Report - ikiki.la.coocan.jp/himoji/game/taisouou.zip

Report Overview

Visitedpublic

2025-02-26 04:20:27

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
ikiki.la.coocan.jp	unknown	2005-11-15	2022-01-26	2024-10-08	706 B	5.8 MB	222.158.205.72

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

ikiki.la.coocan.jp/himoji/game/taisouou.zip

IP / ASN

222.158.205.72

#19905 SECURITYSERVICES

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=deflate

Size5.8 MB (5827611 bytes)

MD5a39bedad56130d23e43523858ae2ee19

SHA18d9786052c7b120bee1aba84dbe7443ce7ac2534

SHA256b5e3af6f455de5d2d29a28e4edbad81d6ee915c2293029debddbf4999aee6f6a

Archive (2)

Modified	Filename	Size	MD5	File type
2022-07-18 12:11	�̑��.exe	6.4 MB	73a15220ce8da2fad96146d915658488	PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
2022-07-18 12:14	�̑��.txt	372 B	334ab549c417538291dde82cf93a8fbc	Non-ISO extended-ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 4/66
ClamAV	malicious	Win.Malware.Generic-9950729-0

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

ikiki.la.coocan.jp/

222.158.205.72

200 OK

1.8 kB

URL HTTP

ikiki.la.coocan.jp/

IP / ASN

222.158.205.72

#19905 SECURITYSERVICES

Requested byN/A

Resource Information

File typeXML 1.0 document, Unicode text, UTF-8 text

First Seen2025-02-26

Last Seen2025-02-26

Times Seen6

Size1.8 kB (1790 bytes)

MD5766f067b2d18038a8fd77cb2afd4e49c

SHA1c1e168ca24317de479d14e04051a46acc25b9caf

SHA256f3c3e5d4c312ffdffa2a444879540a5153b99f0da77cf3a628a6763b766a1c96

HTTP Headers

GET / HTTP/1.1
Host: ikiki.la.coocan.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 26 Feb 2025 04:19:59 GMT
Content-Type: text/html
Content-Length: 1790
Connection: keep-alive
Last-Modified: Sun, 06 May 2018 12:59:00 GMT
ETag: "6fe-56b891de82d00"
Accept-Ranges: bytes
Server: Apache

GET ikiki.la.coocan.jp/himoji/game/taisouou.zip

222.158.205.72

200 OK

5.8 MB

URL User Request GET HTTP

ikiki.la.coocan.jp/himoji/game/taisouou.zip

IP / ASN

222.158.205.72

#19905 SECURITYSERVICES

Requested byN/A

Resource Information

File typeZip archive data, at least v2.0 to extract, compression method=deflate

First Seen2025-02-26

Last Seen2025-02-26

Times Seen1

Size5.8 MB (5827611 bytes)

MD5a39bedad56130d23e43523858ae2ee19

SHA18d9786052c7b120bee1aba84dbe7443ce7ac2534

SHA256b5e3af6f455de5d2d29a28e4edbad81d6ee915c2293029debddbf4999aee6f6a

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 4/66
ClamAV	malicious	Win.Malware.Generic-9950729-0

HTTP Headers

GET /himoji/game/taisouou.zip HTTP/1.1
Host: ikiki.la.coocan.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 26 Feb 2025 04:19:59 GMT
Content-Type: application/zip
Content-Length: 5827611
Connection: keep-alive
Last-Modified: Mon, 18 Jul 2022 03:15:30 GMT
ETag: "58ec1b-5e40bc7bdd458"
Accept-Ranges: bytes
Server: Apache