Report - d18.dvdfab.cn/download/48_6237_eef497b6/streamfab

Report Overview

Visitedpublic

2025-05-19 14:38:29

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
d18.dvdfab.cn	unknown	2014-03-10	2020-05-23	2025-05-16	526 B	38 MB	104.18.28.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-05-19	medium	d18.dvdfab.cn/download/48_6237_eef497b6/streamfab_6237.exe	Detect pe file that no import table

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

d18.dvdfab.cn/download/48_6237_eef497b6/streamfab_6237.exe

IP / ASN

104.18.28.177

#13335 CLOUDFLARENET

File Overview

File TypePE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

Size38 MB (38124007 bytes)

MD5ae328b3fe66d256e0d47597ad4400343

SHA1876822953ccd83fe00cd4479879b518eda030931

SHA25683183e5476f5d0fecd4a0ef1bc4f0ce58e3dde7e3b246abd4463acb7570133d0

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET d18.dvdfab.cn/download/48_6237_eef497b6/streamfab_6237.exe

104.18.28.177

200 OK

38 MB

URL User Request GET HTTP

d18.dvdfab.cn/download/48_6237_eef497b6/streamfab_6237.exe

IP / ASN

104.18.28.177

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typePE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

First Seen2025-05-19

Last Seen2025-05-19

Times Seen1

Size38 MB (38124007 bytes)

MD5ae328b3fe66d256e0d47597ad4400343

SHA1876822953ccd83fe00cd4479879b518eda030931

SHA25683183e5476f5d0fecd4a0ef1bc4f0ce58e3dde7e3b246abd4463acb7570133d0

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table

HTTP Headers

GET /download/48_6237_eef497b6/streamfab_6237.exe HTTP/1.1
Host: d18.dvdfab.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 19 May 2025 14:37:57 GMT
content-type: application/octet-stream
content-length: 461639376
last-modified: Fri, 16 May 2025 14:17:30 GMT
etag: "682748fa-1b840ed0"
cf-cache-status: HIT
age: 253471
expires: Mon, 19 May 2025 18:37:57 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server-timing: cfCacheStatus;desc="HIT"
vary: Accept-Encoding
server: cloudflare
cf-ray: 942455d27dfe0b41-OSL
X-Firefox-Spdy: h2