Report - fileservice.gtainside.com/downloads/ftpe/1258396855_xliveless_all

Report Overview

Submitted URL
fileservice.gtainside.com/downloads/ftpe/1258396855_xliveless_all_versions.zip
IP
104.26.6.91
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 14:53:39
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fileservice.gtainside.com	unknown	2004-05-20	2020-01-03	2024-04-18	532 B	541 kB	104.26.7.91

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
fileservice.gtainside.com/downloads/ftpe/1258396855_xliveless_all_versions.zip
IP
104.26.7.91
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
540 kB (540029 bytes)
Hash
f145e7cdec6f65da66aaa1373794fa6e
24215d99c8d64e1e761a22f40039c18415b79623
7a939e2049a0e017337566697d69d881923128a175ecabc39805b7c991d6e82a

Archive (60)

Filename

Md5

File type

Readme.txt

d7e8ec5038474f813753440c1e8070e6

ASCII text, with no line terminators

xlive.dll

fe9919cb59e4ea7ee1f4de4be9651c38

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

_readme.txt

d89b0f77e370aca496ab21a876e010e1

ASCII text, with CRLF line terminators

_readme_rus.txt

fcf3943fc91e648478afb02cc4cada1e

ISO-8859 text, with CRLF line terminators

binkhooked.dll

fcd554df06723953326dd0af5d430231

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 13 sections

binkw32.dll

8144f887ee506643219e236e3904570d

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

ReadMe(eng).txt

e4798822f59aeffbb5d9938674848538

ISO-8859 text, with CRLF line terminators

ReadMe(rus).txt

a28e3659b88f9a511810827cf9a7a89b

ISO-8859 text, with CRLF line terminators

www.Alexander.SannyBuilder.com.url

3bc6218639d58636ad5dd34a16610aae

MS Windows 95 Internet shortcut text (URL=<http://alexander.sannybuilder.com>), ASCII text, with CRLF line terminators

www.OpenIV.com.url

75eeafd04bcc69d3b505adac60bb1ff4

MS Windows 95 Internet shortcut text (URL=<http://openiv.com>), ASCII text, with CRLF line terminators

FileCheckFix.asi

71af89780ae524530b1aa8af2903dfc9

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

ReadMe(eng).txt

013f3653af7bcd4bd04692af7ded1cb1

ISO-8859 text, with CRLF line terminators

ReadMe(rus).txt

e53206fbcef3e553573312d1b1c3c44a

ISO-8859 text, with CRLF line terminators

www.Alexander.SannyBuilder.com.url

3bc6218639d58636ad5dd34a16610aae

MS Windows 95 Internet shortcut text (URL=<http://alexander.sannybuilder.com>), ASCII text, with CRLF line terminators

www.OpenIV.com.url

75eeafd04bcc69d3b505adac60bb1ff4

MS Windows 95 Internet shortcut text (URL=<http://openiv.com>), ASCII text, with CRLF line terminators

filelist.pak

0ce64bbc7cfa5ef04d41c861de81a3d7

data

Readme [gta-modding.it].txt

f83a9ff7d9fb183ff869e1a96bf0fb52

ASCII text, with CRLF line terminators

dsound.dll

73e2e1a9d20821cc529207d5e37a0e38

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

ReadMe(eng).txt

0c3a4428a969962aab77d9ef32d9ad8d

ISO-8859 text, with CRLF line terminators

ReadMe(rus).txt

840b3ec1c5b52cd82cac202fc0d1f3ec

ISO-8859 text, with CRLF line terminators

www.Alexander.SannyBuilder.com.url

3bc6218639d58636ad5dd34a16610aae

MS Windows 95 Internet shortcut text (URL=<http://alexander.sannybuilder.com>), ASCII text, with CRLF line terminators

www.OpenIV.com.url

75eeafd04bcc69d3b505adac60bb1ff4

MS Windows 95 Internet shortcut text (URL=<http://openiv.com>), ASCII text, with CRLF line terminators

Readme [gta-modding.it].txt

1ae70d7992250b6fed458f2e87df56e1

ASCII text, with CRLF line terminators

compile.bat

29890337f38d69c8cc688be3d70920d3

ASCII text, with no line terminators

compile_with_trace.bat

820edabfe5046f864f91a5e7b4a8c1d7

ASCII text, with no line terminators

compile.bat

0d3e53baa7c5e5e18590591019f2d639

ASCII text, with no line terminators

saveToGameFolder.cpp

a039224405474a25165463cac1bbf677

C source, ASCII text, with CRLF line terminators

saveToGameFolder.dll

5ef726b6912da84daa0fb31adf06e544

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

xlive.cpp

0bde935f317ca14e3506c4332fb3738f

C source, ASCII text, with CRLF line terminators

xlive.def

9200ca0815086f9a04ae3722cb302484

ASCII text, with CRLF line terminators

xlive.lib

249b60eead2af86e942890f622cdd9b9

current ar archive

xliveless.h

b984190ecef54da8d423301f184049b9

C source, ASCII text, with CRLF line terminators

xlive.dll

e4fd0ff0e986d8fea477cef58f96aca6

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

xlive_d.dll

32c416fdb4cd575fecbb38e82b5e0b66

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

_readme.txt

786bb7b96f40873355439cc447201208

ASCII text, with CRLF line terminators

_readme_rus.txt

05313c29281580e83e5e7400875c9266

ISO-8859 text, with CRLF line terminators

Readme [gta-modding.it].txt

dbaefb80028a4973b1568520e5574eb4

ASCII text, with CRLF line terminators

compile.bat

29890337f38d69c8cc688be3d70920d3

ASCII text, with no line terminators

compile_with_trace.bat

820edabfe5046f864f91a5e7b4a8c1d7

ASCII text, with no line terminators

xlive.cpp

d6973d417b6a3b8383a68a9f35cf0835

C source, ASCII text, with CRLF line terminators

xlive.def

d2a886d7c81887e9d05ef57876c2b942

ASCII text, with CRLF line terminators

xlive.lib

74a105ca52b138d71afb592a7fb1d58a

current ar archive

xliveless.h

b984190ecef54da8d423301f184049b9

C source, ASCII text, with CRLF line terminators

xlive.dll

8ad2181121d2216133ee968aacba7494

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

xlive_d.dll

31fbcb225c3e31558e10a0c82bc7283f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

_readme.txt

786bb7b96f40873355439cc447201208

ASCII text, with CRLF line terminators

_readme_rus.txt

05313c29281580e83e5e7400875c9266

ISO-8859 text, with CRLF line terminators

compile.bat

29890337f38d69c8cc688be3d70920d3

ASCII text, with no line terminators

compile_with_trace.bat

820edabfe5046f864f91a5e7b4a8c1d7

ASCII text, with no line terminators

compile.bat

0d3e53baa7c5e5e18590591019f2d639

ASCII text, with no line terminators

saveToGameFolder.cpp

c5ba17210b65cdc5bbbaac0ff6bd0657

C source, ASCII text, with CRLF line terminators

saveToGameFolder.dll

4df263a1bb8ce8b719c69d25afabd2da

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

xlive.cpp

dc8dc9bc0451eaa36d6c7a12dac7b2a5

C source, ASCII text, with CRLF line terminators

xlive.def

d2a886d7c81887e9d05ef57876c2b942

ASCII text, with CRLF line terminators

xlive.lib

198db949bdf38d4603ff6829b8dd2935

current ar archive

xliveless.h

b984190ecef54da8d423301f184049b9

C source, ASCII text, with CRLF line terminators

xlive.dll

c344122ddc084a39e5446e61226f19a5

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

xlive_d.dll

b7b98f453ee8f0225b68120b0b9404af

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

_readme.txt

66c0130de8f2b7652ecadf2386db265d

ASCII text, with CRLF line terminators

_readme_rus.txt

5ddbc284f97293fcff02f663ec18abc1

ISO-8859 text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 8/68

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

fileservice.gtainside.com/downloads/ftpe/1258396855_xliveless_all_versions.zip

104.26.7.91

200 OK

540 kB

URL User Request GET HTTP/2
fileservice.gtainside.com/downloads/ftpe/1258396855_xliveless_all_versions.zip
IP
104.26.7.91:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint8E:48:16:87:A6:02:FE:C1:5E:31:EF:8A:3E:AA:4B:26:C6:C3:67:6F
ValiditySun, 28 May 2023 00:00:00 GMT - Mon, 27 May 2024 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
540 kB (540029 bytes)
Hash
f145e7cdec6f65da66aaa1373794fa6e
24215d99c8d64e1e761a22f40039c18415b79623
7a939e2049a0e017337566697d69d881923128a175ecabc39805b7c991d6e82a

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 8/68

HTTP Headers

GET /downloads/ftpe/1258396855_xliveless_all_versions.zip HTTP/1.1
Host: fileservice.gtainside.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 14:53:13 GMT
content-type: application/zip
content-length: 540029
last-modified: Mon, 16 Nov 2009 17:42:00 GMT
etag: "83d7d-4788086d38a00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fuOD7v961mQd2%2Bkxo6dgVmfxta5qiP0Bqcg2XPoeOCqBIxyBuMizE1N7G2A%2FJ%2FUgegZ2yInztLsOMn0%2FezyUpX8ISe4W%2FGFe99%2FE0kIuxOonJbKq%2BqTXmMy7wldvSxZnP7z5q3ZEp12dluw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8796ebef993d0b49-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (60)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers