Report Overview

  1. Submitted URL

    www.sj8.ca/caidao_win.zip

  2. IP

    13.125.112.53

    ASN

    #16509 AMAZON-02

  3. Submitted

    2024-04-25 13:50:39

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    0

  4. Threat Detection Systems

    5

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
www.sj8.caunknownunknownNo dataNo data

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    www.sj8.ca/caidao_win.zip

  2. IP

    13.125.112.53

  3. ASN

    #16509 AMAZON-02

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=store

    Size

    19 MB (18942048 bytes)

  2. Hash

    427f9184ba37fa0339f6c4acd14a64f2

    57b6d7956ce0571fee007354735fba88e6019642

  1. Archive (26)

    2. FilenameMd5File type
    caidao.exe
    d88e62899ce05f8976b56efa06e0adc5
    		PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
    MiniBlink.dll
    0069a01ceb143956ea2015f4a243c967
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Newtonsoft.Json.dll
    8f81c9520104b730c25d90a9dd511148
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    7z.exe
    e86eff95691b1c0e7e4f3e9cb1ae2e49
    		PE32+ executable (console) x86-64, for MS Windows, 6 sections
    app.config
    5515c86b26e02ecaef90d923cbd95bb6
    		JSON text data
    caidao.dll
    dabea4c7b5475ae79584b92ea914bf4a
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    caidao.exe
    e9759e9778424c60adaa1cdb273695e7
    		PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    caidao4.exe
    87c890ae6f2beb4506135b702c9bb50a
    		PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    checkframework.exe
    893c4e88edabd6027f74dd0823ef4e27
    		PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    cnclient.exe
    d4e9de567d67a1e7bb793aa1038409e2
    		PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 6 sections
    firewall.png
    98dd6c741564a8077da2ade2336c491d
    		PNG image data, 1024 x 2087, 8-bit colormap, non-interlaced
    icon_app.ico
    6440edfb10fa0a3e977259c45ffc960d
    		MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
    icon_error.ico
    9b52c596a870b333354b86e276be6b95
    		MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
    icon_neterr.ico
    79c55d9b86627800127375f73043a03e
    		MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
    icon_noca.ico
    01853528badfd6c82a2a8f6070f853f3
    		MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
    icon_nouserid.ico
    996af0da3a4b6c5c0bfe36e090eca5f9
    		MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
    icon_ready.ico
    3b0e57de9db7a7fad5ab84ebb9cab44d
    		MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
    icon_ready_1.ico
    c00a181b49cb1048ee8be401467c3d6a
    		MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
    icon_start.ico
    c779c8f0a4f719208305ca620e8707a3
    		MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
    icon_upgrade.ico
    d68c20db7030056c6f04f7e7c6889a59
    		MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
    splash.bmp
    cb7995a43fdc8069266bb993811f6baa
    		PC bitmap, Windows 3.x format, 760 x 510 x 8, image size 387602, resolution 2834 x 2834 px/m, 254 important colors, cbSize 388672, bits offset 1070
    Interop.IWshRuntimeLibrary.dll
    86db2b145372f8f8f335f7ae43c03e1e
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    MiniBlink.dll
    7a337e1f1c005e834a17a62a49258a80
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Newtonsoft.Json.dll
    3c4d2f6fd240dc804e10bbb5f16c6182
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    node.dll
    6d0abcb043e6a8edd8cec5c6194da263
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections
    update.ver
    0ade8dabf86c17f6105769d963b02bdb
    		ASCII text, with no line terminators

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    meth_get_eip
    VirusTotalsuspicious
    VirusTotal - Scan result 9/65

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
www.sj8.ca/caidao_win.zip
13.125.112.53200 OK19 MB