Report - silica.codes/BedrockReverse/McTools/releases/download/v5/McTools%205.zip

Report Overview

Visited public
2024-02-22 21:59:47
Tags
URL
silica.codes/BedrockReverse/McTools/releases/download/v5/McTools%205.zip
Finishing URL
about:privatebrowsing
IP / ASN
209.141.61.156
#53667 PONYNET
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
silica.codes	unknown	2022-04-15	2022-06-06 11:57:32	2024-02-11 02:49:21	526 B	280 kB	209.141.61.156

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
silica.codes/BedrockReverse/McTools/releases/download/v5/McTools%205.zip
IP
209.141.61.156
ASN
#53667 PONYNET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
279 kB (279350 bytes)
Hash
d3e6500d7bcd1f3f2ee1b15869e65e5a
72cb3dbb8ad73503f2087b832be380b1cd9f3274
d448d2f4a3c90cb4345f6661f5a1d25d4ceebf4f70a1f5d3841ed3d9d8d0aa67

Archive (4)

Filename

Md5

File type

LibMcCrypt.dll

ff7187e89821d3c521ea60786e94bbb4

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

McDecryptor.exe

dfc20a2b1716cb9fe01a7a486b62056e

PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

McEncryptor.exe

d37cc2634caf33f62e1aba9979b104db

PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Newtonsoft.Json.dll

081d9558bbb7adce142da153b2d5577a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	silica.codes/BedrockReverse/McTools/releases/download/v5/McTools%205.zip	209.141.61.156	200 OK	279 kB
URL User Request GET HTTP/2 silica.codes/BedrockReverse/McTools/releases/download/v5/McTools%205.zip IP 209.141.61.156:443 ASN #53667 PONYNET Certificate IssuerLet's Encrypt Subjectdb.cbps.xyz Fingerprint1B:48:E6:51:D2:C6:2F:6F:18:51:63:C2:E6:9D:DD:8D:45:A5:84:7C ValidityTue, 23 Jan 2024 06:39:26 GMT - Mon, 22 Apr 2024 06:39:25 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 279 kB (279350 bytes) Hash d3e6500d7bcd1f3f2ee1b15869e65e5a 72cb3dbb8ad73503f2087b832be380b1cd9f3274 d448d2f4a3c90cb4345f6661f5a1d25d4ceebf4f70a1f5d3841ed3d9d8d0aa67 HTTP Headers GET /BedrockReverse/McTools/releases/download/v5/McTools%205.zip HTTP/1.1 Host: silica.codes User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Thu, 22 Feb 2024 21:59:22 GMT content-type: application/octet-stream content-length: 279350 accept-ranges: bytes access-control-expose-headers: Content-Disposition cache-control: private, max-age=300 content-disposition: inline; filename="McTools 5.zip"; filename*=UTF-8''McTools%205.zip etag: "32f70b3d-1aaa-44a6-9289-05c552a60750" last-modified: Tue, 23 Jan 2024 20:24:43 GMT set-cookie: i_like_gitea=a0e8cdc8f227aa6b; Path=/; HttpOnly; Secure; SameSite=Lax _csrf=y6hvCKPtEvwtEeDzryaTNRTDh886MTcwODYzOTE2Mjk3NTgzNzEwMw; Path=/; Max-Age=86400; HttpOnly; Secure; SameSite=Lax x-content-type-options: nosniff x-frame-options: SAMEORIGIN X-Firefox-Spdy: h2

silica.codes/BedrockReverse/McTools/releases/download/v5/McTools%205.zip

209.141.61.156

200 OK

279 kB

URL User Request GET HTTP/2
silica.codes/BedrockReverse/McTools/releases/download/v5/McTools%205.zip
IP
209.141.61.156:443
ASN
#53667 PONYNET

Certificate
IssuerLet's Encrypt
Subjectdb.cbps.xyz
Fingerprint1B:48:E6:51:D2:C6:2F:6F:18:51:63:C2:E6:9D:DD:8D:45:A5:84:7C
ValidityTue, 23 Jan 2024 06:39:26 GMT - Mon, 22 Apr 2024 06:39:25 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
279 kB (279350 bytes)
Hash
d3e6500d7bcd1f3f2ee1b15869e65e5a
72cb3dbb8ad73503f2087b832be380b1cd9f3274
d448d2f4a3c90cb4345f6661f5a1d25d4ceebf4f70a1f5d3841ed3d9d8d0aa67

HTTP Headers

GET /BedrockReverse/McTools/releases/download/v5/McTools%205.zip HTTP/1.1
Host: silica.codes
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 22 Feb 2024 21:59:22 GMT
content-type: application/octet-stream
content-length: 279350
accept-ranges: bytes
access-control-expose-headers: Content-Disposition
cache-control: private, max-age=300
content-disposition: inline; filename="McTools 5.zip"; filename*=UTF-8''McTools%205.zip
etag: "32f70b3d-1aaa-44a6-9289-05c552a60750"
last-modified: Tue, 23 Jan 2024 20:24:43 GMT
set-cookie: i_like_gitea=a0e8cdc8f227aa6b; Path=/; HttpOnly; Secure; SameSite=Lax
_csrf=y6hvCKPtEvwtEeDzryaTNRTDh886MTcwODYzOTE2Mjk3NTgzNzEwMw; Path=/; Max-Age=86400; HttpOnly; Secure; SameSite=Lax
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (4)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers