Report - floppy.jp.net/setups/win/x86

Report Overview

Submitted URL
floppy.jp.net/setups/win/x86_64.zip
IP
46.226.163.199
ASN
#0
Submitted
2024-05-05 10:56:44
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
floppy.jp.net	unknown	unknown	No data	No data	489 B	4.1 MB	46.226.163.199

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
floppy.jp.net/setups/win/x86_64.zip
IP
46.226.163.199
ASN
#0

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
4.1 MB (4136698 bytes)
Hash
b93258f79657d37fc9d06daeeafe39d2
c7f7cc045b0ad5fc2625e0f1c3a3cc7262274452
668bd40c17e528c384655104085a78357c712d27ef64dd00328bc06e6236f931

Archive (10)

Filename

Md5

File type

floppydriver.exe

9110bcbb814b08f01b0ae636f263851f

PE32+ executable (GUI) x86-64, for MS Windows, 9 sections

wg.exe

e097d10cf0e67983567866f496065320

PE32+ executable (console) x86-64, for MS Windows, 8 sections

wintun.dll

e861eb5789c50997d9476a6172d1c269

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections

FloppyVPN Client.exe

22ba2708e62337861a2ff3035aa2a94c

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

FloppyVPN Client.exe.config

13ff21470b63470978e08e4933eb8e56

XML 1.0 document, ASCII text, with CRLF line terminators

FloppyVPN Client.pdb

cc43307aacbd7d432d87a090942d8b5d

MSVC program database ver 7.00, 512*147 bytes

FloppyVPN-win-shared.dll

45ed27d4fdd359fffccc5e114b0b2d3b

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

FloppyVPN-win-shared.pdb

ba4d5428cfae7356a4bc76752a3b4456

MSVC program database ver 7.00, 512*299 bytes

Newtonsoft.Json.dll

195ffb7167db3219b217c4fd439eedd6

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Newtonsoft.Json.xml

d398ffe9fdac6a53a8d8bb26f29bbb3c

XML 1.0 document, ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	suspicious	VirusTotal - Scan result 1/69

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

floppy.jp.net/setups/win/x86_64.zip

46.226.163.199

200 OK

4.1 MB

URL User Request GET HTTP/2
floppy.jp.net/setups/win/x86_64.zip
IP
46.226.163.199:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectfloppy.jp.net
Fingerprint18:D1:A4:BA:2D:79:FC:7E:19:85:52:F4:5C:13:AC:71:DA:16:C1:FA
ValidityFri, 03 May 2024 19:21:27 GMT - Thu, 01 Aug 2024 19:21:26 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
4.1 MB (4136698 bytes)
Hash
b93258f79657d37fc9d06daeeafe39d2
c7f7cc045b0ad5fc2625e0f1c3a3cc7262274452
668bd40c17e528c384655104085a78357c712d27ef64dd00328bc06e6236f931

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/69

HTTP Headers

GET /setups/win/x86_64.zip HTTP/1.1
Host: floppy.jp.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-type: application/x-zip-compressed
date: Sun, 05 May 2024 10:56:16 GMT
etag: "1da9eb6d802937a"
last-modified: Sun, 05 May 2024 06:38:31 GMT
server: Caddy, Kestrel
content-length: 4136698
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (10)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers