Report - kb2xi.schwingsk.net/Keyboard2Xinput-1.2.3.zip

Report Overview

Submitted URL
kb2xi.schwingsk.net/Keyboard2Xinput-1.2.3.zip
IP
37.187.111.89
ASN
#16276 OVH SAS
Submitted
2024-04-16 12:55:37
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
kb2xi.schwingsk.net	unknown	2012-11-04	2019-07-10	2024-03-12	499 B	436 kB	37.187.111.89

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
kb2xi.schwingsk.net/Keyboard2Xinput-1.2.3.zip
IP
37.187.111.89
ASN
#16276 OVH SAS

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
436 kB (435557 bytes)
Hash
da8c31c604674f1b9f3f4aa4a595496b
a44aa14ca4e261be30e93156e8c99b5ca3c66752
3df753f5e73d98bedc7e41929d961d8c5cebe3797da28d59d9f1604b44e4ba71

Archive (28)

Filename

Md5

File type

doc\samples\

d41d8cd98f00b204e9800998ecf8427e

doc\CHANGELOG.html

41d58f10dee638c5655b7c2ebb6fc90d

HTML document, ASCII text, with CRLF line terminators

doc\html.css

19cf351ca166fcb00e8339bddf7afffd

ASCII text, with very long lines (8209)

doc\README.html

7d69c104d7c5c95927a6f1aed885dc0d

HTML document, ASCII text, with very long lines (454), with CRLF line terminators

doc\virtualKeyNames.html

dde5e90989d6070e6dc22bd2ff76dd59

HTML document, ASCII text, with CRLF line terminators

doc\samples\mappings\

d41d8cd98f00b204e9800998ecf8427e

doc\samples\AHKscripts\pacmanMuseum.ahk

7bbca96c3479a368be34b0d95e4382c8

ASCII text

doc\samples\AHKscripts\steamXinput.ahk

9027cef851e4d3fb733fc31637854a2f

Unicode text, UTF-8 (with BOM) text

doc\samples\mappings\I-PAC2\mapping.ini

6e13d8b02b70d82797dc245c8a981c04

Unicode text, UTF-8 (with BOM) text

doc\samples\mappings\I-PAC4\mapping.ini

7040ff654941045832507aa2fb1ace2f

Unicode text, UTF-8 (with BOM) text

doc\samples\mappings\Multiple\mapping.ini

a7e37f0c9d6386b3f9a8f2780f2cdb8d

Unicode text, UTF-8 (with BOM) text

doc\samples\mappings\Multiple\mapping1.ini

ebafe71610f1cc2fdef8f6263619c262

Unicode text, UTF-8 (with BOM) text

samples\mappings\

d41d8cd98f00b204e9800998ecf8427e

samples\AHKscripts\pacmanMuseum.ahk

7bbca96c3479a368be34b0d95e4382c8

ASCII text

samples\AHKscripts\steamXinput.ahk

9027cef851e4d3fb733fc31637854a2f

Unicode text, UTF-8 (with BOM) text

samples\mappings\I-PAC2\mapping.ini

6e13d8b02b70d82797dc245c8a981c04

Unicode text, UTF-8 (with BOM) text

samples\mappings\I-PAC4\mapping.ini

7040ff654941045832507aa2fb1ace2f

Unicode text, UTF-8 (with BOM) text

samples\mappings\Multiple\mapping.ini

a7e37f0c9d6386b3f9a8f2780f2cdb8d

Unicode text, UTF-8 (with BOM) text

samples\mappings\Multiple\mapping1.ini

ebafe71610f1cc2fdef8f6263619c262

Unicode text, UTF-8 (with BOM) text

INIFileParser.dll

2e77f841dbf271fd1ffc460bfd87a1d5

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Keyboard2XinputLib.dll

30f76743edd6621b2c91c79b8cd5bd73

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

log4net.dll

27fe8d18682fd9901e589e65ef429b23

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Nefarius.ViGEm.Client.dll

7722f666fa9b725071cb2f97a11a2035

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

RawInput.Sharp.dll

52f7833990e5c8ce340dd4375b89ae82

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Runtime.InteropServices.RuntimeInformation.dll

82deb78891f430007e871a35ce28fac4

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Keyboard2XinputGui.exe

f9663457f8293904a59e186d2b7dda84

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Keyboard2XinputGui.exe.config

a4e1c7da9c1fa1b32ffe957181e13c5d

XML 1.0 document, ASCII text

mapping.ini

6e13d8b02b70d82797dc245c8a981c04

Unicode text, UTF-8 (with BOM) text

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	kb2xi.schwingsk.net/Keyboard2Xinput-1.2.3.zip	37.187.111.89	200 OK	436 kB
URL User Request GET HTTP/1.1 kb2xi.schwingsk.net/Keyboard2Xinput-1.2.3.zip IP 37.187.111.89:443 ASN #16276 OVH SAS Certificate IssuerLet's Encrypt Subjectkb2xi.schwingsk.net FingerprintEA:54:9F:7A:E5:13:B2:74:D2:55:98:AE:30:41:B6:CC:82:C4:9A:F4 ValidityTue, 12 Mar 2024 07:39:33 GMT - Mon, 10 Jun 2024 07:39:32 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 436 kB (435557 bytes) Hash da8c31c604674f1b9f3f4aa4a595496b a44aa14ca4e261be30e93156e8c99b5ca3c66752 3df753f5e73d98bedc7e41929d961d8c5cebe3797da28d59d9f1604b44e4ba71 HTTP Headers `GET /Keyboard2Xinput-1.2.3.zip HTTP/1.1 Host: kb2xi.schwingsk.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.10.3 Date: Tue, 16 Apr 2024 12:55:11 GMT Content-Type: application/zip Content-Length: 435557 Last-Modified: Fri, 05 Apr 2024 16:36:07 GMT Connection: keep-alive ETag: "66102877-6a565" Accept-Ranges: bytes`

kb2xi.schwingsk.net/Keyboard2Xinput-1.2.3.zip

37.187.111.89

200 OK

436 kB

URL User Request GET HTTP/1.1
kb2xi.schwingsk.net/Keyboard2Xinput-1.2.3.zip
IP
37.187.111.89:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subjectkb2xi.schwingsk.net
FingerprintEA:54:9F:7A:E5:13:B2:74:D2:55:98:AE:30:41:B6:CC:82:C4:9A:F4
ValidityTue, 12 Mar 2024 07:39:33 GMT - Mon, 10 Jun 2024 07:39:32 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
436 kB (435557 bytes)
Hash
da8c31c604674f1b9f3f4aa4a595496b
a44aa14ca4e261be30e93156e8c99b5ca3c66752
3df753f5e73d98bedc7e41929d961d8c5cebe3797da28d59d9f1604b44e4ba71

HTTP Headers

GET /Keyboard2Xinput-1.2.3.zip HTTP/1.1
Host: kb2xi.schwingsk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Tue, 16 Apr 2024 12:55:11 GMT
Content-Type: application/zip
Content-Length: 435557
Last-Modified: Fri, 05 Apr 2024 16:36:07 GMT
Connection: keep-alive
ETag: "66102877-6a565"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (28)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers