Report - reqrypt.org/download/WinDivert-1.3.0-WDDK.zip

Report Overview

Visitedpublic

2025-01-05 08:12:37

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
reqrypt.org	unknown	2010-12-16	2013-11-30	2024-12-28	499 B	155 kB	172.67.132.243

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

reqrypt.org/download/WinDivert-1.3.0-WDDK.zip

IP / ASN

172.67.132.243

#13335 CLOUDFLARENET

File Overview

File TypeZip archive data, at least v1.0 to extract, compression method=store

Size154 kB (153724 bytes)

MD5502dfa2c52b08049e869f214450f1cf0

SHA1b230792bd930761e7f42d3508235edd86d24bf98

SHA256a33653db27045e7a1a164ca15043b294cfe78c55b2cbd38125224c8df2578ba4

Archive (22)

Modified	Filename	Size	MD5	File type
2017-10-17 21:02	LICENSE	40 kB	42316ce53f67d80ce6ae669032acaabc	ASCII text
2017-10-17 21:02	webfilter.exe	11 kB	0b29cbdc20e2629a4ccf4ce29db299db	PE32+ executable (console) x86-64, for MS Windows, 4 sections
2017-10-17 21:02	streamdump.exe	12 kB	4f94255264a6c477364d0608cb823ed6	PE32+ executable (console) x86-64, for MS Windows, 4 sections
2017-10-17 21:02	netfilter.exe	11 kB	4bd0b7e9df629efd4064fe28e5ac9e89	PE32+ executable (console) x86-64, for MS Windows, 4 sections
2017-10-17 21:02	WinDivert64.sys	48 kB	d6f42128c81965e12578feca7dac500f	PE32+ executable (native) x86-64, for MS Windows, 7 sections
2017-10-17 21:02	netdump.exe	11 kB	69ffbb51c31df44df5c27cd0e65374ef	PE32+ executable (console) x86-64, for MS Windows, 4 sections
2017-10-17 21:02	WinDivert.dll	22 kB	ee42f18f56e8ab20103d0eacc6cb3056	PE32+ executable (DLL) (console) x86-64, for MS Windows, 4 sections
2017-10-17 21:02	passthru.exe	7.7 kB	b57e04826b0bcb63c5475896db4691e7	PE32+ executable (console) x86-64, for MS Windows, 4 sections
2017-10-17 21:02	WinDivert.lib	5.0 kB	c5f319be080814b3ab7972a5d2ac97fb	current ar archive
2017-10-17 21:02	webfilter.exe	10 kB	fc7c9a2b768eca1756fed64d853b5395	PE32 executable (console) Intel 80386, for MS Windows, 3 sections
2017-10-17 21:02	streamdump.exe	11 kB	91afff58fb51288fd45050968b803ee6	PE32 executable (console) Intel 80386, for MS Windows, 3 sections
2017-10-17 21:02	netfilter.exe	9.7 kB	464f5d269c5f9760191e51ff089209af	PE32 executable (console) Intel 80386, for MS Windows, 3 sections
2017-10-17 21:02	netdump.exe	9.2 kB	c7054ac6f3e29f4b4bfff92e5322c050	PE32 executable (console) Intel 80386, for MS Windows, 3 sections
2017-10-17 21:02	WinDivert.dll	18 kB	ac68537d316919a78b57ea6f90be7cf2	PE32 executable (DLL) (console) Intel 80386, for MS Windows, 3 sections
2017-10-17 21:02	passthru.exe	6.1 kB	60a2f97505253ceb6da86b1ad19751ab	PE32 executable (console) Intel 80386, for MS Windows, 3 sections
2017-10-17 21:02	WinDivert32.sys	41 kB	ecab976e5b0434685524ba6d534301a5	PE32 executable (native) Intel 80386, for MS Windows, 6 sections
2017-10-17 21:02	WinDivert.lib	5.3 kB	76bfc71307c6bfe028bcde69dcbd4b9f	current ar archive
2017-10-17 21:02	CHANGELOG	4.2 kB	5476965d9afb0bdbb40f67ffe61b246a	ASCII text
2017-10-17 21:02	VERSION	6 B	0589f66713bc44029a1a720b9a0d850d	ASCII text
2017-10-17 21:02	WinDivert.html	53 kB	3a29d3588b6b26c43e3b2a22bbba5de7	HTML document, ASCII text
2017-10-17 21:02	README	4.9 kB	a450dd8d20fb7b02e2fa4d27a8d889f1	ASCII text
2017-10-17 21:02	windivert.h	12 kB	ee239ac964935bda46fc491e6cf3ff8e	C source, ASCII text

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects WinDivert User-Mode packet capturing driver
Public Nextron YARA rules	malware	Detects WinDivert User-Mode packet capturing driver

JavaScript (0)

HTTP Transactions (1)

	URL	IP	Response	Size