Report Overview

  1. Submitted URL

    downloads.zdaemon.org/zdaemon11024_win32_bin.zip

  2. IP

    49.12.202.214

    ASN

    #24940 Hetzner Online GmbH

  3. Submitted

    2024-03-29 13:34:54

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    0

  4. Threat Detection Systems

    13

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
downloads.zdaemon.orgunknown2002-11-142012-11-102024-03-19

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    downloads.zdaemon.org/zdaemon11024_win32_bin.zip

  2. IP

    49.12.202.214

  3. ASN

    #24940 Hetzner Online GmbH

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=store

    Size

    16 MB (16133624 bytes)

  2. Hash

    1b3a476205715c5883bfb2fb70f56a63

    5666ae178bb9a361bb9aa960de5ed9502b7e9850

  1. Archive (60)

    2. FilenameMd5File type
    bots.cfg
    e8f2df9ef1874779f9aa969637bb1234
    		ASCII text, with CRLF line terminators
    bots.cfg.sample
    e8f2df9ef1874779f9aa969637bb1234
    		ASCII text, with CRLF line terminators
    _readme.txt
    b25c44deea63cfddf7181dc0025e7f7b
    		ASCII text, with CRLF line terminators
    _readme.txt
    8ee1e0c8253393c7d36e4021760b4a93
    		ASCII text, with CRLF line terminators
    apache20.txt
    c4082b6c254c9fb71136710391d9728b
    		ASCII text, with CRLF line terminators
    bsd.txt
    6414459a114bdc80ccda7ae3efec0758
    		ASCII text, with CRLF line terminators
    bsd3.txt
    a387c44059d456d7e0a2a4b9529f77fd
    		ASCII text
    buildlic.txt
    42f856a4420da3fd25f57633f99c849f
    		ASCII text, with CRLF line terminators
    doomlic.txt
    890b5c678b2fe6d3806ed23b49f22f19
    		ASCII text, with CRLF line terminators
    favicon.ico
    9fa2bee1d033f2a68ed68ebca8de7179
    		MS Windows icon resource - 1 icon, 32x32
    flac.txt
    a2c4b71c0198682376d483eb5bcc9197
    		ASCII text
    fmod.txt
    ef01b068ee5bde0b8f552def230c9a3c
    		ISO-8859 text
    getwad.txt
    f0570d68b09c39741f641e2db40a0c9a
    		ASCII text
    history-104-105.txt
    1b2bcfd4cd26e40709361b3ebc29260e
    		ASCII text, with CRLF line terminators
    history-105-106.txt
    6aa2e9de0d55813408be2fdfa2d154e3
    		ASCII text, with CRLF line terminators
    history-106-107.txt
    bf5d186947c75410799261ea7b1ca430
    		ASCII text, with CRLF line terminators
    history-107-108.txt
    28d707de2850397f63df3c72de78d605
    		ASCII text, with CRLF line terminators
    history-108-109.txt
    93bdca6cab3abebfbf9c5040126d89e4
    		ASCII text, with CRLF line terminators
    history-109-110.txt
    a468f59ad5cd9c827acc44a06aca382c
    		ASCII text, with CRLF line terminators
    history-110-111.txt
    cc763072617aa6235cdd05ef3ed12f06
    		ASCII text
    history-launcher.txt
    2f4e5b8cf54dedea89a62e909839a2ca
    		ASCII text, with CRLF line terminators
    history-zswizard.txt
    a8b869f546ed84a75808a20c52179a28
    		ASCII text, with CRLF line terminators
    outer-bottom.gif
    024f9910ae45e5f2a5bbbedcd7181a83
    		GIF image data, version 89a, 944 x 67
    outer-tile.gif
    8c404175614be47d62a138c9bd509bdf
    		GIF image data, version 89a, 944 x 2
    outer-top.gif
    f529ce2983cc51418285fb0b6aea25e3
    		GIF image data, version 89a, 944 x 176
    print-logo.gif
    89fc9af3a28ea0fe313f4086c6772716
    		GIF image data, version 89a, 375 x 102
    lgpl.txt
    7266a93b753b03bc5f00522e65722b79
    		ASCII text, with CRLF line terminators
    libcurl-COPYING.txt
    190c514872597083303371684954f238
    		ASCII text
    mame.txt
    bea2a685911376dcd8b7807367f43b01
    		ASCII text
    miniupnp.txt
    5216bc06189a84418f342c208aa25a4c
    		ASCII text
    readme.htm
    031074d01b0feac4826e37c8846b4184
    		HTML document, ASCII text, with CRLF line terminators
    speex.txt
    589636b99cb7b72c95abc0dbe65f7f87
    		ASCII text, with CRLF line terminators
    zdcss-print.css
    867439d00c0ae9c623fd7ff2aaa8005a
    		ASCII text, with CRLF line terminators
    zdcss-screen.css
    90478999ef1d9fb6917ec095969a0a5e
    		ASCII text, with CRLF line terminators
    zlib.txt
    a89db21428a0c589aa050f6c4e36649b
    		ASCII text
    fmod.dll
    b8d0cce2ca1cc850c8c6f25a70d855e6
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections
    fmopl.dll
    11608e4b4c91b46703f878e0a357f665
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
    gme.dll
    23a96f3b20febdd2de7478d9e6e9867a
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
    ip2c.dll
    e687cbe2cf77059c6606d86e4e3e2032
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections
    iwadpatcher.dll
    7f76dc415153bf3a39f3ee8eb04ee1aa
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
    iwadpatcher.exe
    ec57cad4d4aa7978010b687c562b8e85
    		PE32 executable (console) Intel 80386, for MS Windows, 3 sections
    libcurl.dll
    c84fa1c6c80ba53808000789053a007b
    		PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 11 sections
    _readme.txt
    24cfbcbca521a469a59461595d335024
    		ASCII text, with CRLF line terminators
    _readme.txt
    28f14ac690c0e19f03ccb4f0dd3d3ed5
    		ASCII text, with CRLF line terminators
    _readme.txt
    e9bbd7455761ca990389dfbae966a21f
    		ASCII text, with CRLF line terminators
    wbatch.exe
    86e5f6de19de122cce143a3cbfd3f173
    		PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
    zdaemon.exe
    c117ef74fe95d2e352c34d6c16d7694e
    		PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
    zdaemon.wad
    5bf57b3964b68020c0a284d260dbe975
    		doom patch PWAD data containing 515 lumps
    zddemotool.exe
    2d1e5a40f5522c010b5ea32d794e6e96
    		PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
    zlauncher.chm
    daaa0627575676eb5dc524317c1c15b6
    		MS Windows HtmlHelp Data
    zlauncher.exe
    46f9010190dd490984a43c362efe5e8f
    		PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
    zrc.chm
    0972b27a65b9f5c1f5e9717f099eba1c
    		MS Windows HtmlHelp Data
    zrc.dll
    b2b454da5e70341225b4b68d40198ba7
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
    zrc.exe
    af530b12849691af031f47392b0c3601
    		PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
    zserv.cfg
    67cc26dd624deef15915ccffb1ecfa06
    		ASCII text, with CRLF line terminators
    zserv.cfg.sample
    67cc26dd624deef15915ccffb1ecfa06
    		ASCII text, with CRLF line terminators
    zserv32.exe
    53c5f9b41d80d434a868a6eadfec1f56
    		PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
    zsmon.exe
    4732d96e05214405d0350330eaf66138
    		PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
    zsparms
    13ab1eec034a476df9b79ed77f988663
    		ASCII text
    zswizard.exe
    f3177b16628cb2f238a0d5ce133b4a71
    		PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
downloads.zdaemon.org/zdaemon11024_win32_bin.zip
49.12.202.214200 OK16 MB