Report Overview

  1. Visited public
    2024-11-06 16:35:47
    Tags
  2. URL

    mods2.sharemods.com/cgi-bin/dl.cgi/62ykrsz3vupa6fduhzupa7fbbf3l3ryykww2uiwv3gorzbady7256vy/Rainbomizer_-_SA_Randomizer.7z

  3. Finishing URL

    about:privatebrowsing

  4. IP / ASN
    49.12.84.254

    #24940 Hetzner Online GmbH

    Title
    about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
mods2.sharemods.comunknown2013-01-312020-02-092024-11-02

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Mnemonic Secure DNS

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    mods2.sharemods.com/cgi-bin/dl.cgi/62ykrsz3vupa6fduhzupa7fbbf3l3ryykww2uiwv3gorzbady7256vy/Rainbomizer_-_SA_Randomizer.7z

  2. IP

    49.12.84.254

  3. ASN

    #24940 Hetzner Online GmbH

  1. File type

    7-zip archive data, version 0.4

    Size

    226 kB (226152 bytes)

  2. Hash

    2fb2f36d8920819c7c41cf0f3b74a596

    10f2ebfb441c6c783bb768f0e25753534c4cdd3d

  1. Archive (6)

  2. FilenameMd5File type
    Leiame (ou morra).txt
    786e38dacfd2b80d57b468d78205ac49
    ISO-8859 text, with CRLF line terminators
    config.toml
    717f78600fd9ac0705b356657c65ef6b
    ASCII text, with CRLF line terminators
    Cutscene_Models.txt
    823d7a171786c5ea810952b2ffaefce5
    ASCII text, with CRLF line terminators
    Readme (or die).txt
    11e156e72bf71c8f63541153fb4268fc
    ASCII text, with CRLF line terminators
    Readme (ORIGINAL).txt
    d4e723ff5adcd19d36f9f8d7cd0b6d1c
    Unicode text, UTF-8 (with BOM) text, with very long lines (487), with CRLF line terminators
    SA.Rainbomizer.asi
    56d0afd62f691f3968b535fc685206eb
    PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    files - file ~tmp01925d3f.exe
    VirusTotalsuspicious

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
mods2.sharemods.com/cgi-bin/dl.cgi/62ykrsz3vupa6fduhzupa7fbbf3l3ryykww2uiwv3gorzbady7256vy/Rainbomizer_-_SA_Randomizer.7z
49.12.84.254200 OK226 kB