Report - www.haijin-boys.com/download/Mery-x64-3.7.15.zip

Report Overview

Visited public
2025-05-09 07:25:26
Tags
Submit Tags
URL
www.haijin-boys.com/download/Mery-x64-3.7.15.zip
Finishing URL
about:privatebrowsing
IP / ASN
183.90.182.164
#37907 DigiRock, Inc.
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.haijin-boys.com	unknown	2008-05-25	2012-12-27	2025-05-01	516 B	5.4 MB	183.90.182.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.haijin-boys.com/download/Mery-x64-3.7.15.zip
IP
183.90.182.164
ASN
#37907 DigiRock, Inc.

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
5.4 MB (5438312 bytes)
Hash
c6f410617bc47baeb49007f3994690c0
c8a42fdd2f0ec01489ec20b7587a1ed31657b375
6a7043b5627baa12e07555d3c1e8e35b68bb7ff3b78f3dce95111fd2d94347a3

Archive (58)

Filename

Md5

File type

CHANGELOG.txt

3190a806d1c8b6cebf9ffb713f390100

Unicode text, UTF-8 text, with CRLF line terminators

en_US.aff

c440369e0b75fea17c4e065999dcfadd

ISO-8859 text

en_US.dic

15582ca5c695ee48915d85e0c8578f27

ISO-8859 text

han2zen.dat

d296135bffd1a28387ecf84ef77e7213

Unicode text, UTF-8 text

hira2kata.dat

67a29586ef7a74249df1c691695004a3

Unicode text, UTF-8 text

migemo-dict

407bff3ce9beab6bcb428c41387b91b0

Unicode text, UTF-8 text, with CRLF line terminators

roma2hira.dat

aed01dbcb6f83758dadf8a16023bf0b7

Unicode text, UTF-8 text

zen2han.dat

06a672544f411ea95abd0c61ae9f19ac

Unicode text, UTF-8 text

eula.rtf

a16d7b1a6a115419dbbaed02273fc972

Rich Text Format data, version 1, ANSI, code page 932, default language ID 1033

asm.txt

a90f59be06e49582f7251bb757b7cc4b

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

bat.txt

5f0ddc261b30c21cdafb323b6bb4eb4d

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

cfm.txt

0cd5e9a76df6b0d4e8375793438f5214

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

cpp.txt

3b1e472eb8bc54c88bcb89fa629c62c3

C source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

cs.txt

1993763e17b00b343d2991cdb179ec5e

C source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

css.txt

3e3c10c3289e14603341806e42f780cd

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

erb.txt

21299f87816a5b5cd49074a71e5261db

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

hsp.txt

23f4892458224da625181605a8ed7e48

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

html.txt

f2c024a3338d0117a89eec7141122a29

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

ino.txt

43d06e6d8f5ee4a4e6f0c954ebb8adc6

C source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

java.txt

4cf13c1f2b90ab87433737a169adf666

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

js.txt

7399978bf1c51045fbda65c84f49736d

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

jsp.txt

f3467847145f88d8803f41b7737520c3

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

pas.txt

aa097c3ec46e59a265c786513a4e27e0

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

php.txt

a86a4b99c880f7a76e90d7a6e1afc813

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

pl.txt

42c13554b31386104896667faf025d76

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

pls.txt

078ad72d4db1c60de3a573307f06188b

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

ps1.txt

c2e63e03e5505a963ee5d43de761b639

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

py.txt

1cfb67663d53bbfbc5eb63c5c842f208

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

rb.txt

21299f87816a5b5cd49074a71e5261db

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

sql.txt

e8f5d1ed8d0bd64d3dbd8aa05d3d42ba

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

tex.txt

9a75fd20774891b0840a1b6469b81e58

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

ts.txt

f8cd8709f0c1503a410bae6bb0e75070

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

uws.txt

67c3cf5c79260f128e67e0649faaab69

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

vb.txt

6d8ecb5673253d50dc06c25223e30094

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

vbs.txt

1015e9c34663fdfb6fd7b0a58cae3b2b

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

wsf.txt

f3150992d6b2e71c0e318c77a0b059f9

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

xml.txt

9efe1aac4a7e43f1dcad68320dd5e419

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

libhunspell.dll

8dabc0d8a2710b2f3adf2e76b1b53da6

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Common.js

9f40aa621042f41769df98a75914dbb5

ASCII text, with CRLF line terminators

Filter.js

78096abb906d13e60bf638bef8818bf7

Unicode text, UTF-8 text, with CRLF line terminators

FilterOut.js

e3c70161389f1c4a6f0abeb847e5cbd6

Unicode text, UTF-8 text, with CRLF line terminators

Numbering.js

92de1c60265eb608b0b1411c9d12816c

JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators

RemoveDuplicates.js

87b83c174141707a4ad8bab19b300ba2

JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators

RemoveEmptyLines.js

113b12ac8b296794d7912a8c8c8dc2ef

JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators

SortAscending.js

1372ed77819d48ce634d9f4868f0cbad

JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators

SortDescending.js

72d5195cfc1b6bbae314e35919aed356

JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators

Mery.exe

1271587b8da3bd401bd48d3679ff49c5

PE32+ executable (GUI) x86-64, for MS Windows, 9 sections

merycfg.dll

592a7c49bbc1e2db7fe217c4484a4827

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections

meryres.dll

19bcca5e71823ec82c4bbff5f843c1de

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

migemo.dll

8a74b7f6fd0a368f786827ed317edc82

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

onig.dll

cb7bbde3a1a192c4a255104f0da3dd3a

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

onigmo.dll

2eebcd57e44c74cd4b44462f55c5f924

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Outline.dll

a5c9af119d2f42af6cff081cb632588e

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 9 sections

README.txt

85734fe164776004912f80b4cf4f5188

Unicode text, UTF-8 text, with CRLF line terminators

ThirdPartyNotices.txt

95cc12d2d9786243c4a1010e6d6cb7e2

Unicode text, UTF-8 text, with CRLF line terminators

tidy.dll

0209b086166af87fcdd03a96f4e18d77

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

uchardet.dll

230cf632636aa17eceda85ae22e38d7d

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

WebView2Loader.dll

b7dfbfecc8abbd6eae8b109d38e70e60

PE32+ executable (DLL) (console) x86-64, for MS Windows, 12 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	suspicious	VirusTotal - Scan result 2/66

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET www.haijin-boys.com/download/Mery-x64-3.7.15.zip

183.90.182.164

200 OK

5.4 MB

URL User Request GET
www.haijin-boys.com/download/Mery-x64-3.7.15.zip
IP
183.90.182.164:443
ASN
#37907 DigiRock, Inc.

Certificate
IssuerLet's Encrypt
Subjectwebdisk.haijin-boys.com
Fingerprint50:F7:D8:D5:C9:30:02:20:FE:33:11:36:1D:9A:C8:DC:FE:3E:FF:DD
ValidityWed, 16 Apr 2025 02:23:03 GMT - Tue, 15 Jul 2025 02:23:02 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
5.4 MB (5438312 bytes)
Hash
c6f410617bc47baeb49007f3994690c0
c8a42fdd2f0ec01489ec20b7587a1ed31657b375
6a7043b5627baa12e07555d3c1e8e35b68bb7ff3b78f3dce95111fd2d94347a3

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/66

HTTP Headers

GET /download/Mery-x64-3.7.15.zip HTTP/1.1
Host: www.haijin-boys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/zip
last-modified: Tue, 06 May 2025 13:19:26 GMT
accept-ranges: bytes
content-length: 5438312
date: Fri, 09 May 2025 07:24:52 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (58)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers