Report - dl1a.gamedl.ru/download/z2wk1rv47ssbhqw11s6u652dq13cnlz7/H1/7999acdb89ade2fc33eeca6e69fd8c96508199f9e0da6b1f7865694423512f49/1168232/MSCLoader-147-1-2-14-1696524772.zip

Report Overview

Submitted URL
dl1a.gamedl.ru/download/z2wk1rv47ssbhqw11s6u652dq13cnlz7/H1/7999acdb89ade2fc33eeca6e69fd8c96508199f9e0da6b1f7865694423512f49/1168232/MSCLoader-147-1-2-14-1696524772.zip
IP
212.42.38.245
ASN
#50313 Teslatel LLC
Submitted
2024-03-29 13:31:09
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dl1a.gamedl.ru	unknown	2007-05-07	2018-07-07	2024-03-28	622 B	2.8 MB	212.42.38.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
dl1a.gamedl.ru/download/z2wk1rv47ssbhqw11s6u652dq13cnlz7/H1/7999acdb89ade2fc33eeca6e69fd8c96508199f9e0da6b1f7865694423512f49/1168232/MSCLoader-147-1-2-14-1696524772.zip
IP
212.42.38.245
ASN
#50313 Teslatel LLC

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
2.8 MB (2804440 bytes)
Hash
0f0e93827c4ed3535c2f28667467e372
6f3884883cd0f0ac207f26b8278c48e707a0c4d2
7999acdb89ade2fc33eeca6e69fd8c96508199f9e0da6b1f7865694423512f49

Archive (13)

Filename

Md5

File type

console.unity3d

1712c8abcfc56e9de9512c9600122938

data

settingsui.unity3d

fe4a953900b9f09e23ef589177b6c18e

data

Changelog.txt

112844d916581ef6e6ed020540027ebc

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

INIFileParser.dll

2e77f841dbf271fd1ffc460bfd87a1d5

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Ionic.Zip.dll

746f909970274c71991f63325ba3ab4e

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

License.txt

e62637ea8a114355b985fd86c9ffbd6e

ASCII text, with CRLF line terminators

Mono.Cecil.dll

16c4cb74628930724dd717da06f7bc69

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

MSCLoader.dll

aded379085b5c5d798203623d9cd266a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

MSCPatcher.exe

dac86c9906769ecce9fd749716c7354e

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Readme.txt

d5ffaaf166ae1fcba1a2e4e4530ab2db

ASCII text, with CRLF line terminators

References.zip

fac7de7fd560cb4f3ba7d7aad8073f3b

Zip archive data, at least v2.0 to extract, compression method=deflate

w32.dll

4af941b2c178a20e2976458aea63c70e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

w64.dll

b8f148f419e00d527d08a616b1ae71ab

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/64

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

dl1a.gamedl.ru/download/z2wk1rv47ssbhqw11s6u652dq13cnlz7/H1/7999acdb89ade2fc33eeca6e69fd8c96508199f9e0da6b1f7865694423512f49/1168232/MSCLoader-147-1-2-14-1696524772.zip

212.42.38.245

200 OK

2.8 MB

URL User Request GET HTTP/1.1
dl1a.gamedl.ru/download/z2wk1rv47ssbhqw11s6u652dq13cnlz7/H1/7999acdb89ade2fc33eeca6e69fd8c96508199f9e0da6b1f7865694423512f49/1168232/MSCLoader-147-1-2-14-1696524772.zip
IP
212.42.38.245:443
ASN
#50313 Teslatel LLC

Certificate
IssuerLet's Encrypt
Subjectvideo.playground.ru
FingerprintCC:75:95:2E:62:25:E4:3B:AE:31:9A:84:54:92:15:ED:8D:E0:D8:6B
ValidityTue, 13 Feb 2024 04:35:42 GMT - Mon, 13 May 2024 04:35:41 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
2.8 MB (2804440 bytes)
Hash
0f0e93827c4ed3535c2f28667467e372
6f3884883cd0f0ac207f26b8278c48e707a0c4d2
7999acdb89ade2fc33eeca6e69fd8c96508199f9e0da6b1f7865694423512f49

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/64

HTTP Headers

GET /download/z2wk1rv47ssbhqw11s6u652dq13cnlz7/H1/7999acdb89ade2fc33eeca6e69fd8c96508199f9e0da6b1f7865694423512f49/1168232/MSCLoader-147-1-2-14-1696524772.zip HTTP/1.1
Host: dl1a.gamedl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Fri, 29 Mar 2024 13:30:43 GMT
Content-Type: application/octet-stream
Content-Length: 2804440
Connection: keep-alive
Last-Modified: Sun, 12 Nov 2023 11:11:07 GMT
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (13)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers