Report - www.station-drivers.com/download/asmedia/asmedia_RaidMan

Report Overview

Submitted URL
www.station-drivers.com/download/asmedia/asmedia_RaidMan_3.130(station-drives.com).zip
IP
91.134.128.83
ASN
#16276 OVH SAS
Submitted
2024-04-19 07:03:44
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.station-drivers.com	913238	2002-11-15	2012-06-21	2024-03-02	540 B	1.8 MB	91.134.128.83
normandy.cdn.mozilla.net	3562	1998-01-31	2017-01-30	2024-04-18	329 B	1.2 kB	35.201.103.21
classify-client.services.mozilla.com	3824	1994-10-18	2019-01-09	2024-04-18	357 B	344 B	34.98.75.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.station-drivers.com/download/asmedia/asmedia_RaidMan_3.130(station-drives.com).zip
IP
91.134.128.83
ASN
#16276 OVH SAS

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.8 MB (1793654 bytes)
Hash
16708094c29a97ec2162e1618d634ff1
1c8746797f03bf2da25f45cd1ab8ce02a0788230
ec6d989fc55909e77b17498facde18cf51f9108e595e16367b6908e9d66c2bd4

Archive (31)

Filename

Md5

File type

106BCommandLib.dll

2cfee9aa1f733782aab5b11d6494d195

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

109CommandLib.dll

07e95394a1090ee8fe9c3db5747b20dd

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

AsmIo.sys

21d5670fd8495fe4d2a4b320b6a4e03a

PE32 executable (native) Intel 80386, for MS Windows, 6 sections

AsmIo64.sys

103941d9e0b395e8ad382614f8559166

PE32+ executable (native) x86-64, for MS Windows, 7 sections

asmiodll.dll

de38d40db0065a6f8f117b8299999013

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

asmiodll.lib

428020a2e1804f46b395ecbe3cdf7c62

current ar archive

ASMRaidManager.ini

3e2f078b8ef470a21a12a88df1e7acd6

ASCII text, with CRLF line terminators

Advance_mouseClick.bmp

44e836b03788e0d7579f49cbc4e400e6

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

Advance_mouseLeave.bmp

fc541fb33cce779ba82377359c8860a2

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

Advance_mouseOn.bmp

d3d33cc0184479d3b4fbbd0cf8df1825

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

Close_mouesClick.ico

fe42666c9427144b79aa763573373b2f

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

Close_mouesLeave.ico

d42ce8aa88f38c63de0c0fd750dc2ba4

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

Close_mouesOn.ico

7ab68d2a1675d3a7e68444412d3ff807

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

Execute_mouseClick.bmp

543dd43582ac0837fdbdea8379afeffa

PC bitmap, Windows 3.x format, 172 x 49 x 24, image size 25284, resolution 5906 x 5906 px/m, cbSize 25338, bits offset 54

Execute_mouseLeave.bmp

f8c48e4dcd98fea30d7a8f13996dc8d5

PC bitmap, Windows 3.x format, 172 x 49 x 24, image size 25284, resolution 5906 x 5906 px/m, cbSize 25338, bits offset 54

minimized_ click.ico

d09be7301dda8bb951758a7cc36a9969

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

Min_mouesLeave.ico

e4e2501581dbc6b77fc463ccf7ff8c4f

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

Min_mouesOn.ico

54432128aab010823a46710bfcac3a14

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

ModeChange_mouseClick.bmp

13db5a3d585bded6751313cfd1bb5da3

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

ModeChange_mouseLeave.bmp

134043439a710c30542715babf5df610

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

ModeChange_mouseOn.bmp

27630e5e7473cde783f419dc1a676b56

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

new_logo.bmp

dd7e8d3dbb8519bf5f06268afd51bc6e

PC bitmap, Windows 3.x format, 140 x 55 x 24, image size 23100, resolution 7874 x 7874 px/m, cbSize 23154, bits offset 54

RaidInfo_mouseClick.bmp

33fa6a1e3b06636a8973ae58177a14ed

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

RaidInfo_mouseLeave.bmp

6f84f5d87085de2b27249ecc890aa5fd

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

RaidInfo_mouseOn.bmp

aabf5c2299840c98e3504503a7f0af8c

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

SMART_mouseClick.bmp

5154eb8c7e5a09a652dddab335e77cdb

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

SMART_mouseLeave.bmp

bd2fc368847b16cd3d0be56bedd7104e

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

SMART_mouseOn.bmp

191195ed9b4edba494df7ce01c345c3d

PC bitmap, Windows 3.x format, 162 x 60 x 24, image size 29280, resolution 7874 x 7874 px/m, cbSize 29334, bits offset 54

Dbgview.exe

00c3d59a83c3745498b75fd9d1067b4c

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

RaidManagerTool.exe

d0d6664f00cc6cdeffc12b22937e8f1e

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

rescan.txt

881fb62825060dd21b46d99d9140e854

ASCII text, with no line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	signed_sys_with_vulnerablity
YARAhub by abuse.ch	malware	signed_sys_with_vulnerablity

JavaScript (0)

HTTP Transactions (3)

	URL	IP	Response	Size
	www.station-drivers.com/download/asmedia/asmedia_RaidMan_3.130(station-drives.com).zip	91.134.128.83	200 OK	1.8 MB
URL User Request GET HTTP/1.1 www.station-drivers.com/download/asmedia/asmedia_RaidMan_3.130(station-drives.com).zip IP 91.134.128.83:443 ASN #16276 OVH SAS Certificate IssuerLet's Encrypt Subjectwww.station-drivers.com FingerprintA1:F5:46:44:77:1C:99:B5:73:2E:18:99:7E:B7:44:BE:08:13:9C:45 ValidityWed, 03 Apr 2024 08:01:52 GMT - Tue, 02 Jul 2024 08:01:51 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 1.8 MB (1793654 bytes) Hash 16708094c29a97ec2162e1618d634ff1 1c8746797f03bf2da25f45cd1ab8ce02a0788230 ec6d989fc55909e77b17498facde18cf51f9108e595e16367b6908e9d66c2bd4 HTTP Headers GET /download/asmedia/asmedia_RaidMan_3.130(station-drives.com).zip HTTP/1.1 Host: www.station-drivers.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK date: Fri, 19 Apr 2024 07:03:18 GMT server: Apache/2.4.6 (CentOS) PHP/8.2.17 x-content-type-options: nosniff last-modified: Wed, 17 Aug 2022 20:53:34 GMT etag: "1b5e76-5e6760ef38958" accept-ranges: bytes content-length: 1793654 content-type: application/zip x-iplb-request-id: 5B5A2A9A:4E0F_5B868053:01BB_66221736_866AF:76FA x-iplb-instance: 5490`

	normandy.cdn.mozilla.net/api/v1/	35.201.103.21		598 B
URL normandy.cdn.mozilla.net/api/v1/ IP 35.201.103.21:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type JSON text data Size 598 B (598 bytes) Hash 3076f9a5cb273105528b893ff7111e41 b8990c145fe71b9a2410eea41a60a712b43b82bf 69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3 HTTP Headers `GET /api/v1/ HTTP/1.1 Host: normandy.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx content-length: 598 allow: GET, HEAD, OPTIONS content-security-policy: object-src 'none'; base-uri 'none'; block-all-mixed-content; default-src 'self' https://normandy.cdn.mozilla.net/; form-action 'self'; worker-src 'none'; frame-src 'none'; report-uri /__cspreport__ x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000 via: 1.1 google date: Thu, 18 Apr 2024 23:22:33 GMT cache-control: public, max-age=86400 content-type: application/json vary: Accept, Origin age: 27661 alt-svc: clear X-Firefox-Spdy: h2

	classify-client.services.mozilla.com/api/v1/classify_client/	34.98.75.36		64 B
URL classify-client.services.mozilla.com/api/v1/classify_client/ IP 34.98.75.36:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type JSON text data Size 64 B (64 bytes) Hash 620aaef95edc06f5e6e2be5cd6ab8258 313b43b97409d31079d9b713316446e898c5d934 d40f18c1c676a8be8ea422a7cff3d8005367e2b643fbf8e8554204a1e6ae8312 HTTP Headers `GET /api/v1/classify_client/ HTTP/1.1 Host: classify-client.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Fri, 19 Apr 2024 07:03:34 GMT content-type: application/json content-length: 64 cache-control: max-age=0, no-cache, no-store, must-revalidate strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (31)

Detections

JavaScript (0)

HTTP Transactions (3)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers