Report - dl.i-funbox.com/ifunbox.zip

Report Overview

Submitted URL
dl.i-funbox.com/ifunbox.zip
IP
209.160.40.71
ASN
#14361 HOPONE-GLOBAL
Submitted
2024-04-17 23:42:53
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dl.i-funbox.com	261174	2008-08-05	2012-06-01	2024-04-16	397 B	17 MB	209.160.40.71

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
dl.i-funbox.com/ifunbox.zip
IP
209.160.40.71
ASN
#14361 HOPONE-GLOBAL

File type
Zip archive data, at least v1.0 to extract, compression method=deflate
Size
17 MB (16806609 bytes)
Hash
c767674c93e74aaf84c33c2905df298a
0ed11766a5cd39b396898a2445f7dfb0a6117c3c
db219247eb53bbea42ddc84eca36cbeb84e54dded113d70a3d5aeec3cb1de01f

Archive (38)

Filename

Md5

File type

iFunBox.exe

706bad184641c55f24b07472894e7d48

PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

vficef.dat

e8c8ee9d665173c2f0aeffe5072dc5c6

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

cefres.dat

0178e320a3ccd30c126378338c1cab0d

PE32 executable (console) Intel 80386, for MS Windows, 4 sections

astcef.dll

2461248382b61f56d97c09968fde5545

Zip archive data, at least v2.0 to extract, compression method=deflate

vfwcef.dat

2832980472378f31997153da30849fe4

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

MediaInfo.dll

4ffb45afb3c2c80ade4a2495c38ba9e9

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

chromeifbc.dll

d2369bea7909412310299a1ee00d48b8

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

defcef.dat

ebf66589da8e667ed6ef6b2bec174194

PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced

libcef.dll

368450176c6484439caf50a002730d6a

PE32 executable (DLL) (console) Intel 80386, for MS Windows, UPX compressed, 3 sections

icudt.dll

852012d6970bb859ffde620fad2e1e34

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

updater.exe

4b4fd5b4c1585fef9448813d5242eba7

PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

updater.ini

7ed8bf6fc5f8c627814cce812197f4b9

ASCII text, with CRLF line terminators

localstrings_ar.utf8

ffd8a5c0e48a3aec2cfe9683804da6b4

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_da.utf8

a7ba31cf69749cdf4f2276990573c788

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_de.utf8

845cf377c0092cd6a46a2a6baafb53cc

Unicode text, UTF-8 (with BOM) text, with very long lines (375), with CRLF line terminators

localstrings_el.utf8

3834d998403b9f08181d81c6bbffe3bc

Unicode text, UTF-8 (with BOM) text, with very long lines (369), with CRLF line terminators

localstrings_es.utf8

5c75717ce71b182210b7944c14716229

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_fa.utf8

dcdaa0b6584356296999d147d11366d3

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_fr.utf8

c8fe5922870ccdd4b1f1305d3959d54a

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_he.utf8

59cd1b493068fc1f5b25857100dd6a1a

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_hr.utf8

4e28392cdf8f5c275c3b2af07c22cf45

Unicode text, UTF-8 (with BOM) text, with very long lines (382), with CRLF, LF line terminators

localstrings_it.utf8

90aa3103256e815809d4273812da754e

Unicode text, UTF-8 (with BOM) text, with very long lines (365), with CRLF line terminators

localstrings_ja.utf8

7f880fe096942df2aee69f8205936584

Unicode text, UTF-8 (with BOM) text, with very long lines (337), with CRLF line terminators

localstrings_ko.utf8

ba954c47d3b98455a974e0820b990a1d

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_nl.utf8

5b845b1ef4fb7e2a8be9e277492d7cbc

Unicode text, UTF-8 (with BOM) text, with very long lines (386), with CRLF line terminators

localstrings_pl.utf8

df848d1fefe2c7793ab8ff135f12793b

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_pt.utf8

1ef710a3b2d6dc628ce9950276d64f19

Unicode text, UTF-8 (with BOM) text, with very long lines (397), with CRLF line terminators

localstrings_ro.utf8

9898656e2f0d3e2b42707be5b91c6cf5

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_ru.utf8

3b00c24bda435416d265f300feaf4bb6

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_tr.utf8

fdc7f5591a4205d63660579d0365deba

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_vi.utf8

4eb521b15c4e0e943a109ca8deabd209

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_th.utf8

c8d25e21697f83ec3d034370eaa1826e

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_no.utf8

a9bdcf5a145290deec27003ba70bb76d

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

localstrings_zh-cn.utf8

ff5cd7bc6faa0dca03bdab494bd9a48b

Unicode text, UTF-8 (with BOM) text, with very long lines (313), with CRLF line terminators

localstrings_zh-tw.utf8

25b9e5f97b778add9ca0eab1572814d8

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

ifunbox.win32.checkupdate.url

0f50f9ee1eccc3c9dbb46751ba97091e

Generic INItialization configuration [InternetShortcut]

ifunbox.win32.tutorial.url

e52b5e3f61e3e027c7f1ca8119274b0e

Generic INItialization configuration [InternetShortcut]

page.ico

0e72d9a0c9c723d9c6ebf9cd7d1dc6f7

MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 4/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

dl.i-funbox.com/ifunbox.zip

209.160.40.71

17 MB

URL User Request GET
dl.i-funbox.com/ifunbox.zip
IP
209.160.40.71:0
ASN
#14361 HOPONE-GLOBAL

File type
Zip archive data, at least v1.0 to extract, compression method=deflate
Size
17 MB (16806609 bytes)
Hash
c767674c93e74aaf84c33c2905df298a
0ed11766a5cd39b396898a2445f7dfb0a6117c3c
db219247eb53bbea42ddc84eca36cbeb84e54dded113d70a3d5aeec3cb1de01f

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 4/65

HTTP Headers

GET /ifunbox.zip HTTP/1.1
Host: dl.i-funbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.2.1
Date: Wed, 17 Apr 2024 23:42:24 GMT
Content-Type: application/zip
Content-Length: 16806609
Last-Modified: Tue, 16 Sep 2014 03:48:59 GMT
Connection: keep-alive
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (38)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers