Report - spaces.im/files/download/htz-cs05/file/f/082190034007062173245046068056143003122009057013148229123011/1736711652/27868048/0/a03976a15ca2aa1952a037c3ccf97287/Prehistoric_Park

Report Overview

Visited public
2025-01-12 19:55:22
Tags
Submit Tags
URL
spaces.im/files/download/htz-cs05/file/f/082190034007062173245046068056143003122009057013148229123011/1736711652/27868048/0/a03976a15ca2aa1952a037c3ccf97287/Prehistoric_Park_Rus-world79.spcs.bio.jar
Finishing URL
about:privatebrowsing
IP / ASN
62.197.48.110
#58061 Scalaxy B.V.
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
spaces.im	355345	unknown	2020-01-16	2025-01-10	652 B	731 B	62.197.48.110
download2.spac.me	unknown	2015-04-03	2024-10-31	2025-01-11	636 B	287 kB	54.38.243.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
download2.spac.me/cs05/f/082190034007062173245046068056143003122009057013148229123011/1736711652/27868048/0/a03976a15ca2aa1952a037c3ccf97287/Prehistoric_Park_Rus-world79.spcs.bio.jar
IP
54.38.243.106
ASN
#16276 OVH SAS

File type
Zip archive data, at least v1.0 to extract, compression method=deflate
Size
286 kB (286338 bytes)
Hash
a03976a15ca2aa1952a037c3ccf97287
d9dbefe61f41d06909baec133cfc1182c2d3d2a0
d1d4ef217c82e9a02952fa991409ac8e81d0a53ec4af5b002a9fab33688d6959

Archive (21)

Filename

Md5

File type

MANIFEST.MF

9ea4b053c45816afa9f9645f06c0ec13

JAR Manifest, ASCII text, with CRLF line terminators

entry.mid

d2d304c83fbf08c8ed4b6e0c841a10a4

Standard MIDI data (format 1) using 5 tracks at 1/120

a.class

dd514e6ebe213a97bb548b31cb2de7bc

compiled Java class data, version 45.3

arr.dat

a3796b44be5a2f0b9da964e8ddf99a23

Targa image data - Mono 65536 x 4 x 1 +257 +257 - 1-bit alpha ""

arrsi.dat

2a41384696fff0bf553c658f9df06296

data

b.class

fe79fdbfbf51d4ea95c10e4ee088e417

compiled Java class data, version 45.3

c.class

e477d4f5d0352fd152770c264b2c0080

compiled Java class data, version 45.3

d.class

f5704bc1fa7dbce3642bf3d87f4a4322

compiled Java class data, version 45.3

e.class

d4e29d44619d30782c28b015ad5c6030

compiled Java class data, version 45.3

gpack0.dat

95f193411b8670c6ce9a76ccc5bb0aaa

data

gpack1.dat

4271243410d9da57dff9e9ae12305e90

data

gpack2.dat

26dbb3ffbb1adb4bdd383756e0c923a5

data

helptext.da0

cb0c793dfa0aa699078144fe10ce9c23

data

icon.png

5ba69d1cadf263260a7ccf1c3c22a4aa

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x142, components 3

Opera.lnk

fc3420ce93305eb56abed83b21d30b26

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Unicoded, MachineID home-078a895940, Archive, ctime=Wed Apr 28 11:45:50 2010, atime=Mon May 3 15:48:14 2010, mtime=Wed Apr 28 11:45:50 2010, length=835952, window=normal, IDListSize 0x00f1, Root folder "20D04FE0-3AEA-1069-A2D8-08002B30309D", Volume "C:\", LocalBasePath "C:\Program Files\Opera\opera.exe"

Park.class

93cbb69504678764561dc055724d149b

compiled Java class data, version 45.3

splash0.png

b7bfda87f22e4772f581e17bc533aa0c

PNG image data, 250 x 332, 8-bit/color RGB, non-interlaced

splash1.png

ec6d7f0456568517e9492472522043e4

PNG image data, 104 x 68, 8-bit colormap, non-interlaced

splash2.png

833be65cfc3ba9df2d498d70a7a54fdd

PNG image data, 240 x 320, 8-bit/color RGB, non-interlaced

text.da0

e8979d8ea90783e66555b5154b7ff811

ISO-8859 text, with very long lines (1076), with no line terminators

warntext.da0

91b3946e799daae1961d4c5e02baf09e

ISO-8859 text, with very long lines (2554), with no line terminators

Detections

Analyzer	Verdict	Alert
Public InfoSec YARA rules	malware	Identifies executable artefacts in shortcut (LNK) files.

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	GET spaces.im/files/download/htz-cs05/file/f/082190034007062173245046068056143003122009057013148229123011/1736711652/27868048/0/a03976a15ca2aa1952a037c3ccf97287/Prehistoric_Park_Rus-world79.spcs.bio.jar	62.197.48.110	302 Found	0 B
URL User Request GET HTTP/1.1 spaces.im/files/download/htz-cs05/file/f/082190034007062173245046068056143003122009057013148229123011/1736711652/27868048/0/a03976a15ca2aa1952a037c3ccf97287/Prehistoric_Park_Rus-world79.spcs.bio.jar IP 62.197.48.110:443 ASN #58061 Scalaxy B.V. Certificate IssuerLet's Encrypt Subjectspaces.im Fingerprint83:16:5B:AE:3F:73:71:0E:59:3A:ED:7A:71:58:3B:58:59:33:64:52 ValidityMon, 02 Dec 2024 16:52:22 GMT - Sun, 02 Mar 2025 16:52:21 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /files/download/htz-cs05/file/f/082190034007062173245046068056143003122009057013148229123011/1736711652/27868048/0/a03976a15ca2aa1952a037c3ccf97287/Prehistoric_Park_Rus-world79.spcs.bio.jar HTTP/1.1 Host: spaces.im User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx/1.25.4 Date: Sun, 12 Jan 2025 19:38:44 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Expires: Thu, 19 Nov 1981 08:52:00 GMT Vary: User-Agent Cache-Control: max-age=3600, no-cache, must-revalidate Pragma: no-cache X-Frame-Options: deny Set-Cookie: sid=rEaihCQivmCllgDE9mns; domain=.spaces.im; path=/; expires=Mon, 12-Jan-2026 19:54:57 GMT; SameSite=Lax gid=383627137; domain=.spaces.im; path=/; expires=Mon, 12-Jan-2026 19:54:57 GMT; SameSite=Lax Location: https://download2.spac.me/cs05/f/082190034007062173245046068056143003122009057013148229123011/1736711652/27868048/0/a03976a15ca2aa1952a037c3ccf97287/Prehistoric_Park_Rus-world79.spcs.bio.jar

	GET download2.spac.me/cs05/f/082190034007062173245046068056143003122009057013148229123011/1736711652/27868048/0/a03976a15ca2aa1952a037c3ccf97287/Prehistoric_Park_Rus-world79.spcs.bio.jar	54.38.243.106	200 OK	286 kB
URL User Request GET HTTP/1.1 download2.spac.me/cs05/f/082190034007062173245046068056143003122009057013148229123011/1736711652/27868048/0/a03976a15ca2aa1952a037c3ccf97287/Prehistoric_Park_Rus-world79.spcs.bio.jar IP 54.38.243.106:443 ASN #16276 OVH SAS Certificate IssuerLet's Encrypt Subjectdownload.spac.me Fingerprint7B:64:B7:05:0C:C8:8B:53:D1:D2:91:B5:49:09:28:93:56:09:C8:FD ValiditySun, 29 Dec 2024 06:18:51 GMT - Sat, 29 Mar 2025 06:18:50 GMT File type Zip archive data, at least v1.0 to extract, compression method=deflate Size 286 kB (286338 bytes) Hash a03976a15ca2aa1952a037c3ccf97287 d9dbefe61f41d06909baec133cfc1182c2d3d2a0 d1d4ef217c82e9a02952fa991409ac8e81d0a53ec4af5b002a9fab33688d6959 HTTP Headers GET /cs05/f/082190034007062173245046068056143003122009057013148229123011/1736711652/27868048/0/a03976a15ca2aa1952a037c3ccf97287/Prehistoric_Park_Rus-world79.spcs.bio.jar HTTP/1.1 Host: download2.spac.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Sun, 12 Jan 2025 19:54:58 GMT Content-Type: application/java-archive Content-Length: 286338 Connection: keep-alive Last-Modified: Tue, 21 Feb 2012 17:07:45 GMT ETag: "4f43cf61-45e82" Accept-Ranges: bytes`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (21)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers