Report - drv.dns-shop.ru/1.%20drivers/1.%20drivers/Laptop/ArdorGaming/5082627,5082628/HID.zip

Report Overview

Submitted URL
drv.dns-shop.ru/1.%20drivers/1.%20drivers/Laptop/ArdorGaming/5082627,5082628/HID.zip
IP
193.17.93.93
ASN
#210756 EdgeCenter LLC
Submitted
2024-04-16 11:49:06
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
drv.dns-shop.ru	unknown	2006-09-26	2023-03-27	2024-04-09	538 B	1.2 MB	193.17.93.93

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
drv.dns-shop.ru/1.%20drivers/1.%20drivers/Laptop/ArdorGaming/5082627,5082628/HID.zip
IP
193.17.93.93
ASN
#210756 EdgeCenter LLC

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.2 MB (1230698 bytes)
Hash
daddf53ed32ed23c7a1ef113a276a829
3fc23b5b8c8d3bee0afac31263744a1753b8e39a
0a51d052dda7eebe4a548d5bca52e1937580c47fa331e15b44c855e849072316

Archive (68)

Filename

Md5

File type

DIFxAPI.dll

0d34eac4381f959aa6c2d369e84477bc

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

9b08aba59a47628b1d02adbde4bbeb34

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

586d3844dcb6b00ebe6fcdc79c7a5a83

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

91e8fd3537f8a3b289992f3b6420838f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

b2a7cbf52ba39763fb40d86b67750826

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

6cee93be303ef17d96b9d8322ff4a1fc

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

120897456a9aa5603630b398a67cb37e

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

2d859a9c82dc8ce9d58ff6ccfbe9b528

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

d6a3e097584c093c657a53d3b9dbc072

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

2e8f4c507d915769c64271861049b6d4

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

279e195fed484041d7b07980dc395734

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

a6ae37c3a4a10810d9f349d92c794829

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

6f3a53f6f9e0d8f5cd71f6d4af71401c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

b06fd293382af467b83ffab5dad8cd4f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

Setup.exe.dll

c3f84dd1e4f0defec9894ecd8b75978c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

3343dbc0bfb744285bf36118a1a61729

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

c0387a01a53e0f0c862b0073d264fde5

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

cdcd54c85bad8744cce20798ab3138be

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

8378c55d004f3478fbc2e3bda2ea0a63

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

374591b4ea5f1f1b675d2db9d0cfb461

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

01206f259d52224814ffd5b2b04f62b0

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

33a84e620a4e01a41376a636e62da490

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

3017a24d866da04ee2f4d200c116c2d2

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

45e37cba619a343784264904a4ab562d

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

886277f4a4a39c09388484fba390aa46

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

c80884b3cd46e987d75cc15360835781

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

90688c235a3614a40ef7376388c03a78

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

setup.exe.dll

581e8854c850156eb64f45aef5cc9087

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

Setup.exe.dll

e9fd91677e5b2ead778ad97da29a6bdd

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

license.txt

ae2001b743fe05b6a7635b288f23b036

Unicode text, UTF-16, little-endian text, with very long lines (1505), with CRLF line terminators

Setup.exe.dll

db6fc10bcb78079c9ba756b37127aed9

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 2 sections

mup.xml

74333d06b78eafa449a5a4ee22c2c1f4

XML 1.0 document, ASCII text, with CRLF line terminators

hideventfilter.cat

8826c56542abd1d8d7d442d4f39c6fe4

DER Encoded PKCS#7 Signed Data

HidEventFilter.inf

1a27aec0a10b2f9c1180a8a99ed35c81

Windows setup INFormation

HidEventFilter.sys

8e0159e90cc428918b305be5432c99d8

PE32+ executable (native) x86-64, for MS Windows, 7 sections

Setup.cfg

54ad8deba434f2cfeb6eb36cb484383a

ASCII text, with CRLF line terminators

Setup.exe

d6c6eef009ce50faf2226923e6c239ce

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

setup.if2

97bab449198bf893a998c40bdfb786a3

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

DIFxAPI.dll

9495b07f33ded991c65d9b04945d44c5

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

Drv64.exe

0c2f4467b3e3d2f945cf2a96fdd5c5e4

PE32+ executable (GUI) x86-64, for MS Windows, 7 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

drv.dns-shop.ru/1.%20drivers/1.%20drivers/Laptop/ArdorGaming/5082627,5082628/HID.zip

193.17.93.93

200 OK

1.2 MB

URL User Request GET HTTP/2
drv.dns-shop.ru/1.%20drivers/1.%20drivers/Laptop/ArdorGaming/5082627,5082628/HID.zip
IP
193.17.93.93:443
ASN
#210756 EdgeCenter LLC

Certificate
IssuerGlobalSign nv-sa
Subject*.dns-shop.ru
Fingerprint60:1B:CD:BC:F4:12:1A:0E:F9:9B:29:95:E3:5E:CA:0A:99:D9:89:D0
ValidityTue, 06 Jun 2023 01:21:03 GMT - Sun, 07 Jul 2024 01:21:02 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.2 MB (1230698 bytes)
Hash
daddf53ed32ed23c7a1ef113a276a829
3fc23b5b8c8d3bee0afac31263744a1753b8e39a
0a51d052dda7eebe4a548d5bca52e1937580c47fa331e15b44c855e849072316

HTTP Headers

GET /1.%20drivers/1.%20drivers/Laptop/ArdorGaming/5082627,5082628/HID.zip HTTP/1.1
Host: drv.dns-shop.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:48:39 GMT
content-type: application/octet-stream
content-length: 1230698
etag: "daddf53ed32ed23c7a1ef113a276a829"
last-modified: Mon, 06 Mar 2023 00:56:16 GMT
x-amz-meta-s3b-last-modified: 20230303T010512Z
x-amz-meta-sha256: 0a51d052dda7eebe4a548d5bca52e1937580c47fa331e15b44c855e849072316
x-amz-request-id: 8498fc17d2fb03e4
cache: MISS
x-node: m9p-up-gc87
accept-ranges: bytes
X-Firefox-Spdy: h2