Report - g2.sharemods.com/cgi-bin/dl.cgi/cnzjjszcuuaqwq3rhi636lhfcvilhp6mfcwnizqd6lrx6x3alsz442i/ModLoader.zip

Report Overview

Submitted URL
g2.sharemods.com/cgi-bin/dl.cgi/cnzjjszcuuaqwq3rhi636lhfcvilhp6mfcwnizqd6lrx6x3alsz442i/ModLoader.zip
IP
168.119.77.122
ASN
#24940 Hetzner Online GmbH
Submitted
2024-04-16 05:05:40
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
9

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
g2.sharemods.com	unknown	2013-01-31	2018-06-11	2024-03-31	555 B	2.5 MB	168.119.77.122

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
g2.sharemods.com/cgi-bin/dl.cgi/cnzjjszcuuaqwq3rhi636lhfcvilhp6mfcwnizqd6lrx6x3alsz442i/ModLoader.zip
IP
168.119.77.122
ASN
#24940 Hetzner Online GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.5 MB (2520195 bytes)
Hash
2c9894d32e59948e72c396cd5d87dd9b
1d626d43e48f1d3474260b4c7e7608942c0ed707
18165a3fc793624ac70816c2730d7d0150542b29ac14530bb6f80843211b938e

Archive (39)

Filename

Md5

File type

Leiame (ORIGINAL).txt

f9fc6abeb10878240fdbd06d2e24baeb

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Leiame (ou morra).txt

56d0b60dfa3b9038a89627a0fb431386

Non-ISO extended-ASCII text, with CRLF line terminators

modloader.asi

7bca6c02c326ad80b51c8ba4a3ab7081

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

CHANGELOG.md

fb2b31616bda1696c1ccf5572ef11b68

ASCII text, with CRLF line terminators

Command Line Arguments.md

263e77ff7af3abac8b644312530f3c01

ASCII text, with CRLF line terminators

config.ini.0

ede1990af21a34b731b70ffbbb557328

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Leia-me.md

a827e87daa49bdbd596486f622627ff6

Unicode text, UTF-8 text, with CRLF line terminators

LICENSE

0a82d66c36e278ad32f8d325b568aeae

ISO-8859 text, with CRLF line terminators

boost.txt

3a6f3f979cd75672c48f31414f1e4098

ASCII text, with CRLF line terminators

cereal.txt

1754ea4b9777d3dda8a984009a53f59e

ASCII text, with CRLF line terminators

tinympl.txt

c2c5ac036a57b327f26c57ab791c1996

ASCII text, with CRLF line terminators

utf8-cpp.txt

1e42b5da23ec4c81bfc11997a5df8746

ASCII text, with CRLF line terminators

modloader.ini.0

24a566196ec0db8d015021d657149d57

ASCII text, with CRLF line terminators

plugins.ini.0

40a77901283da69daf2b4ec5a9208e37

ASCII text, with CRLF line terminators

std.asi.dll

6213e58c7afebba3c9a544d136867192

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

std.asi.md

8d702f21783e931840044192c62ec2c3

ASCII text, with CRLF line terminators

std.bank.dll

b62c4afdd4185dc101a4ef00c2f96df0

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

std.bank.md

23151bb7b7e7c50de234178842d2615d

ASCII text, with CRLF line terminators

std.data.dll

6071e23e21a6dbf14d1ccc1c40c8999e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

std.data.md

0a1f84728e310c6bfabbaeee76959a0c

Unicode text, UTF-8 text, with CRLF line terminators

std.fx.dll

6d3d25d18bafd2a3aa8ffc45210f8d6f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

std.fx.md

a3355211bfafc15617ca359cd0b47562

ASCII text, with CRLF line terminators

std.movies.dll

2f6cffc454480a78b8dd5e6deaf59a22

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

std.movies.md

fe2acbb42fdf2d4d18e3750f7111bd7a

ASCII text, with CRLF line terminators

std.scm.dll

c4985af123ec3eb3542dd39bc48cf559

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

std.scm.md

202f73e91cc731eef4a64742852ab7a6

ASCII text, with CRLF line terminators

std.sprites.dll

4eb5de5941e2d777d082f0d55d8ea5a7

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

std.sprites.md

faeee7369a465b4be58199058210f43f

ASCII text, with CRLF line terminators

std.stream.dll

66abdbad403be76682f3f0c9a74bd555

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

std.stream.md

88047db00edc09a0585bcade7bb88e5b

ASCII text, with CRLF line terminators

std.text.dll

92eb256f95d7f4a290c2d5fb77a7a629

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

std.text.md

ce0f4dbccce4dd7e46c07bffce79f953

ASCII text, with CRLF line terminators

std.tracks.dll

62b4f02f39ee472a9e18c0b83f61045a

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

std.tracks.md

ecd6adcb1a3fd4603addaa5fb946b253

ASCII text, with CRLF line terminators

Profiles.md

975d4e353679d9a184513f29d1e2bf37

ASCII text, with CRLF line terminators

Readme.md

f78b1077c0bdae65d186d42852cf17d4

ASCII text, with CRLF line terminators

menu.fxt

d000579a6bf45a79a4777f2851804f3c

ASCII text, with CRLF line terminators

Readme (or die).txt

d7af36ee8b5f7632bf5e562178c07007

Non-ISO extended-ASCII text, with CRLF line terminators

Readme (ORIGINAL).txt

f78b1077c0bdae65d186d42852cf17d4

ASCII text, with CRLF line terminators

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	g2.sharemods.com/cgi-bin/dl.cgi/cnzjjszcuuaqwq3rhi636lhfcvilhp6mfcwnizqd6lrx6x3alsz442i/ModLoader.zip	168.119.77.122	200 OK	2.5 MB
URL User Request GET HTTP/1.1 g2.sharemods.com/cgi-bin/dl.cgi/cnzjjszcuuaqwq3rhi636lhfcvilhp6mfcwnizqd6lrx6x3alsz442i/ModLoader.zip IP 168.119.77.122:443 ASN #24940 Hetzner Online GmbH Certificate IssuerSectigo Limited Subject.sharemods.com FingerprintEF:09:52:DE:C2:15:9F:BC:95:0E:6E:29:0B:32:73:D2:E7:7E:1C:6E ValidityWed, 04 Oct 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 2.5 MB (2520195 bytes) Hash 2c9894d32e59948e72c396cd5d87dd9b 1d626d43e48f1d3474260b4c7e7608942c0ed707 18165a3fc793624ac70816c2730d7d0150542b29ac14530bb6f80843211b938e HTTP Headers GET /cgi-bin/dl.cgi/cnzjjszcuuaqwq3rhi636lhfcvilhp6mfcwnizqd6lrx6x3alsz442i/ModLoader.zip HTTP/1.1 Host: g2.sharemods.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Tue, 16 Apr 2024 05:05:13 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.6.40 Access-Control-Allow-Origin: Content-Disposition: attachment Content-Transfer-Encoding: binary Content-length: 2520195 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/octet-stream`

g2.sharemods.com/cgi-bin/dl.cgi/cnzjjszcuuaqwq3rhi636lhfcvilhp6mfcwnizqd6lrx6x3alsz442i/ModLoader.zip

168.119.77.122

200 OK

2.5 MB

URL User Request GET HTTP/1.1
g2.sharemods.com/cgi-bin/dl.cgi/cnzjjszcuuaqwq3rhi636lhfcvilhp6mfcwnizqd6lrx6x3alsz442i/ModLoader.zip
IP
168.119.77.122:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerSectigo Limited
Subject*.sharemods.com
FingerprintEF:09:52:DE:C2:15:9F:BC:95:0E:6E:29:0B:32:73:D2:E7:7E:1C:6E
ValidityWed, 04 Oct 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.5 MB (2520195 bytes)
Hash
2c9894d32e59948e72c396cd5d87dd9b
1d626d43e48f1d3474260b4c7e7608942c0ed707
18165a3fc793624ac70816c2730d7d0150542b29ac14530bb6f80843211b938e

HTTP Headers

GET /cgi-bin/dl.cgi/cnzjjszcuuaqwq3rhi636lhfcvilhp6mfcwnizqd6lrx6x3alsz442i/ModLoader.zip HTTP/1.1
Host: g2.sharemods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 05:05:13 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.6.40
Access-Control-Allow-Origin: *
Content-Disposition: attachment
Content-Transfer-Encoding: binary
Content-length: 2520195
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/octet-stream

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (39)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers