Report - b1.org/smart-download/803784/main

Report Overview

Submitted URL
b1.org/smart-download/803784/main_b1.zip
IP
83.222.126.244
ASN
#47328 DigitalOne AG
Submitted
2024-04-17 05:49:47
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
7

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
b1.org	163334	1999-11-06	2012-05-29	2024-04-17	494 B	194 B	83.222.126.244
cdn2.b1.org	unknown	1999-11-06	2014-10-08	2024-04-14	419 B	12 MB	83.222.126.244

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn2.b1.org/smart-download/803785/v=1.5.86/b1.zip
IP
83.222.126.244
ASN
#47328 DigitalOne AG

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
12 MB (11564002 bytes)
Hash
ee5474226fc26827bfbb4e9e13de6663
8128a21d47086b145fb7c0189c9487a99a63b743
96c1f728e00f7fdcd76cb2ae621754e348662ff8c3ed5a19faad0be2fb57abe3

Archive (11)

Filename

Md5

File type

B1Manager.exe

3fec706599072dabcacd0ceda96792d1

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

B1Shellext32.dll

e2c64d7a290e7e2788f5c03f176a24e8

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

B1Shellext64.dll

ec8e69336cb3a1a0600bd73e13352b6e

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

WinSetup32.exe

e54ce35ff21cceb3b4ec8eac3493fd45

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

WinSetup64.exe

26778fd43c0a6432abac8f3adfec3524

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

b1.exe

111194b339bcba6adc34baa1c4858600

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

qgif4.dll

126cd15146eeff59ad4b51694f196a69

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

qico4.dll

c615d19f6b1af7c3608ee4aab1503868

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

qjpeg4.dll

e7f1184cae2f0c646081cb9ae603bbd0

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

qpsd.dll

fdbb0baa25947a6972dc51cc02222673

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

qtiff4.dll

df9c846547f666c4001bca2bfcf40f96

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 7/63

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

b1.org/smart-download/803784/main_b1.zip

83.222.126.244

303 See Other

0 B

URL User Request GET HTTP/1.1
b1.org/smart-download/803784/main_b1.zip
IP
83.222.126.244:443
ASN
#47328 DigitalOne AG

Certificate
IssuerLet's Encrypt
Subjectb1.org
FingerprintFC:6B:C5:AD:D1:62:84:04:0D:D3:1A:FF:D2:73:E3:35:85:3C:B3:F4
ValidityTue, 23 Jan 2024 08:08:10 GMT - Mon, 22 Apr 2024 08:08:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /smart-download/803784/main_b1.zip HTTP/1.1
Host: b1.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 303 See Other
server: Apache-Coyote/1.1
location: http://cdn2.b1.org/smart-download/803785/v=1.5.86/b1.zip
content-length: 0
date: Wed, 17 Apr 2024 05:49:17 GMT
connection: close

cdn2.b1.org/smart-download/803785/v=1.5.86/b1.zip

83.222.126.244

200 OK

12 MB

URL User Request GET HTTP/1.1
cdn2.b1.org/smart-download/803785/v=1.5.86/b1.zip
IP
83.222.126.244:80
ASN
#47328 DigitalOne AG

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
12 MB (11564002 bytes)
Hash
ee5474226fc26827bfbb4e9e13de6663
8128a21d47086b145fb7c0189c9487a99a63b743
96c1f728e00f7fdcd76cb2ae621754e348662ff8c3ed5a19faad0be2fb57abe3

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 7/63

HTTP Headers

GET /smart-download/803785/v=1.5.86/b1.zip HTTP/1.1
Host: cdn2.b1.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: Apache-Coyote/1.1
accept-ranges: bytes
content-disposition: attachment; filename=b1.zip
etag: "04f8b25764e5e3b4525c5517569eebe5"
content-type: application/zip
content-length: 11564002
date: Wed, 17 Apr 2024 05:49:17 GMT
connection: close

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (11)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers