Report - q5r8g8c5.rocketcdn.me/wp-content/uploads/2016/07/TurboV_Core

Report Overview

Visitedpublic

2024-03-14 12:43:40

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
q5r8g8c5.rocketcdn.me	unknown	2018-10-29	2024-03-04 10:43:52	2024-03-04 10:43:52	528 B	1.1 kB	194.242.11.186
overclocking.com	361013	unknown	2014-11-28 07:55:02	2023-01-03 06:26:43	522 B	14 MB	185.100.5.50

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

overclocking.com/wp-content/medias/2016/07/TurboV_Core_1.00.Z170.zip

IP / ASN

185.100.5.50

#35393 CTS Computers and Telecommunications Systems SAS

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=store

Size14 MB (14536456 bytes)

MD5b2e64075238978818d19396c62f949d3

SHA122901e4d347902f2039fb13cdae471a9988c80af

SHA25634dd0c6ee6b87c0bd873a448f6cae3974d67b7ad3b406456a93a937e58027d88

Archive (60)

Modified	Filename	Size	MD5	File type
2014-09-26 21:40	AsAcpiIns.exe	46 kB	854f453b3426dea4cc1526371ec70f7a	PE32+ executable (console) x86-64, for MS Windows, 4 sections
2014-09-26 21:40	install.ini	515 B	55c51f8fe5a1b12986394c4ca573e049	Generic INItialization configuration [WINXP]
2014-09-26 21:40	asacpi.cat	11 kB	39a0844d3dbef06b011f48f34d1102f9	DER Encoded PKCS#7 Signed Data
2014-09-26 21:40	AsAcpi.inf	1.5 kB	7147030cbbff401efaff21c09737ed53	Windows setup INFormation
2014-09-26 21:40	Asacpi.sys	8.2 kB	cac3bb575e4a0417bff28d3196e44d3a	PE32+ executable (native) x86-64, for MS Windows, 7 sections
2014-09-26 21:40	asacpi.cat	7.4 kB	2c4abfd0430858bb6e526a8819e96fd1	DER Encoded PKCS#7 Signed Data
2014-09-26 21:40	AsAcpi.inf	1.5 kB	10ab3e55fb67e7a933c9d97af5e3e65d	Windows setup INFormation
2014-09-26 21:40	Asacpi.sys	15 kB	19b006b181e3875fd254f7b67acf1e7c	PE32+ executable (native) x86-64, for MS Windows, 7 sections
2014-09-26 21:40	asacpi.cat	8.0 kB	42df4e91f8b5a2a9db8b7bd9bfe987ae	DER Encoded PKCS#7 Signed Data
2014-09-26 21:40	AsAcpi.inf	1.5 kB	b4bbf3ca64e2cf2f1a312b58d5ba3195	Windows setup INFormation
2014-09-26 21:40	Asacpi.sys	16 kB	6936198f2cc25b39cf5262436c80df46	PE32+ executable (native) x86-64, for MS Windows, 7 sections
2014-09-26 21:40	AsAcpiIns.exe	44 kB	30fd6e30447e0cae0438118963ef9af4	PE32 executable (console) Intel 80386, for MS Windows, 4 sections
2014-09-26 21:40	install.ini	518 B	0eba7a3a3a4c360ba5c4a85f4d32e765	Generic INItialization configuration [WINXP]
2014-09-26 21:40	asacpi.sys	5.8 kB	d48659bb24c48345d926ecb45c1ebdf5	PE32 executable (native) Intel 80386, for MS Windows, 7 sections
2014-09-26 21:40	ATK2000.CAT	7.8 kB	b24c02aac252e974d4f6a03fbb67e409	DER Encoded PKCS#7 Signed Data
2014-09-26 21:40	ATK2000.INF	2.1 kB	0faef21d2c59944f9c3ea62ac17eb82b	Windows setup INFormation
2014-09-26 21:40	asacpi.cat	7.4 kB	6dd3a68191b715f7a135805280437ab7	DER Encoded PKCS#7 Signed Data
2014-09-26 21:40	AsAcpi.inf	1.5 kB	f0494a29b6cd47efc1eae6757871d2bb	Windows setup INFormation
2014-09-26 21:40	Asacpi.sys	13 kB	cbe71c122434805cb73ffb6619f60598	PE32 executable (native) Intel 80386, for MS Windows, 7 sections
2014-09-26 21:40	asacpi.cat	8.0 kB	12148b2fc0026d2ea2507e41198443a1	DER Encoded PKCS#7 Signed Data
2014-09-26 21:40	AsAcpi.inf	1.5 kB	74d30e706ebc1663164fb3b7a93b9665	Windows setup INFormation
2014-09-26 21:40	AsAcpi.sys	7.7 kB	dcdaab8697a47894a554050ce18d0b56	PE32 executable (native) Intel 80386, for MS Windows, 7 sections
2014-09-26 21:40	ATKEX.dll	104 kB	affebdf6ce01fcb74b3bb7cc3c7b7eec	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections
2014-09-26 21:40	atkexComSvc.exe	937 kB	bbf8f831c7720dd5135d8c4c8325187a	PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections
2015-09-07 22:04	axIns.exe	703 kB	25731b66be6787fe0d15430a785c56fc	PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections
2015-09-07 22:04	axIns.ini	74 B	4e58db0ccc913eaabaeee7d4587f50b5	Generic INItialization configuration [Files]
2015-09-08 17:41	CheckWin8.exe	84 kB	6eacbd280f9253624fc3e687f4e1fba9	PE32 executable (console) Intel 80386, for MS Windows, 5 sections
2015-09-08 17:47	data1.cab	1.6 MB	7d3bfd221d8a179bb637cc55de47320d	InstallShield CAB, version 0x100600c
2015-09-08 17:47	data1.hdr	17 kB	1b39a92fc70c8c6aa2cf5b5fd6170a92	InstallShield setup header, version 0x100600c, descriptor size 0x288c
2015-09-08 17:47	data2.cab	1.3 MB	9fa8d329459e000a9d4aed3a7d714f2f	InstallShield CAB, version 0x100600c
2014-09-26 21:40	setup.exe	711 kB	7287c348d09cf3c403ffa8b533b7c1a2	PE32 executable (console) Intel 80386, for MS Windows, 7 sections
2015-09-07 22:04	setup.xml	726 B	2af401ffdc7eb55d246ca7dfed92dbec	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
2014-09-26 21:40	SetupICCS.exe	1.4 MB	4cfcf8cadf6e2dcea8abe6f58d73ff5f	PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
2014-09-26 21:40	vcredist_x86.exe	5.1 MB	b88228d5fef4b6dc019d69d4471f23ec	PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections
2014-09-26 21:40	DIFxAPI.dll	320 kB	1bd976dd77b31fe0f25708ad5c1351ae	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2014-09-26 21:40	iccwdt.cat	8.9 kB	827d2d303942f99435e19e7baa6b8eb4	DER Encoded PKCS#7 Signed Data
2014-09-26 21:40	iccwdt.inf	2.9 kB	a3003b101d97d52126177e07cd537769	Windows setup INFormation
2014-09-26 21:40	iccwdt.sys	22 kB	8661b1d7706889463289a8660352f0f8	PE32 executable (native) Intel 80386, for MS Windows, 7 sections
2014-09-26 21:40	WdfCoInstaller01009.dll	1.5 MB	a9970042be512c7981b36e689c5f3f9f	PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections
2014-09-26 21:40	iccwdt.sys	26 kB	c1010add3ddae1196ed21057af7b2aae	PE32+ executable (native) x86-64, for MS Windows, 8 sections
2014-09-26 21:40	WdfCoInstaller01009.dll	1.7 MB	4da5da193e0e4f86f6f8fd43ef25329a	PE32+ executable (DLL) (console) x86-64, for MS Windows, 5 sections
2014-09-26 21:40	license.txt	13 kB	df73a63a646350459a100d5db48b6d46	Non-ISO extended-ASCII text, with very long lines (765), with CRLF line terminators
2014-09-26 21:40	Readme.txt	7.6 kB	d08b162bf197e0c06c4fa2510c6ead57	ASCII text, with CRLF line terminators
2014-09-26 21:40	Setup.cfg	1.6 kB	3947616ce97906d704e76e49b8450e25	ISO-8859 text, with CRLF line terminators
2014-09-26 21:40	setup.exe	922 kB	58f52903a000c0faeed3770dfd39dd1a	PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
2014-09-26 21:40	Setup.if2	1.4 kB	1431d2ce7f8e8ba3214346d845ab434c	Generic INItialization configuration [Groups]
2014-09-26 21:40	DIFxAPI.dll	526 kB	f5558c67a3adb662d43d40a1cbde4160	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections
2014-09-26 21:40	Drv64.exe	140 kB	3133d7aa82f537248a1646be640c5e4f	PE32+ executable (GUI) x86-64, for MS Windows, 4 sections
2002-07-26 07:07	ikernel.ex_	347 kB	93b63f516482715a784bbec3a0bf5f3a	MS Compress archive data, SZDD variant, original size: 614532 bytes
2014-09-26 21:40	AsIO.dll	29 kB	8128b54eaa48f9c06b19a86c87752996	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2014-09-26 21:40	AsIO.VXD	5.8 kB	11a0fa714ac5f920490df59d37a3aa25	MS-DOS executable, LE executable for MS Windows (VxD)
2014-09-26 21:40	AsIO32.sys	15 kB	bfe96411cf67edb3cee2b9894b910cd5	PE32 executable (native) Intel 80386, for MS Windows, 5 sections
2014-09-26 21:40	AsIO64.sys	15 kB	798de15f187c1f013095bbbeb6fb6197	PE32+ executable (native) x86-64, for MS Windows, 5 sections
2014-09-26 21:40	AsIoIns.exe	117 kB	a7b7fae8049dfa73b8712024fafbf152	PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
2014-09-26 21:40	AsIoUnins.exe	117 kB	746c04040c02537a84e9031d3aa3731f	PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
2014-09-26 21:40	Version.ini	57 B	eaa1604bf47c6085f0797d6b1e4042d9	ASCII text, with CRLF line terminators
2015-09-08 17:47	layout.bin	417 B	5ee69924cf9a10de37ca2fd2b73a3f77	data
2001-09-05 05:03	Setup.exe	168 kB	fb6674a519505cc93e28cf600bbc23a3	PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
2015-09-08 17:47	Setup.ini	198 B	5476ae276d1f16e2149a694eec3ce2ea	Generic INItialization configuration [Languages]
2015-09-08 17:47	setup.inx	148 kB	037b0547518874610cdb34199b72b54a	data

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
YARAhub by abuse.ch	malware	signed_sys_with_vulnerablity
YARAhub by abuse.ch	malware	signed_sys_with_vulnerablity
YARAhub by abuse.ch	malware	signed_sys_with_vulnerablity
Elastic Security YARA Rules	malware	Windows.VulnDriver.AsIo
YARAhub by abuse.ch	malware	signed_sys_with_vulnerablity
Elastic Security YARA Rules	malware	Windows.VulnDriver.AsIo
VirusTotal	suspicious	VirusTotal - Scan result 4/52

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size