alert":"Scan result 23/62","trigger":"02ae1d51fcd305a803bbe59fe8ba9fe7bae3155088e081f4ff35b839878e4024","verdict":"malicious","severity":"","comment":"malicious - 23/62","link":"https://www.virustotal.com/gui/file/02ae1d51fcd305a803bbe59fe8ba9fe7bae3155088e081f4ff35b839878e4024","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"drive.printersmaster.com/wp-content/uploads/2021/03/Epson-L405-Resetter.zip","fqdn":"drive.printersmaster.com","domain":"printersmaster.com","tld":"com"},"ip":{"addr":"65.108.9.234","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-18T08:55:02.645Z","timestamp":1705568102645,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.drive.printersmaster.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Thu, 14 Dec 2023 19:50:46 GMT","end":"Wed, 13 Mar 2024 19:50:45 GMT"},"fingerprint":{"sha1":"29:85:5C:17:F0:58:A1:71:E0:4F:D3:FD:A8:25:CB:FA:2A:CD:A5:23","sha256":"44:E5:77:BA:CD:D1:F1:5A:DD:FB:43:99:E9:69:3F:DC:A6:62:A4:1E:E0:0A:CA:F6:C4:F9:5F:CA:37:F7:91:E4"}}},"request":{"raw":"GET /wp-content/uploads/2021/03/Epson-L405-Resetter.zip HTTP/1.1\r\nHost: drive.printersmaster.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/zip\r\nlast-modified: Sun, 07 Mar 2021 11:35:13 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5871126\r\ndate: Thu, 18 Jan 2024 08:55:02 GMT\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5871126,"size_decoded":5871126,"mime_type":"application/zip","magic":"Zip archive data, at least v1.0 to extract, compression method=store","md5":"4b7a56ab3ab2bd89fd933c977c5fa861","sha1":"1577dc26aea21d70daee132e2ff0a488d97c3777","sha256":"02ae1d51fcd305a803bbe59fe8ba9fe7bae3155088e081f4ff35b839878e4024","sha512":"68a2efe16d7a7638c1bd325e8ac0c209caeb2b88721f2a66a93e56debb662e8aa99e6e9e0f07bab54f700396593c4790b7b7e83a7293013d74a92114af40e878","ssdeep":"98304:R/xbREIfi97Ea6Xzbmtz16J0h+JQ9yddvqCcgsiHViMoKKEPEgLIXEYv1JmyCGMW:R/dfo7Uetx6JhwydsCB1ViOHPb8UYzm6","tlshash":"b846335b23ef688aa84d4cf925cd722e4a94e93b2fe26b58c4d534b9c784355c04cfc9","first_seen":"2024-01-18T09:55:34Z","last_seen":"2024-11-14T18:37:50.713054Z","times_seen":4,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":47,"dns":2,"connect":14,"send":0,"wait":15,"receive":546,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2021-03-31","alert":"Scan result 23/62","trigger":"02ae1d51fcd305a803bbe59fe8ba9fe7bae3155088e081f4ff35b839878e4024","verdict":"malicious","severity":"","comment":"malicious - 23/62","link":"https://www.virustotal.com/gui/file/02ae1d51fcd305a803bbe59fe8ba9fe7bae3155088e081f4ff35b839878e4024","meta":null}],"urlquery":null}}]}