Report - dege.fw.hu/dgVoodoo2/bin/dgVoodoo2_82

Report Overview

Submitted URL
dege.fw.hu/dgVoodoo2/bin/dgVoodoo2_82_5.zip
IP
157.90.171.43
ASN
#24940 Hetzner Online GmbH
Submitted
2024-04-20 14:14:08
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dege.fw.hu	unknown	2000-08-29	2013-01-28	2024-02-11	497 B	5.9 MB	157.90.171.43

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
dege.fw.hu/dgVoodoo2/bin/dgVoodoo2_82_5.zip
IP
157.90.171.43
ASN
#24940 Hetzner Online GmbH

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
5.9 MB (5934668 bytes)
Hash
f18b67e66adca5077e4c839fb568850b
f44c1444996d6fe8daee63be5e333c9a652f7c14
b9d3d7e77e3238e838edf4f24668750ee54861c30f59c178a6734595316f2757

Archive (25)

Filename

Md5

File type

Glide.dll

26087d532b83896812c21b99a68b754d

PE32+ executable (DLL) (GUI) Aarch64, for MS Windows, 6 sections

Glide2x.dll

a25e98e4be00b23d451a691d55c5cf64

PE32+ executable (DLL) (GUI) Aarch64, for MS Windows, 6 sections

Glide3x.dll

cbaa3d1b7ae4f63895b670cec61375e0

PE32+ executable (DLL) (GUI) Aarch64, for MS Windows, 6 sections

Glide.dll

296ecf3a6db731df6ad7c5854f0928d6

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 3 sections

Glide2x.dll

b8b28e2356ac7d0a6424ecad1e547369

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 3 sections

Glide3x.dll

f3a0dddcea486fdf9f142543e6e16d80

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 3 sections

Glide.dll

67be688832735065a20c737e87be2533

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

Glide2x.dll

edb5452db39b8b280bfd2f5d598ddbcb

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

Glide3x.dll

e9708b4b176ac4d9aea27a6cf24d1a2e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

Glide3x.dll

855e1533da10e60229444575d7ac403e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

dgVoodooCpl.exe

0e8865019f08aaa82b2707c4bf523fde

PE32+ executable (GUI) Aarch64, for MS Windows, 6 sections

dgVoodooCpl.exe

f23f83d4669a880e68bb9d6f84d5f416

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

ReadMe.txt

3058ee451a4a7e356656bbf9282207de

ASCII text, with no line terminators

Readme.url

89e2302ad68eec07f7f830438dd8994d

MS Windows 95 Internet shortcut text (URL=<http://dege.fw.hu/dgVoodoo2/ReadmeGeneral/>), ASCII text, with CRLF line terminators

ReadmeDirectX.url

3359554ccc3350e7d66facb186dcb383

MS Windows 95 Internet shortcut text (URL=<http://dege.fw.hu/dgVoodoo2/ReadmeDirectX/>), ASCII text, with CRLF line terminators

ReadmeGlide.url

13020417e1031606de8e653a01c1ba63

MS Windows 95 Internet shortcut text (URL=<http://dege.fw.hu/dgVoodoo2/ReadmeGlide/>), ASCII text, with CRLF line terminators

D3D9.dll

9f09e02420454a9e02690933e5ab8c8b

PE32+ executable (DLL) (GUI) Aarch64, for MS Windows, 9 sections

D3D9.dll

f5efbd726e8f1d032d623d4284f70394

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 3 sections

D3D8.dll

ec797c813538ef97b50a514bc5c2eaf6

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

D3D9.dll

1d388b151769a0f49e085e3c8a05aceb

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

D3DImm.dll

20e673eb82a9781a2df18a4dc508fff1

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

DDraw.dll

bf76122d9085ce251b684f364ad06b3e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

dgVoodoo.conf

ced2dde007abb95e6663abb1a4b5d629

Generic INItialization configuration [GeneralExt]

dgVoodooCpl.exe

a3b73758cf4dd566944963dadaa16575

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

QuickGuide.url

95ea5e2806ade99875457e8a1f306f83

MS Windows 95 Internet shortcut text (URL=<http://dege.fw.hu/dgVoodoo2/QuickGuide/>), ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

dege.fw.hu/dgVoodoo2/bin/dgVoodoo2_82_5.zip

157.90.171.43

200 OK

5.9 MB

URL User Request GET HTTP/1.1
dege.fw.hu/dgVoodoo2/bin/dgVoodoo2_82_5.zip
IP
157.90.171.43:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectdege.freeweb.hu
Fingerprint84:FD:EA:30:25:AA:78:BE:5F:28:58:10:71:85:BE:7B:0B:A9:69:9F
ValidityThu, 21 Mar 2024 08:32:04 GMT - Wed, 19 Jun 2024 08:32:03 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
5.9 MB (5934668 bytes)
Hash
f18b67e66adca5077e4c839fb568850b
f44c1444996d6fe8daee63be5e333c9a652f7c14
b9d3d7e77e3238e838edf4f24668750ee54861c30f59c178a6734595316f2757

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/65

HTTP Headers

GET /dgVoodoo2/bin/dgVoodoo2_82_5.zip HTTP/1.1
Host: dege.fw.hu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 Apr 2024 14:04:54 GMT
Server: Apache
Last-Modified: Tue, 16 Apr 2024 12:10:55 GMT
ETag: "5a8e4c-61635a14aaf40"
Accept-Ranges: bytes
Content-Length: 5934668
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (25)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers