Report - csafe.pages.dev/downloads/files/C%E7%9B%BE-15.0.zip

Report Overview

Submitted URL
csafe.pages.dev/downloads/files/C%E7%9B%BE-15.0.zip
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 18:24:49
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
csafe.pages.dev	unknown	2020-09-02	2024-03-09	2024-03-09	505 B	923 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
csafe.pages.dev/downloads/files/C%E7%9B%BE-15.0.zip
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
922 kB (922264 bytes)
Hash
abfa8e117fd14c6bab08788946e3f530
88a21cbf0c9bb0f048a3272ff38a42e1d8bb3d8f
4839a6f34691b6ba6ed94a2401b3f45d1ae60f7afaff858f46ed7e6ef84d9aad

Archive (19)

Filename

Md5

File type

C��.dev

2f5b6c43cabac08d1440fa1b89de0001

Windows setup INFormation

C��.exe

24d4a1573999ac88f25517d1de5a0ade

PE32 executable (console) Intel 80386, for MS Windows, 16 sections

C��.ico

8a307cb1282cee1a4b4d2585173c7ebc

MS Windows icon resource - 9 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel

C��.layout

8a58d4e04e1db5ac9b9a03e41c96d88e

Generic INItialization configuration [Editor_0]

C��_private.h

aafe222ab98431a9ab8a3eac2a260669

C source, ISO-8859 text, with CRLF line terminators

C��_private.rc

e2521d7da3d696f95a22be8cebb33213

ISO-8859 text, with CRLF line terminators

C��_private.res

edbd7d20b0fd26cd51deab94ae92c3ae

Intel 80386 COFF object file, no line number info, not stripped, 1 section, symbol offset=0x2d9c0, 1 symbols, 1st section name ".rsrc"

VirusLibrary.libdat

21c9dc9c2bc23656478bfa1bae1459c9

ASCII text, with CRLF line terminators

WhiteList.VirusDat

d41d8cd98f00b204e9800998ecf8427e

Button.h

487b00d81d27513e4a0e10c232381845

C++ source, ISO-8859 text, with CRLF line terminators

DeleteVirus.h

571badf657644f5eb60ea122dd77caef

C++ source, ISO-8859 text, with CRLF line terminators

ElseFunctions.h

5ed88e05e9d12ab1a3f6c4d6801b55d4

C++ source, ISO-8859 text, with CRLF line terminators

ExecuseDestoryProcess.h

54a71a6c65d2696a724446ee171d95db

C++ source, ISO-8859 text, with CRLF line terminators

GetPower.h

487824ef56d82ea45b378d40cee6b26b

C++ source, ISO-8859 text, with CRLF line terminators

PrintScreen.h

2ddd57b54e7be723b69ec3dddac7a578

C++ source, ISO-8859 text, with CRLF line terminators

SHA512.h

966d252a27bd78e6c7fd6d4cfbafffd1

C source, ISO-8859 text, with CRLF line terminators

main.cpp

32c4fc1f0d66196e0a938ffd23cbfc84

C++ source, ISO-8859 text, with CRLF line terminators

main.o

a809f1cd8628ceadbb653e18ecfe2a32

Intel 80386 COFF object file, no line number info, not stripped, 12 sections, symbol offset=0xcf24, 256 symbols, 1st section name ".text"

Makefile.win

70cf78c3cc93475474df291e1ab97685

makefile script, ISO-8859 text, with very long lines (391), with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 5/67

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

csafe.pages.dev/downloads/files/C%E7%9B%BE-15.0.zip

188.114.96.1

200 OK

922 kB

URL User Request GET HTTP/2
csafe.pages.dev/downloads/files/C%E7%9B%BE-15.0.zip
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcsafe.pages.dev
Fingerprint4D:CC:68:A2:09:03:DA:6C:84:FB:BF:DA:2E:0D:D1:81:3F:3D:21:E7
ValidityTue, 07 May 2024 17:23:12 GMT - Mon, 05 Aug 2024 17:23:11 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
922 kB (922264 bytes)
Hash
abfa8e117fd14c6bab08788946e3f530
88a21cbf0c9bb0f048a3272ff38a42e1d8bb3d8f
4839a6f34691b6ba6ed94a2401b3f45d1ae60f7afaff858f46ed7e6ef84d9aad

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 5/67

HTTP Headers

GET /downloads/files/C%E7%9B%BE-15.0.zip HTTP/1.1
Host: csafe.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 18:24:24 GMT
content-type: application/zip
content-length: 922264
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "d5f3fc9b93883cc82af7fdbecb8d3d93"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRpVHPDMGZ61fdDMu%2Bv4mIYyAze0Volj0LasJB0qxYU4wUvWID%2Brs1%2FuybsZX2JF4tNTrKzd2i6LEBCL%2B7DytUWSgAnVNHLakHXmumWifwgkedxcNXlzn8b2OByVkdF947g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b7c84bbc4569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2