Report - dr-dl-4.xyz/drv/old/5x86-Laser-ML-1660-drp.zip

Report Overview

Submitted URL
dr-dl-4.xyz/drv/old/5x86-Laser-ML-1660-drp.zip
IP
89.41.180.203
ASN
#25198 Interkvm Host Srl
Submitted
2024-03-28 16:49:22
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dr-dl-4.xyz	unknown	2023-06-04	2023-06-04	2024-03-24	500 B	4.2 MB	89.41.180.203

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
dr-dl-4.xyz/drv/old/5x86-Laser-ML-1660-drp.zip
IP
89.41.180.203
ASN
#25198 Interkvm Host Srl

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
4.2 MB (4152638 bytes)
Hash
6d0a444e5a249ff60d8285cdf615d9d3
6eb710d1a990e6287c9940c457529429550d8ae4
40aee5f86fb847eb5e5c19394cb53411c0c64acae1be7babb9a5054316e36bf1

Archive (80)

Filename

Md5

File type

coinst.dll

6f70e4892bf39ca40f4e8722c9ab9b3a

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

coinst.exe

36089584fc093a8512f427733a798c6c

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

itdrv.dll

6a782b5818a87a353461143d9ac118c1

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

itdrvLC.bmp

5d3415e323e03bc82679f3cc03765f68

PC bitmap, Windows 3.x format, 84 x 16 x 24, image size 4032, cbSize 4086, bits offset 54

itdrvM1.bmp

eec54cda91b4fcfb2604ab69cb979ae0

PC bitmap, Windows 3.x format, 128 x 77 x 24, image size 29570, resolution 2834 x 2834 px/m, cbSize 29624, bits offset 54

itdrvM2.bmp

8fb8b65bf2fb5e9a4ec877aa4a8e8126

PC bitmap, Windows 3.x format, 128 x 77 x 24, image size 29570, resolution 2834 x 2834 px/m, cbSize 29624, bits offset 54

itdrvM3.bmp

bd87205afe90ae2a72b5bb4a5fe0a84a

PC bitmap, Windows 3.x format, 128 x 77 x 32, image size 39426, resolution 2834 x 2834 px/m, cbSize 39480, bits offset 54

itdrvab.chm

ac046b7fbe994627d8e9c9c94dd147db

MS Windows HtmlHelp Data

itdrvab.xml

21ffa154617ae256fc34aadef63fef37

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvbp.chm

0f28b23c9f2fa78789bb837dc6b3c666

MS Windows HtmlHelp Data

itdrvbp.xml

9521496d09bfcf7bd31172501dda0198

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvcp.chm

330bc11c0f4ee51178387081331a68ed

MS Windows HtmlHelp Data

itdrvcp.xml

7a3be00d2e8af65c7608db7d7f09de7a

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvct.chm

0f64ea258c14a3d09910eff0b83679d8

MS Windows HtmlHelp Data

itdrvct.xml

5b1a96e19a04b34a5b5f868b62cbdb0e

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvcz.chm

8359752670793680bb48570bd741856c

MS Windows HtmlHelp Data

itdrvcz.xml

edda9e96b2b1e043c44481820172890f

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvdn.chm

46c0427756cc06e02ee1d54b48d0b0ae

MS Windows HtmlHelp Data

itdrvdn.xml

a0d10f491c83188cfe64d837f8e7a222

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvdt.chm

8d381d90a300f0971384e4800d5a42ae

MS Windows HtmlHelp Data

itdrvdt.xml

783bd3bcbbf4f61fcc2d3a868a28907c

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvdu.dll

ce47a03a6e55799aa5f4f9fdc8cea138

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

itdrvel.chm

1175ef68a64c348d7e15acc323a017c0

MS Windows HtmlHelp Data

itdrvel.xml

90999644fc066d47a81efca094799419

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrven.chm

0bc94e015a45d6d903e4ae1026e5ee69

MS Windows HtmlHelp Data

itdrven.xml

46efe1a3e874756a7cd2dfe89e496294

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvex.exe

177bfcaec6ee885b8544184d0e5aad9f

PE32 executable (console) Intel 80386, for MS Windows, 4 sections

itdrvf.xml

87cdb46526eaf57b189ffdcdd66250b7

XML 1.0 document, ASCII text

itdrvfi.chm

30ba9cb9f3fdecb2ef295031e7613702

MS Windows HtmlHelp Data

itdrvfi.xml

0b1c44727c97f85f4f831e65d03b3624

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvfn.chm

d500d5a231e9dad8ebd45b5209e8603d

MS Windows HtmlHelp Data

itdrvfn.xml

b003bbd434ffc8612392f0a5f9190b61

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvgr.chm

72f9a9d89f8b4858673114c9e2bb753e

MS Windows HtmlHelp Data

itdrvgr.xml

7f01293bd315df2d0bdc3f426ed336d2

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvhb.chm

7fac4cdbd2ba281323fd743986b39b32

MS Windows HtmlHelp Data

itdrvhb.xml

59372f8097e932bbcb6947d7193a33f5

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvhu.chm

f24d2359569b65481a8e76e17e73c8e5

MS Windows HtmlHelp Data

itdrvhu.xml

9a541a2d9549c5b8e5713df369de2f99

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvio.dll

e2b9b0cc27769108d8e2ed2f525096ee

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

itdrvit.chm

dec9f684cbcbaab5543ca670e5e19114

MS Windows HtmlHelp Data

itdrvit.xml

c432b2ac5f80b4c5b176b31f6a233e55

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvkr.chm

d85ccb74cbc4ef6a4bd47efa1664563d

MS Windows HtmlHelp Data

itdrvkr.xml

a8bafc60d7bec263ec1e4ff6c26ba0ac

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvlf.dll

b4fe97c34c05384048ad63b822a32ca1

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

itdrvm.dll

7ecef25696a5880c71e7dc579a7df11d

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

itdrvn.dll

8e9de64ce88febaa33ed4de901b977ce

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

itdrvnr.chm

bf7755a1ec861120608f40723d9f0ebf

MS Windows HtmlHelp Data

itdrvnr.xml

557f5dcd57c3c420ace42226d6730293

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvo.dll

41a92171cf287cd614046f6819868b84

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

itdrvpc.dll

dd0da53d125f6bbfceabbafebd70dad1

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

itdrvpo.chm

f08ad5330f2bbbedec000cf1accd2d5d

MS Windows HtmlHelp Data

itdrvpo.xml

82c7abe7c817e02ae79726a29a943baf

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvpp.dll

e30b7e95b69f3516b4d4c426813b9233

PPD file, version "4.3"

itdrvpt.chm

253d790104625af3e7bbb6e44365ba1b

MS Windows HtmlHelp Data

itdrvpt.xml

740faa0877162915e1c42800afee70c5

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvru.chm

877c98fab26b0614dcdc20364914bc84

MS Windows HtmlHelp Data

itdrvru.xml

71bc8b634ed5aef614b00656aa7cdfff

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvsc.dll

b3ebba8284781beec8e4d4cf3f76d31a

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

itdrvsf.dll

6b54ec93f974c4c754517d23c39ac729

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

itdrvsp.chm

01368930d536bd497e5e61c4adea80c8

MS Windows HtmlHelp Data

itdrvsp.xml

fb5921f957d534b22ba4af598de2aa40

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvsw.chm

c94f91ad7960521bb857e99abbcbbccd

MS Windows HtmlHelp Data

itdrvsw.xml

06b4ebf871b01e1ad917f42960c51de7

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvtk.chm

4f77c6fbfc3712c390527ac387af2701

MS Windows HtmlHelp Data

itdrvtk.xml

67799f4d2a169d9dd52a7fcd56f7907e

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

itdrvuc.dll

a6ecc91bbb69c2823495c5f55cc5c362

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

itdrvum.dll

e9467762b9b1d40c656e460c766aeb47

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

itdrvum.xml

45bc8811a2cf5564f1cbbebeaa6af83b

XML 1.0 document, ASCII text, with CRLF line terminators

itdrvur.dll

0d6ea2de5ae5ad2521166f5961668d5c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

itdrvxc.bmp

351df9163297d2f694d217fc599040ed

PC bitmap, Windows 3.x format, 51 x 17 x 24, image size 2652, cbSize 2706, bits offset 54

itdrvyc.BMP

5699ca6733923adb6735f9fadcea791b

PC bitmap, Windows 3.x format, 753 x 217 x 24, image size 490420, resolution 2834 x 2834 px/m, cbSize 490474, bits offset 54

ssp7m.cat

6db95dcc9b11180f9bb31ba5c11017b5

DER Encoded PKCS#7 Signed Data

ssp7m.inf

29ad2e9fb71475cc5a3feb9e5dab1ab9

Windows setup INFormation

ssp7mc.xml

5260f0d1c99e30720bc0cb9537098182

XML 1.0 document, ASCII text, with CRLF line terminators

ssp7ml3.SMT

e3cc8152171b46fa94780f30224bf0f4

Generic INItialization configuration [DevMon]

ssp7ml3.dll

ce3de5ab08fda79254c96cd8e0b60b85

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

ssp7mp.xml

0ffc073c804107b271b1b1daade2066a

XML 1.0 document, ASCII text

ssp7mpp.ver

1ef7bfa3166f3c02b13dc697e2a0407a

Windows setup INFormation

ssp7msc.cts

9d9a848e768ec0a6c45aa869814d01ac

data

ssp7mu.bmp

5ba990ad747c2c92d1c42a09b496fa4e

PC bitmap, Windows 3.x format, 117 x 197 x 24, image size 69346, resolution 2834 x 2834 px/m, cbSize 69400, bits offset 54

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	dr-dl-4.xyz/drv/old/5x86-Laser-ML-1660-drp.zip	89.41.180.203	200 OK	4.2 MB
URL User Request GET HTTP/1.1 dr-dl-4.xyz/drv/old/5x86-Laser-ML-1660-drp.zip IP 89.41.180.203:443 ASN #25198 Interkvm Host Srl Certificate IssuerLet's Encrypt Subjectdr-dl-4.xyz FingerprintB5:BA:48:A9:8B:9D:7B:22:B6:1C:D2:D5:0E:56:7D:EB:CA:6E:4C:54 ValidityMon, 12 Feb 2024 17:40:37 GMT - Sun, 12 May 2024 17:40:36 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 4.2 MB (4152638 bytes) Hash 6d0a444e5a249ff60d8285cdf615d9d3 6eb710d1a990e6287c9940c457529429550d8ae4 40aee5f86fb847eb5e5c19394cb53411c0c64acae1be7babb9a5054316e36bf1 HTTP Headers `GET /drv/old/5x86-Laser-ML-1660-drp.zip HTTP/1.1 Host: dr-dl-4.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx-n.wtf/1.25.2 Date: Thu, 28 Mar 2024 16:48:54 GMT Content-Type: application/zip Content-Length: 4152638 Last-Modified: Sun, 24 Mar 2024 01:40:42 GMT Connection: keep-alive ETag: "65ff849a-3f5d3e" Accept-Ranges: bytes`

dr-dl-4.xyz/drv/old/5x86-Laser-ML-1660-drp.zip

89.41.180.203

200 OK

4.2 MB

URL User Request GET HTTP/1.1
dr-dl-4.xyz/drv/old/5x86-Laser-ML-1660-drp.zip
IP
89.41.180.203:443
ASN
#25198 Interkvm Host Srl

Certificate
IssuerLet's Encrypt
Subjectdr-dl-4.xyz
FingerprintB5:BA:48:A9:8B:9D:7B:22:B6:1C:D2:D5:0E:56:7D:EB:CA:6E:4C:54
ValidityMon, 12 Feb 2024 17:40:37 GMT - Sun, 12 May 2024 17:40:36 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
4.2 MB (4152638 bytes)
Hash
6d0a444e5a249ff60d8285cdf615d9d3
6eb710d1a990e6287c9940c457529429550d8ae4
40aee5f86fb847eb5e5c19394cb53411c0c64acae1be7babb9a5054316e36bf1

HTTP Headers

GET /drv/old/5x86-Laser-ML-1660-drp.zip HTTP/1.1
Host: dr-dl-4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx-n.wtf/1.25.2
Date: Thu, 28 Mar 2024 16:48:54 GMT
Content-Type: application/zip
Content-Length: 4152638
Last-Modified: Sun, 24 Mar 2024 01:40:42 GMT
Connection: keep-alive
ETag: "65ff849a-3f5d3e"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (80)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers