Report - download.paragames233.com:2095/download/eu4/EU4%E5%8F%8C%E5%AD%97%E8%8A%82%E8%A1%A5%E4%B8%81%EF%BC%881.36.2%EF%BC%89.zip

Report Overview

Submitted URL
download.paragames233.com:2095/download/eu4/EU4%E5%8F%8C%E5%AD%97%E8%8A%82%E8%A1%A5%E4%B8%81%EF%BC%881.36.2%EF%BC%89.zip
IP
104.26.11.5
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 20:16:06
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
	unknown				490 B	518 kB	172.67.68.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
download.paragames233.com:2095/download/eu4/EU4%E5%8F%8C%E5%AD%97%E8%8A%82%E8%A1%A5%E4%B8%81%EF%BC%881.36.2%EF%BC%89.zip
IP
172.67.68.29
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
518 kB (517635 bytes)
Hash
16b52c64c19dfaf7b926b6392c21ec5c
67c34900c3d0af87cd39ce1b2b9c05bc04ec7874
04020cb4f1a738efe358568fab4a67d4ac8c9e2927789f712fc0cf1581a7d595

Archive (9)

Filename

Md5

File type

.dist.v1.json

725396828e255ffb7f93f3e4430ff009

JSON text data

d3d9.dll

3be3c598e6b4bdd69a3603b10780e1f8

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

plugins\autoupdate64.bat

640397536d6c4bc73aabb3b68065e66b

ASCII text, with CRLF line terminators

plugins\dllautoupdater.exe

78990f6820d3836f43764437ec014669

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

plugins\Plugin.dll

cb384249ddf767eed38807bed5c5c13e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

plugin.ini

b6330daceb8afdcaa57c880102a284ec

Microsoft HTML Help Project

plugins\plugin64.dll

d50aecac53bdefc142db761f524381ca

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

README.md

7c2f2ba6d847dff394cbe5c7b4316046

Unicode text, UTF-8 text, with CRLF line terminators

version.dll

83ee6d44f4f60bd0ef9ec492bc25218d

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	suspicious	VirusTotal - Scan result 1/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

download.paragames233.com:2095/download/eu4/EU4%E5%8F%8C%E5%AD%97%E8%8A%82%E8%A1%A5%E4%B8%81%EF%BC%881.36.2%EF%BC%89.zip

172.67.68.29

518 kB

URL
download.paragames233.com:2095/download/eu4/EU4%E5%8F%8C%E5%AD%97%E8%8A%82%E8%A1%A5%E4%B8%81%EF%BC%881.36.2%EF%BC%89.zip
IP
172.67.68.29:0
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
518 kB (517635 bytes)
Hash
16b52c64c19dfaf7b926b6392c21ec5c
67c34900c3d0af87cd39ce1b2b9c05bc04ec7874
04020cb4f1a738efe358568fab4a67d4ac8c9e2927789f712fc0cf1581a7d595

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/65

HTTP Headers

GET /download/eu4/EU4%E5%8F%8C%E5%AD%97%E8%8A%82%E8%A1%A5%E4%B8%81%EF%BC%881.36.2%EF%BC%89.zip HTTP/1.1
Host: download.paragames233.com:2095
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 20:15:43 GMT
Content-Type: application/zip
Content-Length: 517635
Connection: keep-alive
Last-Modified: Mon, 08 Apr 2024 16:12:02 GMT
ETag: "7e603-6159810de021b"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ub614FoLHHJzwswPz%2FOBB%2F6wbWi6WYD6zSYJJ219ts53dM4Aw7LLdRSWtuaiMoc4cc6xAWqbp83BJ22F6SPPiPg3KZpvEu1DzVUtlMl46W4B%2B06Hhfqmojz%2BJP14GVi2elqV6cdCaIkpoI6AqnKrXA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8756d94b3ddbb523-OSL

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (9)

Detections

JavaScript (0)

HTTP Transactions (1)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers