Report - c4.kemono.su/data/35/1d/351d5861a344de85f1538e26eb0b69d6a06e14e816999a9bed9b165029fd86f7.zip?f=UUU_v515.zip

Report Overview

Submitted URL
c4.kemono.su/data/35/1d/351d5861a344de85f1538e26eb0b69d6a06e14e816999a9bed9b165029fd86f7.zip?f=UUU_v515.zip
IP
91.149.227.4
ASN
#200508 Sorok76 Ltd
Submitted
2024-05-04 14:50:37
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
c4.kemono.su	unknown	2022-08-25	2023-10-22	2024-03-07	1.2 kB	1.4 MB	91.149.227.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
c4.kemono.su/data/35/1d/351d5861a344de85f1538e26eb0b69d6a06e14e816999a9bed9b165029fd86f7.zip?f=UUU_v515.zip
IP
91.149.227.4
ASN
#200508 Sorok76 Ltd

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.4 MB (1388776 bytes)
Hash
8d2af7080bf2c7cc788f2b87029e965e
b91fb10bdf5b2ce129a5f958c225a77d62cd0031
351d5861a344de85f1538e26eb0b69d6a06e14e816999a9bed9b165029fd86f7

Archive (17)

Filename

Md5

File type

ColorPicker.dll

a943b32b5e61069cc2f1000c74a05bac

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

igcs.config

c52ed63ece119ad01869d8d4bbfbf94c

XML 1.0 document, ASCII text, with CRLF line terminators

IGCSClient.exe

e97cfc06287ec3b00e13949f06b0c848

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Xaml.Behaviors.dll

9ad956cab2868019c2f630b38c2dd3a1

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

ModernWpf.Controls.dll

b4d5f5d6efd3588702cc55f111ecba3c

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

ModernWpf.dll

169c7c0f025900e4304cb32fa3ab2c6c

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bloom max quality.preset

da88cd669685ab110c8d41f9485606d6

Generic INItialization configuration [Setting values]

Essentials.preset

9145aae8c2a034a44e721e3e8b620dcb

Generic INItialization configuration [Setting values]

Less pronounced Old skool AO.preset

5c5ad0de2adee41239636c6d3d5dd4bb

Generic INItialization configuration [Setting values]

Lumen max quality.preset

a96287acb84434c33e93fbb652a32a22

Generic INItialization configuration [Setting values]

Oldskool Ambient Occlusion.preset

23c23ea4b0f24efe6ac538c3baee6a7e

Generic INItialization configuration [Setting values]

Oldskool screenspace reflections.preset

209e81376f9e4391ecd49276fc41c92c

Generic INItialization configuration [Setting values]

Ray-traced everything.preset

cce60f1e1077304d0dbbb5e2a02ac3db

Generic INItialization configuration [Setting values]

Readme.txt

11f24fd75572a7690594b6421762f039

ASCII text, with CRLF line terminators

System.ValueTuple.dll

99cec77dbee0ab10b9fc4d52a1d414be

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

ToastNotifications.dll

ce4c69d4ba73105bf8eff333ff8d265b

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

UniversalUE5Unlocker.dll

c22ab59d28425b7ff4494c5f583ace08

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/68

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

c4.kemono.su/

91.149.227.4

162 B

URL
c4.kemono.su/
IP
91.149.227.4:0
ASN
#200508 Sorok76 Ltd

File type
HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET / HTTP/1.1
Host: c4.kemono.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 May 2024 14:50:15 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://c4.kemono.su/

c4.kemono.su/

91.149.227.4

2 B

URL
c4.kemono.su/
IP
91.149.227.4:0
ASN
#200508 Sorok76 Ltd

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

GET / HTTP/1.1
Host: c4.kemono.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:50:17 GMT
content-type: text/html
content-length: 2
X-Firefox-Spdy: h2

c4.kemono.su/data/35/1d/351d5861a344de85f1538e26eb0b69d6a06e14e816999a9bed9b165029fd86f7.zip?f=UUU_v515.zip

91.149.227.4

200 OK

1.4 MB

URL User Request GET HTTP/2
c4.kemono.su/data/35/1d/351d5861a344de85f1538e26eb0b69d6a06e14e816999a9bed9b165029fd86f7.zip?f=UUU_v515.zip
IP
91.149.227.4:443
ASN
#200508 Sorok76 Ltd

Certificate
IssuerLet's Encrypt
Subjectc4.kemono.su
FingerprintF3:18:91:28:2F:6A:A5:8E:68:C2:63:84:22:11:89:E7:C1:E0:56:67
ValidityWed, 17 Apr 2024 23:41:23 GMT - Tue, 16 Jul 2024 23:41:22 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.4 MB (1388776 bytes)
Hash
8d2af7080bf2c7cc788f2b87029e965e
b91fb10bdf5b2ce129a5f958c225a77d62cd0031
351d5861a344de85f1538e26eb0b69d6a06e14e816999a9bed9b165029fd86f7

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/68

HTTP Headers

GET /data/35/1d/351d5861a344de85f1538e26eb0b69d6a06e14e816999a9bed9b165029fd86f7.zip?f=UUU_v515.zip HTTP/1.1
Host: c4.kemono.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:50:15 GMT
content-type: application/zip
content-length: 1388776
last-modified: Fri, 05 Apr 2024 16:25:31 GMT
etag: "661025fb-1530e8"
content-disposition: inline; filename=UUU_v515.zip
access-control-allow-origin: https://kemono.su
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: *
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2