Report - redirect.lesta.ru/LGC/Lesta_Game_Center_Install_RU.exe?sid=SIDEQCL_tU0MSTKM_glEjOYMQnUOUe-410TP2AidMYAAmSng3uzK3gOw-9nhZ7MjWIYyHg1yma0bUb5ZxjTvDz7TK30PcujSKNJwPGsXtD2xVRQTT300vCUDjwvZl3pu-KbMYSby35NN1LR1A

Report Overview

Submitted URL
redirect.lesta.ru/LGC/Lesta_Game_Center_Install_RU.exe?sid=SIDEQCL_tU0MSTKM_glEjOYMQnUOUe-410TP2AidMYAAmSng3uzK3gOw-9nhZ7MjWIYyHg1yma0bUb5ZxjTvDz7TK30PcujSKNJwPGsXtD2xVRQTT300vCUDjwvZl3pu-KbMYSby35NN1LR1A
IP
92.223.34.22
ASN
#210756 EdgeCenter LLC
Submitted
2024-04-23 09:50:26
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
redirect.lesta.ru	unknown	2000-12-04	2022-10-12	2024-04-13	1.7 kB	1.3 kB	92.223.34.22
redir.lesta.ru	unknown	2000-12-04	2022-10-12	2024-03-28	726 B	1.1 kB	92.223.34.200
lds.lesta.ru	unknown	2000-12-04	2023-05-11	2024-04-14	1.1 kB	4.3 MB	193.17.93.193

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
lds.lesta.ru/lgc/prod/lgc_24.00.01.0433_ru/lesta_game_center_install_ru.exe?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M&enctid=d0repzw3qeus&lpsn=WGC+Install+RU&foris=0&teclient=1713865801550935369&utm_source=wgc&utm_medium=application&utm_campaign=wgc-install-ru&utm_content=lgc
IP
193.17.93.193
ASN
#210756 EdgeCenter LLC

File type
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections
Size
4.3 MB (4312088 bytes)
Hash
1532bafdfad514413bb9f0773af2de47
9385efb07f8db47e04a58c33034cc67938aa1949
ea4cd341fb870b7d679aab9357458864b3aed6f1ee1ecf826a701aa3092cea3b

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/71

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

redirect.lesta.ru/LGC/Lesta_Game_Center_Install_RU.exe?sid=SIDEQCL_tU0MSTKM_glEjOYMQnUOUe-410TP2AidMYAAmSng3uzK3gOw-9nhZ7MjWIYyHg1yma0bUb5ZxjTvDz7TK30PcujSKNJwPGsXtD2xVRQTT300vCUDjwvZl3pu-KbMYSby35NN1LR1A

92.223.34.22

302 Moved Temporarily

138 B

URL User Request GET HTTP/1.1
redirect.lesta.ru/LGC/Lesta_Game_Center_Install_RU.exe?sid=SIDEQCL_tU0MSTKM_glEjOYMQnUOUe-410TP2AidMYAAmSng3uzK3gOw-9nhZ7MjWIYyHg1yma0bUb5ZxjTvDz7TK30PcujSKNJwPGsXtD2xVRQTT300vCUDjwvZl3pu-KbMYSby35NN1LR1A
IP
92.223.34.22:443
ASN
#210756 EdgeCenter LLC

Certificate
IssuerGlobalSign nv-sa
Subject*.lesta.ru
Fingerprint3E:AA:65:2D:CF:38:17:16:94:E7:01:3A:D7:39:02:C5:40:5E:D0:D0
ValidityTue, 20 Jun 2023 13:15:09 GMT - Sun, 21 Jul 2024 13:15:08 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /LGC/Lesta_Game_Center_Install_RU.exe?sid=SIDEQCL_tU0MSTKM_glEjOYMQnUOUe-410TP2AidMYAAmSng3uzK3gOw-9nhZ7MjWIYyHg1yma0bUb5ZxjTvDz7TK30PcujSKNJwPGsXtD2xVRQTT300vCUDjwvZl3pu-KbMYSby35NN1LR1A HTTP/1.1
Host: redirect.lesta.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 23 Apr 2024 09:50:01 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: https://redir.lesta.ru/06qbw26l/?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDEQCL_tU0MSTKM_glEjOYMQnUOUe-410TP2AidMYAAmSng3uzK3gOw-9nhZ7MjWIYyHg1yma0bUb5ZxjTvDz7TK30PcujSKNJwPGsXtD2xVRQTT300vCUDjwvZl3pu-KbMYSby35NN1LR1A&enctid=0

redir.lesta.ru/06qbw26l/?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDEQCL_tU0MSTKM_glEjOYMQnUOUe-410TP2AidMYAAmSng3uzK3gOw-9nhZ7MjWIYyHg1yma0bUb5ZxjTvDz7TK30PcujSKNJwPGsXtD2xVRQTT300vCUDjwvZl3pu-KbMYSby35NN1LR1A&enctid=0

92.223.34.200

301 Moved Permanently

22 B

URL User Request GET HTTP/1.1
redir.lesta.ru/06qbw26l/?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDEQCL_tU0MSTKM_glEjOYMQnUOUe-410TP2AidMYAAmSng3uzK3gOw-9nhZ7MjWIYyHg1yma0bUb5ZxjTvDz7TK30PcujSKNJwPGsXtD2xVRQTT300vCUDjwvZl3pu-KbMYSby35NN1LR1A&enctid=0
IP
92.223.34.200:443
ASN
#210756 EdgeCenter LLC

Certificate
IssuerGlobalSign nv-sa
Subject*.lesta.ru
Fingerprint3E:AA:65:2D:CF:38:17:16:94:E7:01:3A:D7:39:02:C5:40:5E:D0:D0
ValidityTue, 20 Jun 2023 13:15:09 GMT - Sun, 21 Jul 2024 13:15:08 GMT

File type
ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
0e0bf67572311f8a23814419ff24ee9a
78328dfc54708433cdfb3e7857e57f87ec443b08
c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2

HTTP Headers

GET /06qbw26l/?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDEQCL_tU0MSTKM_glEjOYMQnUOUe-410TP2AidMYAAmSng3uzK3gOw-9nhZ7MjWIYyHg1yma0bUb5ZxjTvDz7TK30PcujSKNJwPGsXtD2xVRQTT300vCUDjwvZl3pu-KbMYSby35NN1LR1A&enctid=0 HTTP/1.1
Host: redir.lesta.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 23 Apr 2024 09:50:01 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M&enctid=d0repzw3qeus&lpsn=WGC+Install+RU&foris=0&teclient=1713865801550935369&utm_source=wgc&utm_medium=application&utm_campaign=wgc-install-ru&utm_content=lgc
Set-Cookie: STIDREFERRAL=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M; Domain=.lesta.ru; Max-Age=2592000; Path=/; SameSite=None; Secure
enctid=d0repzw3qeus; Domain=.lesta.ru; Max-Age=2592000; Path=/; SameSite=None; Secure
teclient=1713865801550935369; Domain=.lesta.ru; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache

redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M&enctid=d0repzw3qeus&lpsn=WGC+Install+RU&foris=0&teclient=1713865801550935369&utm_source=wgc&utm_medium=application&utm_campaign=wgc-install-ru&utm_content=lgc

92.223.34.22

302 Moved Temporarily

138 B

URL User Request GET HTTP/1.1
redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M&enctid=d0repzw3qeus&lpsn=WGC+Install+RU&foris=0&teclient=1713865801550935369&utm_source=wgc&utm_medium=application&utm_campaign=wgc-install-ru&utm_content=lgc
IP
92.223.34.22:443
ASN
#210756 EdgeCenter LLC

Certificate
IssuerGlobalSign nv-sa
Subject*.lesta.ru
Fingerprint3E:AA:65:2D:CF:38:17:16:94:E7:01:3A:D7:39:02:C5:40:5E:D0:D0
ValidityTue, 20 Jun 2023 13:15:09 GMT - Sun, 21 Jul 2024 13:15:08 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /LGC/internal/Lesta_Game_Center_Install_RU.exe?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M&enctid=d0repzw3qeus&lpsn=WGC+Install+RU&foris=0&teclient=1713865801550935369&utm_source=wgc&utm_medium=application&utm_campaign=wgc-install-ru&utm_content=lgc HTTP/1.1
Host: redirect.lesta.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: STIDREFERRAL=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M; enctid=d0repzw3qeus; teclient=1713865801550935369
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 23 Apr 2024 09:50:01 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: https://lds.lesta.ru/lgc/prod/lgc_24.00.01.0433_ru/lesta_game_center_install_ru.exe?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M&enctid=d0repzw3qeus&lpsn=WGC+Install+RU&foris=0&teclient=1713865801550935369&utm_source=wgc&utm_medium=application&utm_campaign=wgc-install-ru&utm_content=lgc

lds.lesta.ru/lgc/prod/lgc_24.00.01.0433_ru/lesta_game_center_install_ru.exe?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M&enctid=d0repzw3qeus&lpsn=WGC+Install+RU&foris=0&teclient=1713865801550935369&utm_source=wgc&utm_medium=application&utm_campaign=wgc-install-ru&utm_content=lgc

193.17.93.193

200 OK

4.3 MB

URL User Request GET HTTP/2
lds.lesta.ru/lgc/prod/lgc_24.00.01.0433_ru/lesta_game_center_install_ru.exe?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M&enctid=d0repzw3qeus&lpsn=WGC+Install+RU&foris=0&teclient=1713865801550935369&utm_source=wgc&utm_medium=application&utm_campaign=wgc-install-ru&utm_content=lgc
IP
193.17.93.193:443
ASN
#210756 EdgeCenter LLC

Certificate
IssuerGlobalSign nv-sa
Subject*.lesta.ru
Fingerprint3E:AA:65:2D:CF:38:17:16:94:E7:01:3A:D7:39:02:C5:40:5E:D0:D0
ValidityTue, 20 Jun 2023 13:15:09 GMT - Sun, 21 Jul 2024 13:15:08 GMT

File type
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections
Size
4.3 MB (4312088 bytes)
Hash
1532bafdfad514413bb9f0773af2de47
9385efb07f8db47e04a58c33034cc67938aa1949
ea4cd341fb870b7d679aab9357458864b3aed6f1ee1ecf826a701aa3092cea3b

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/71

HTTP Headers

GET /lgc/prod/lgc_24.00.01.0433_ru/lesta_game_center_install_ru.exe?pub_id=LGC&lpurl=https://redirect.lesta.ru/LGC/internal/Lesta_Game_Center_Install_RU.exe&sid=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M&enctid=d0repzw3qeus&lpsn=WGC+Install+RU&foris=0&teclient=1713865801550935369&utm_source=wgc&utm_medium=application&utm_campaign=wgc-install-ru&utm_content=lgc HTTP/1.1
Host: lds.lesta.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: STIDREFERRAL=SIDxuMwSl1zLjSlY6f-AsnPtM8VcR_A1QHD4pCXe_4PSzSku9y9Sxc2dtu_W3ooagnWgeh3Q71DKkewGvPme1iX6YO4yx6D49cIF6uLuxRizebPFaby-6KOjB6M; enctid=d0repzw3qeus; teclient=1713865801550935369
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 09:50:01 GMT
content-type: application/x-msdownload
content-length: 4312088
last-modified: Tue, 05 Mar 2024 12:02:33 GMT
x-rgw-object-type: Normal
etag: "1532bafdfad514413bb9f0773af2de47"
x-amz-meta-mtime: 1709640146.3409604
x-amz-request-id: tx0000031ae6eeb9f2f48d4-0066278449-818f3b1-dt2
content-disposition: attachment; filename="lesta_game_center_install_ru_d0repzw3qeus.exe"
cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (4)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers