Report Overview
Submitted URL
fs.duifene.com/res/r2/u5926683/windows_x64_40438856f14841f81dfa.zip
IP
23.248.177.66
ASN
#21859 ZEN-ECN
Submitted
2024-04-16 15:38:49
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
xinchacha2dv.ocsp-certum.com | unknown | 2013-12-19 | 2022-07-28 | 2024-04-15 | 340 B | 1.8 kB | 95.101.10.107 |
fs.duifene.com | unknown | 2016-01-12 | 2021-10-03 | 2024-03-26 | 521 B | 15 MB | 23.248.177.66 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
fs.duifene.com/res/r2/u5926683/windows_x64_40438856f14841f81dfa.zip
IP
23.248.177.66
ASN
#21859 ZEN-ECN
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
15 MB (14786837 bytes)
Hash
2ec0e0e7d055702dcea2a4ce07f32402
e086173ce06ce49f7afb3509c893e1d4be73dd2a
Archive (39)
Filename | Md5 | File type | ||||||
---|---|---|---|---|---|---|---|---|
74552956.png | 53df7d59b42382fe946d6e1360a00df6 | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | ||||||
abc_123.png | 1595e5eec52773980cb88e11a34c2aca | PNG image data, 639 x 632, 8-bit/color RGB, non-interlaced | ||||||
afrog.png | ac60cd3ca8b942b9923ad543784a0684 | PNG image data, 460 x 460, 8-bit/color RGBA, non-interlaced | ||||||
AntSword-Loader.png | 3e758a1fbd08c87e5713af69ccacbd62 | PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced | ||||||
avws.png | 0cee8cc3ddd0e28b23ec9a8ddc426c0e | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | ||||||
burp.png | d8c17801f07064959db870dd1fd362c2 | PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced | ||||||
burp.svg | bb6ca3a473590876de49fd75f28aa750 | SVG Scalable Vector Graphics image | ||||||
CMSeeK.png | cff9d464c914f3261e7393b559186512 | PNG image data, 702 x 492, 8-bit/color RGBA, non-interlaced | ||||||
CobaltStrike.ico | 740db662e32aed9da8699be16f04089a | MS Windows icon resource - 1 icon, 256x256, 32 bits/pixel | ||||||
dnsx.png | e93c2642559fd046f64b23b18cbdcb63 | PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced | ||||||
FofaViewer.png | 1ebb55433ef40388ce5da86d009ae4cc | PNG image data, 174 x 158, 8-bit/color RGB, non-interlaced | ||||||
fscan.png | ace0b787525406ce62d08b70d111efe0 | PNG image data, 460 x 460, 8-bit/color RGB, non-interlaced | ||||||
goby.png | 3f32673bee9be64397cd75c896ba6b79 | PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced | ||||||
hashcat.png | 5f2cb70cf946f28df65c525953b53185 | PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced | ||||||
hydra.png | 043b7392bbbe490c693d77a9c0c1aa3b | PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced | ||||||
img.png | e5321a1758928519eb2e56f8180af050 | PNG image data, 234 x 232, 8-bit/color RGB, non-interlaced | ||||||
java.png | ffecc03ecb449aca0872543ba5c594e6 | PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced | ||||||
kali-burpsuite.png | abff83eeea80d476a04779ffcb5af0c7 | PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced | ||||||
Layer.png | 76705b41a642e9a5be7c7df9c3e57ba7 | PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced | ||||||
LiqunKit.png | 5a574e25501a63fa34bde2267959ed46 | PNG image data, 260 x 261, 8-bit/color RGB, non-interlaced | ||||||
Mitsurugi.png | a11c36b825b1ced2fa61540ee6fea106 | PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced | ||||||
naabu.png | 38ec3a3dc0338895fdc97582a8a4c484 | PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced | ||||||
Navicat.png | 7fde24707d7614fd05c887bc77fe811e | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | ||||||
phpstorm.png | 6d7a3f2df7756955264defc743b93617 | PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced | ||||||
python.png | b5c8e6cc3ecc9aefce920a839e408d0b | PNG image data, 720 x 720, 8-bit/color RGB, non-interlaced | ||||||
RouterScan.png | 4591c44931b55f670539782722acc9e5 | PNG image data, 76 x 76, 8-bit/color RGBA, non-interlaced | ||||||
SNETCracker.png | d5475dd3d9330605c0dc8f21d14a2e99 | PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced | ||||||
sqlmap.png | a4dd57b4230669f25d1474e4c8b6da0f | PNG image data, 768 x 397, 8-bit/color RGB, non-interlaced | ||||||
subfinder.png | 5b7eca3b67322877cf348d28ae2a2483 | PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced | ||||||
SuperSoft.ico | 88c808989c269839d64017acaac2b333 | MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel | ||||||
Wafw00f.png | a0c597d9f219288e802885741983811a | PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced | ||||||
wxzf.jpg | 4e16fb7b3aa80ff5ba2cea4ad7cf4905 | JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1118x1524, components 3 | ||||||
xray.png | c0e316918f8d136f449742306969ae80 | PNG image data, 548 x 548, 8-bit/color RGBA, interlaced | ||||||
XSStrike.png | 41a2340fae49db41d6cf7cfc8e384023 | PNG image data, 139 x 150, 8-bit/color RGBA, non-interlaced | ||||||
zss.ico | 482972e3abd7fce27fbc155ec3997f8c | MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel | ||||||
zss.jpg | da1a57e2fcf212d5139e38912d9bab78 | JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3 | ||||||
explanation.txt | 2dbafd49ad39462a715aaf6c7a3f2e27 | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
Updatecheck.json | 797314745c284ad2fa8409e2e04042c4 | JSON text data | ||||||
zss.exe | 0220808383618afd173ad429c9047391
| PE32+ executable (console) x86-64, for MS Windows, 7 sections |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public InfoSec YARA rules | malware | Identifies executable converted using PyInstaller. |
VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (2)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
xinchacha2dv.ocsp-certum.com/ | 95.101.10.107 | 1.5 kB | ||||||||
HTTP Headers
| ||||||||||
fs.duifene.com/res/r2/u5926683/windows_x64_40438856f14841f81dfa.zip | 23.248.177.66 | 200 OK | 15 MB | |||||||
Detections
HTTP Headers
| ||||||||||