Report - www.xbox-hq.com/uploads/sjohn/c-xboxtool205.zip

Report Overview

Submitted URL
www.xbox-hq.com/uploads/sjohn/c-xboxtool205.zip
IP
108.181.34.31
ASN
#40676 AS40676
Submitted
2024-05-08 11:44:49
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
5

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.xbox-hq.com	unknown	2002-10-19	2014-04-17	2023-10-24	501 B	3.4 MB	108.181.34.31

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.xbox-hq.com/uploads/sjohn/c-xboxtool205.zip
IP
108.181.34.31
ASN
#40676 AS40676

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
3.4 MB (3396747 bytes)
Hash
6e052b6c4268a2591a2c2cc8ed2e9d07
ac0345f7139d581e5c96ac020d89c3f5bb6a364a
ab947b2dd654eb62d60c24c3ba6839ae061e8a0aff2c3fb181fcb9fa88bfa7ad

Archive (31)

Filename

Md5

File type

aspi.zip

54dbe9ae62e936a9382dbd4bc0224fe4

Zip archive data, at least v1.0 to extract, compression method=store

Readme.txt

aa27658a128f6d920bfc1aa621568ff8

ASCII text, with CRLF line terminators

lang.clf

ec54134fcfcd5d763c98e79d9c64f769

Generic INItialization configuration [Nederlands]

XDIMaker.exe

7e3032edb5a1f2f5c852551cf8199937

PE32 executable (console) Intel 80386, for MS Windows, 4 sections

AMBIENT.WMA

836d854c16b822b1c05c1c38ef2b87d7

Microsoft ASF ASF_Stream_Bitrate_Properties_Object

BACKDIR.XBE

39341aaa58812f423c3415a9f439cf55

Microsoft Xbox executable: "" (000), all regions, signed

Dn.png

d1f414719208fce747cf454a5db59265

PNG image data, 46 x 12, 8-bit/color RGBA, non-interlaced

FONTB.XPR

66aa80c8cbb8977fa5df70a02a3b01c6

Microsoft Xbox XPR0 texture, format: ARGB8888

DEFAULT.XBE

0b5e6cca58366345eb0c5a6f3c272eb0

Microsoft Xbox executable: "C-XBox Multigame" (MA-22528) (regions: NA), signed

FONTN.XPR

4e5b16c4a4c512f48ebd89aff2fc2eaf

Microsoft Xbox XPR0 texture, format: ARGB8888

ICON1.PNG

6c9b2a4e2aabde1c47916cbf6eb13c6b

PNG image data, 400 x 300, 8-bit/color RGB, non-interlaced

LAUNCH.WAV

ae4e1587fde1d9d9893b81ffc53cca09

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 22050 Hz

MENU.WAV

15bdb0c4f39657cb786ce40a06962422

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 22050 Hz

ReDir.xbe

6e39ddfba17faf7aa43ef8c76a8d286e

Microsoft Xbox executable: "MenuX" (MA-22529), all regions, signed

SCREEN.PNG

004def35510c002f85e7c3fe2688b5ce

PNG image data, 640 x 480, 8-bit/color RGB, non-interlaced

Up.png

2a6d64112bafd74cc47fc4844cacb107

PNG image data, 46 x 12, 8-bit/color RGBA, non-interlaced

WAIT.PNG

b9ecf77f430da10b0d1d5c0b97e9f728

PNG image data, 640 x 480, 8-bit/color RGB, non-interlaced

DEFAULT.xbeback

1432e6e3cc16af43fa140fbcca8541dd

Microsoft Xbox executable: "MenuX" (MA-22528) (regions: NA), signed

MXM.xml

4bdbf0d3178733110df0d482b9c7950f

ASCII text, with CRLF line terminators

default.xbe

58108083e157f2354c12e5336d02bc41

Microsoft Xbox executable: "MediaXMenu" (17185), all regions, signed

ICON1.PNG

6c9b2a4e2aabde1c47916cbf6eb13c6b

PNG image data, 400 x 300, 8-bit/color RGB, non-interlaced

WAIT.PNG

b9ecf77f430da10b0d1d5c0b97e9f728

PNG image data, 640 x 480, 8-bit/color RGB, non-interlaced

SCREEN.PNG

004def35510c002f85e7c3fe2688b5ce

PNG image data, 640 x 480, 8-bit/color RGB, non-interlaced

menu.wav

15bdb0c4f39657cb786ce40a06962422

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 22050 Hz

launch.wav

ae4e1587fde1d9d9893b81ffc53cca09

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 22050 Hz

fontn.xpr

4e5b16c4a4c512f48ebd89aff2fc2eaf

Microsoft Xbox XPR0 texture, format: ARGB8888

fontb.xpr

66aa80c8cbb8977fa5df70a02a3b01c6

Microsoft Xbox XPR0 texture, format: ARGB8888

8PinMatrix.xpr

2d2602c463085f7732174b66f0eddf2b

Microsoft Xbox XPR0 texture, format: ARGB4444

MXM_Skin.xml

e61d98af0614aaf96ec2a2cc542ce652

HTML document, ASCII text, with CRLF line terminators

Cxboxtool.PNG

06f73e61e6168af2fda87bcdda5e14ca

PNG image data, 640 x 480, 8-bit/color RGB, non-interlaced

C-XBox Tool.exe

34f8b7b089d311345278df6c5854ea87

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_stackstrings
YARAhub by abuse.ch	malware	meth_stackstrings
VirusTotal	suspicious	VirusTotal - Scan result 4/66

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.xbox-hq.com/uploads/sjohn/c-xboxtool205.zip

108.181.34.31

200 OK

3.4 MB

URL User Request GET HTTP/1.1
www.xbox-hq.com/uploads/sjohn/c-xboxtool205.zip
IP
108.181.34.31:443
ASN
#40676 AS40676

Certificate
IssuercPanel, Inc.
Subjectxbox-hq.com
FingerprintA5:EC:89:58:64:72:F0:BC:04:9A:C5:AA:19:D8:F5:ED:8F:C5:D1:F9
ValidityWed, 01 May 2024 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
3.4 MB (3396747 bytes)
Hash
6e052b6c4268a2591a2c2cc8ed2e9d07
ac0345f7139d581e5c96ac020d89c3f5bb6a364a
ab947b2dd654eb62d60c24c3ba6839ae061e8a0aff2c3fb181fcb9fa88bfa7ad

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 4/66

HTTP Headers

GET /uploads/sjohn/c-xboxtool205.zip HTTP/1.1
Host: www.xbox-hq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 11:44:22 GMT
Server: Apache
Last-Modified: Sun, 20 Apr 2014 04:33:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 11:44:23 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (31)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers