Report Overview

  1. Submitted URL

    0x0.st/XbvN.zip

  2. IP

    168.119.145.117

    ASN

    #24940 Hetzner Online GmbH

  3. Submitted

    2024-10-22 01:21:14

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    1

  4. Threat Detection Systems

    8

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
0x0.stunknown2015-02-262015-04-222024-10-16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
lowClient IP 168.119.145.117
ET INFO File Sharing Domain Observed in TLS SNI (0x0 .st)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Mnemonic Secure DNS

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    0x0.st/XbvN.zip

  2. IP

    168.119.145.117

  3. ASN

    #24940 Hetzner Online GmbH

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=deflate

    Size

    1.3 MB (1322311 bytes)

  2. Hash

    0bfbbff8e9c6a6a506199fc1d01ba0f0

    340a0093745328a28eb2476b6f6472202f7b9290

  1. Archive (59)

    2. FilenameMd5File type
    DXGIODScreenshot.dll
    25c632cd2f529ba142fa706205ac00c9
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections
    learnmore.url
    61cbfb8ca48b0be0bc4d2f3c286d5b2e
    		MS Windows 95 Internet shortcut text (URL=<http://app.prntscr.com/learnmore.html>), ASCII text
    learnmore_ru.url
    2965233936b91bd8bb3d9eeaf91fa6ae
    		MS Windows 95 Internet shortcut text (URL=<http://app.prntscr.com/ru/learnmore.html>), ASCII text
    Lightbase.dll
    f256a9c7e68a249fe760019d19c022ce
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections
    Lightshot.dll
    34599b979f2b176a2f0da646bc3a9a6e
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
    Lightshot.exe
    1e1c83b9680029ad4a9f8d3b3ac93197
    		PE32 executable (GUI) Intel 80386, for MS Windows, 7 sections
    ar.txt
    cd83a38536ef1ac82033c88b40c1c299
    		Unicode text, UTF-8 (with BOM) text, with very long lines (610)
    be.txt
    1e03eaea8317f8957e3550c5cbe7b1c2
    		Unicode text, UTF-8 (with BOM) text, with very long lines (960)
    bg.txt
    bb52b0a262414eb4d611072e7adf8c58
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1008)
    bn-BD.txt
    bcb08db5044b9ecd6fdd972342919e64
    		Unicode text, UTF-8 (with BOM) text, with very long lines (964)
    bs.txt
    e53d7fdae82fe462bd51c0b1ae52cfd7
    		Unicode text, UTF-8 (with BOM) text, with very long lines (972)
    ca.txt
    b85e43201c3d051f8d4f5e7210e6e0bc
    		Unicode text, UTF-8 (with BOM) text
    cs.txt
    b69442c812103e4d0679a07d0eec0af8
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1017)
    da.txt
    ec2bce92371b3a0b2dc4c4fc5ceb52d0
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1050)
    de.txt
    d115749dc09721fa6c20257afc71a64d
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1109)
    el.txt
    25cc5eb2a8e15d7903a31c83b0db5096
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1126)
    en.txt
    4d195562c84403dd347bd2c45403efc5
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1009)
    es.txt
    c7532fcf181919333e0a247e447cf56e
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1059)
    et.txt
    2b75c4a44b3d45b7f412638b34fc3d0e
    		Unicode text, UTF-8 (with BOM) text, with very long lines (972)
    fa.txt
    a91d80cb2770ea0bd50db9690fc5d6df
    		Unicode text, UTF-8 (with BOM) text
    fi.txt
    1fecea4e623ec7b0dff4457589d2a901
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1037)
    fr.txt
    61c9c831a6c90d4c7e34de114cf01ad2
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1243)
    gl.txt
    6af8d75a375bf14ce817227fa848b8c4
    		Unicode text, UTF-8 (with BOM) text
    he.txt
    3ca46c43929b540f39daff85dd06bfeb
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1009)
    hr.txt
    8b7c86791cb7a6cc264bb6d6f086ccea
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1021)
    hu.txt
    5765dd5fca07300f79ad162f5bdee1bf
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1014)
    hy.txt
    2aae7af8598c3bc89b17cb8f36a0bd59
    		Unicode text, UTF-8 (with BOM) text, with very long lines (887)
    id.txt
    0fca4bd83616afbb1979a4e191f0d8b4
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1077)
    is.txt
    6ea5af7f09d1cdd8929b1d6c2f8b9dfd
    		Unicode text, UTF-8 (with BOM) text
    it.txt
    a3c763a6ab5795aa432071dff7262d22
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1093)
    ja.txt
    4582b37d89f133893f2095d7b57a3ad1
    		Unicode text, UTF-8 (with BOM) text
    ka.txt
    4d839f6c4db8b58158ba136bbe209e50
    		Unicode text, UTF-8 (with BOM) text, with very long lines (321)
    ko.txt
    99f15556368a9025a678ae20e3e5edb4
    		Unicode text, UTF-8 (with BOM) text, with very long lines (758)
    ku.txt
    adda7b38acb9923473e8e5f8fe9555f0
    		Unicode text, UTF-8 (with BOM) text
    lt.txt
    bdd17ab1eda8488b8cfe02327df05f90
    		Unicode text, UTF-8 (with BOM) text, with very long lines (606)
    lv.txt
    282e5b1c57e18fa97a4d54afefdf2485
    		Unicode text, UTF-8 (with BOM) text
    mk.txt
    70ba5c9c3e83584713663332bcf0ed60
    		Unicode text, UTF-8 (with BOM) text
    nb-NO.txt
    70f2cb3f106ab633bd97214ffc1ed887
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1120)
    nl.txt
    1dbf0c68099cdaa5f8800dc14aa2f5b0
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1094)
    pl.txt
    b42697871a6ad6a19e4825a1949aab85
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1029)
    pt-br.txt
    09540a630d97751b5b922d9a54d72fe4
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1055)
    pt-PT.txt
    c5d8fb04c0a7be0d53fd031090bc36f8
    		Unicode text, UTF-8 (with BOM) text, with very long lines (651)
    ro.txt
    62946d959f30092fe18cd081d90a1135
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1014)
    ru.txt
    45bf9b5d594b33a064ae4c04c4c3c96a
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1201)
    sk.txt
    1ccb1d13bef7fe4bcbde7e8adf3c7f51
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1086)
    sl.txt
    8990e3dc38d9e65460480f257204e37d
    		Unicode text, UTF-8 (with BOM) text
    sq.txt
    c472aae2b0373e15a29d72b3cf5e0e3d
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1121)
    sr-Cyrl.txt
    b59655503491ede3f4e384d1cd1d4b92
    		Unicode text, UTF-8 (with BOM) text
    sr.txt
    6f6d725ef25a08411050a1b8b64971ed
    		Unicode text, UTF-8 (with BOM) text, with very long lines (984)
    sv.txt
    9f1dc3aecd16265a7c7a6d6267fb5f98
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1028)
    th.txt
    b120214a70252ea6e6676ef8abc25f5c
    		Unicode text, UTF-8 (with BOM) text
    tr.txt
    a6a1b66fa9e552bf131cf58d1ec6d5e9
    		Unicode text, UTF-8 (with BOM) text, with very long lines (922)
    uk.txt
    27c710c7c361a9b94703bd1c4c717522
    		Unicode text, UTF-8 (with BOM) text, with very long lines (910)
    ur.txt
    9ef4a08c21e1448bed2d3dcf8ae3b922
    		Unicode text, UTF-8 (with BOM) text, with very long lines (958)
    vi.txt
    1519db2c13a378136674b71398dfaa6d
    		Unicode text, UTF-8 (with BOM) text, with very long lines (1062)
    zh-CN.txt
    facf10f05e9598e2f8254ceae56e3e0c
    		Unicode text, UTF-8 (with BOM) text, with very long lines (628)
    zh-TW.txt
    e57f6619ff7b09b3d7038553a3d24e0f
    		Unicode text, UTF-8 (with BOM) text
    sqlite3.dll
    393c753ee7428caa420700b881fccf18
    		data
    uploader.dll
    08cf9e363d79c9379cabd75382131315
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    pe_detect_tls_callbacks
    YARAhub by abuse.chmalware
    pe_detect_tls_callbacks
    YARAhub by abuse.chmalware
    files - file ~tmp01925d3f.exe
    YARAhub by abuse.chmalware
    pe_detect_tls_callbacks
    YARAhub by abuse.chmalware
    pe_detect_tls_callbacks
    YARAhub by abuse.chmalware
    pe_detect_tls_callbacks
    VirusTotalsuspicious
    VirusTotal - Scan result 1/69

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
0x0.st/XbvN.zip
168.119.145.117200 OK1.3 MB