Report - fuzeclient.xyz/FilesClient/fix.zip

Report Overview

Submitted URL
fuzeclient.xyz/FilesClient/fix.zip
IP
37.140.192.207
ASN
#197695 Domain names registrar REG.RU, Ltd
Submitted
2024-04-23 08:21:20
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fuzeclient.xyz	unknown	2024-04-02	2024-04-11	2024-04-17	488 B	992 kB	37.140.192.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
fuzeclient.xyz/FilesClient/fix.zip
IP
37.140.192.207
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
992 kB (992025 bytes)
Hash
e7e111567837fcd9b1781f13b45376b4
c77ddf437fde9eda1fae78248798283ab5b0c9c1
f5c9c529e94d7bdb1105a709303a3d9ff35e530e3fc42fd064b0faba3624358e

Archive (4)

Filename

Md5

File type

msvcp140d.dll

f265bdccc3d8dbc56344c0d900a833bc

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

ucrtbased.dll

51987203207b4a0c541a0524264f1f8e

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

vcruntime140_1d.dll

75e81353c004a6bea844c212db09e1ed

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

vcruntime140d.dll

8e32121bc62367042f6d105df057d6b4

PE32+ executable (DLL) (console) x86-64, for MS Windows, 8 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	fuzeclient.xyz/FilesClient/fix.zip	37.140.192.207	200 OK	992 kB
URL User Request GET HTTP/2 fuzeclient.xyz/FilesClient/fix.zip IP 37.140.192.207:443 ASN #197695 Domain names registrar REG.RU, Ltd Certificate IssuerGlobalSign nv-sa Subjectwww.fuzeclient.xyz FingerprintE3:53:D6:B4:F1:B9:6A:32:75:59:67:7C:52:00:C5:75:76:21:2D:8F ValidityTue, 02 Apr 2024 02:21:34 GMT - Sat, 02 Nov 2024 02:21:34 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 992 kB (992025 bytes) Hash e7e111567837fcd9b1781f13b45376b4 c77ddf437fde9eda1fae78248798283ab5b0c9c1 f5c9c529e94d7bdb1105a709303a3d9ff35e530e3fc42fd064b0faba3624358e HTTP Headers `GET /FilesClient/fix.zip HTTP/1.1 Host: fuzeclient.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Tue, 23 Apr 2024 08:20:54 GMT content-type: application/zip content-length: 992025 last-modified: Fri, 12 Apr 2024 13:34:18 GMT etag: "6619385a-f2319" expires: Fri, 07 Jun 2024 08:20:54 GMT cache-control: max-age=3888000 accept-ranges: bytes X-Firefox-Spdy: h2`

fuzeclient.xyz/FilesClient/fix.zip

37.140.192.207

200 OK

992 kB

URL User Request GET HTTP/2
fuzeclient.xyz/FilesClient/fix.zip
IP
37.140.192.207:443
ASN
#197695 Domain names registrar REG.RU, Ltd

Certificate
IssuerGlobalSign nv-sa
Subjectwww.fuzeclient.xyz
FingerprintE3:53:D6:B4:F1:B9:6A:32:75:59:67:7C:52:00:C5:75:76:21:2D:8F
ValidityTue, 02 Apr 2024 02:21:34 GMT - Sat, 02 Nov 2024 02:21:34 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
992 kB (992025 bytes)
Hash
e7e111567837fcd9b1781f13b45376b4
c77ddf437fde9eda1fae78248798283ab5b0c9c1
f5c9c529e94d7bdb1105a709303a3d9ff35e530e3fc42fd064b0faba3624358e

HTTP Headers

GET /FilesClient/fix.zip HTTP/1.1
Host: fuzeclient.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 08:20:54 GMT
content-type: application/zip
content-length: 992025
last-modified: Fri, 12 Apr 2024 13:34:18 GMT
etag: "6619385a-f2319"
expires: Fri, 07 Jun 2024 08:20:54 GMT
cache-control: max-age=3888000
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (4)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers