Report Overview
- Visited public2024-11-06 16:35:47Tags
- URL
mods2.sharemods.com/cgi-bin/dl.cgi/62ykrsz3vupa6fduhzupa7fbbf3l3ryykww2uiwv3gorzbady7256vy/Rainbomizer_-_SA_Randomizer.7z
- Finishing URL
about:privatebrowsing
- IP / ASN49.12.84.254
#24940 Hetzner Online GmbH
Titleabout:privatebrowsing
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
mods2.sharemods.com | unknown | 2013-01-31 | 2020-02-09 | 2024-11-02 | 575 B | 226 kB | 49.12.84.254 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Mnemonic Secure DNS
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
mods2.sharemods.com/cgi-bin/dl.cgi/62ykrsz3vupa6fduhzupa7fbbf3l3ryykww2uiwv3gorzbady7256vy/Rainbomizer_-_SA_Randomizer.7z
IP
49.12.84.254
ASN
#24940 Hetzner Online GmbH
File type
7-zip archive data, version 0.4
Size
226 kB (226152 bytes)
Hash
2fb2f36d8920819c7c41cf0f3b74a596
10f2ebfb441c6c783bb768f0e25753534c4cdd3d
Archive (6)
Filename | Md5 | File type | ||||||
---|---|---|---|---|---|---|---|---|
Leiame (ou morra).txt | 786e38dacfd2b80d57b468d78205ac49 | ISO-8859 text, with CRLF line terminators | ||||||
config.toml | 717f78600fd9ac0705b356657c65ef6b | ASCII text, with CRLF line terminators | ||||||
Cutscene_Models.txt | 823d7a171786c5ea810952b2ffaefce5 | ASCII text, with CRLF line terminators | ||||||
Readme (or die).txt | 11e156e72bf71c8f63541153fb4268fc | ASCII text, with CRLF line terminators | ||||||
Readme (ORIGINAL).txt | d4e723ff5adcd19d36f9f8d7cd0b6d1c | Unicode text, UTF-8 (with BOM) text, with very long lines (487), with CRLF line terminators | ||||||
SA.Rainbomizer.asi | 56d0afd62f691f3968b535fc685206eb
| PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
mods2.sharemods.com/cgi-bin/dl.cgi/62ykrsz3vupa6fduhzupa7fbbf3l3ryykww2uiwv3gorzbady7256vy/Rainbomizer_-_SA_Randomizer.7z | 49.12.84.254 | 200 OK | 226 kB | |||||||
Detections
HTTP Headers
| ||||||||||