Report - dennisbareis.com/regina/r08h_w32.zip

Report Overview

Submitted URL
dennisbareis.com/regina/r08h_w32.zip
IP
67.227.214.110
ASN
#32244 LIQUIDWEB
Submitted
2024-05-05 06:30:48
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dennisbareis.com	unknown	2006-03-05	2012-06-25	2024-02-29	490 B	408 kB	67.227.214.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
dennisbareis.com/regina/r08h_w32.zip
IP
67.227.214.110
ASN
#32244 LIQUIDWEB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
408 kB (408081 bytes)
Hash
5be620d9b6f4757e5d7cd033b751587d
8aea890549e553c8d135e8a316904ee7d1f6c694
c5299854d9334e7dcb62dfcbe820a75e71708ec86392072f1d53cb55edc20725

Archive (27)

Filename

Md5

File type

regina.exe

6abba450b873ac5f34d727ba09d282b7

PE32 executable (console) Intel 80386, for MS Windows, 4 sections

regina.dll

7adc507bb9ad1608c99ff022adc9a47a

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

rexx.lib

0a41b13010638bfc9e474a2d9456e855

current ar archive

regina.lib

92c3bc326533e93b0591543f2952353c

current ar archive

test1.dll

48def9b3314dbe6130eb1e72b44d973e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

test2.dll

e8e0e1f534e491d7ad96aa715698318f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

COPYING-LIB

abcbe52f17cb23c87bbbf0be63ef8753

ASCII text, with CRLF line terminators

rexxsaa.h

a0ef080470cfa158d9a9dda1378d8925

C source, ASCII text, with CRLF line terminators

README.08a

1976d37ef9db6792b3eb6acc38f0e9bb

ASCII text, with CRLF line terminators

README.08b

27691af7b94304041be429569c3aa704

ASCII text, with CRLF line terminators

README.08c

6787194b79dcd795c50ef2466f78474a

ASCII text, with CRLF line terminators

README.08d

e945634a63a43203467bc733bfee20ce

ASCII text, with CRLF line terminators

README.08e

b92e603b489032d600211548f47945ba

ASCII text, with CRLF line terminators

README.08f

99da60f29b272a85c49304c7a54a0256

ASCII text, with CRLF line terminators

README.08g

5b3847144e45e9b01f19f41606d420d9

ASCII text, with CRLF line terminators

README.08h

b139c69ece72b6dc82b9fe9808b13a55

ASCII text, with CRLF line terminators

BUGS

b7c0db3e13b83334076b426ae72dd955

OS/2 REXX batch file, ASCII text, with CRLF line terminators

README

f3df99da9c4b3a7d3a72f88a3cc3f30e

ASCII text, with CRLF line terminators

file_id.diz

1433dd98afeb4bcf5a066539c84598d3

ISO-8859 text, with CRLF line terminators

animal.rexx

6bda959a8d57e31b91fa6c0df6a5a6c3

OS/2 REXX batch file, ASCII text, with CRLF line terminators

block.rexx

86ca2b5e52d911055e5280d42bccb9c8

a /local/bin/rexx script, ASCII text executable, with CRLF line terminators

dateconv.rexx

247f295f6cbba41f1a760fe10cefb84d

a /local/bin/rexx script, ASCII text executable, with CRLF line terminators

dynfunc.rexx

cdddf18a1edc809e2fb3402ef8bf2c33

a /local/bin/rexx script, ASCII text executable, with CRLF line terminators

newstr.rexx

433cd0a94210aae42bd1f7f368944011

a /local/bin/rexx script, ASCII text executable, with CRLF line terminators

rexxcps.rexx

e227cb0b48456496eb3362b00584c30e

OS/2 REXX batch file, ASCII text, with CRLF line terminators

testeof.rexx

7773a9e1867cf44086537281f5fe667a

OS/2 REXX batch file, ASCII text, with CRLF line terminators

timeconv.rexx

b4f8917fa5f0a31ffdddad4ecfd6fb32

a /local/bin/rexx script, ASCII text executable, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

dennisbareis.com/regina/r08h_w32.zip

67.227.214.110

200 OK

408 kB

URL User Request GET HTTP/2
dennisbareis.com/regina/r08h_w32.zip
IP
67.227.214.110:443
ASN
#32244 LIQUIDWEB

Certificate
IssuerLet's Encrypt
Subject*.dennisbareis.com
Fingerprint66:41:E3:8F:0C:A5:06:48:00:73:A5:3D:7B:E7:C8:30:7A:BC:05:2C
ValidityMon, 29 Apr 2024 20:13:28 GMT - Sun, 28 Jul 2024 20:13:27 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
408 kB (408081 bytes)
Hash
5be620d9b6f4757e5d7cd033b751587d
8aea890549e553c8d135e8a316904ee7d1f6c694
c5299854d9334e7dcb62dfcbe820a75e71708ec86392072f1d53cb55edc20725

HTTP Headers

GET /regina/r08h_w32.zip HTTP/1.1
Host: dennisbareis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/zip
last-modified: Mon, 06 Nov 2017 01:57:08 GMT
accept-ranges: bytes
content-length: 408081
date: Sun, 05 May 2024 06:30:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2