Report - mods2.sharemods.com/cgi-bin/dl.cgi/62ykrsz3vupa6fduhzupa7fbbf3l3ryykww2uiwv3gorzbady7256vy/Rainbomizer_-_SA

Report Overview

Visitedpublic

2024-11-06 16:35:47

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
mods2.sharemods.com	unknown	2013-01-31	2020-02-09	2024-11-02	575 B	226 kB	49.12.84.254

No alerts detected

No alerts detected

No alerts detected

No alerts detected

No alerts detected

No alerts detected

No alerts detected

URL

mods2.sharemods.com/cgi-bin/dl.cgi/62ykrsz3vupa6fduhzupa7fbbf3l3ryykww2uiwv3gorzbady7256vy/Rainbomizer_-_SA_Randomizer.7z

IP / ASN

49.12.84.254

#24940 Hetzner Online GmbH

File Overview

File Type7-zip archive data, version 0.4

Size226 kB (226152 bytes)

MD52fb2f36d8920819c7c41cf0f3b74a596

SHA110f2ebfb441c6c783bb768f0e25753534c4cdd3d

SHA2562c60b7676cb4b32cc2c25d7acfbc14a737ab0d47aed2f865f77aeeb68b0998e5

Archive (6)

Modified	Filename	Size	MD5	File type
2020-02-22 23:25	Leiame (ou morra).txt	1.6 kB	786e38dacfd2b80d57b468d78205ac49	ISO-8859 text, with CRLF line terminators
2020-02-14 21:53	config.toml	12 kB	717f78600fd9ac0705b356657c65ef6b	ASCII text, with CRLF line terminators
2020-02-14 21:53	Cutscene_Models.txt	12 kB	823d7a171786c5ea810952b2ffaefce5	ASCII text, with CRLF line terminators
2020-02-22 23:25	Readme (or die).txt	1.6 kB	11e156e72bf71c8f63541153fb4268fc	ASCII text, with CRLF line terminators
2020-02-18 02:48	Readme (ORIGINAL).txt	6.6 kB	d4e723ff5adcd19d36f9f8d7cd0b6d1c	Unicode text, UTF-8 (with BOM) text, with very long lines (487), with CRLF line terminators
2020-02-14 21:53	SA.Rainbomizer.asi	551 kB	56d0afd62f691f3968b535fc685206eb	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	suspicious	VirusTotal - Scan result 9/59

	URL	IP	Response	Size