Report - globalhax.com/api/l04d/Upd4t3/GH.exe

Report Overview

Visitedpublic

2025-01-20 22:30:39

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
globalhax.com	unknown	2023-08-06	2017-04-23	2025-01-20	490 B	1.6 MB	104.21.16.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-01-20 22:30:26	high	Client IP	193.19.106.174	ET PHISHING Generic Phishkit Activity (GET)
2025-01-20 22:30:29	high	Client IP	193.19.106.174	ET PHISHING Generic Phishkit Activity (GET)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

globalhax.com/api/l04d/Upd4t3/GH.exe

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

File Overview

File TypePE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 5 sections

Size1.6 MB (1628160 bytes)

MD5f63fc4d8353c83e424aaa93a629c233d

SHA1b94e1b707d2c1f99a4b524b222beada407381220

SHA2567bdd6025971764d528c54918509286494f657bd7ce5b924e9f6a14164a4585f7

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	GET globalhax.com/api/l04d/Upd4t3/GH.exe	104.21.16.1	200 OK	1.6 MB
URL User Request GET HTTPS globalhax.com/api/l04d/Upd4t3/GH.exe IP / ASN 104.21.16.1 #13335 CLOUDFLARENET Requested byN/A Resource Info File typePE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 5 sections First Seen2025-01-20 Last Seen2025-01-20 Times Seen1 Size1.6 MB (1628160 bytes) MD5f63fc4d8353c83e424aaa93a629c233d SHA1b94e1b707d2c1f99a4b524b222beada407381220 SHA2567bdd6025971764d528c54918509286494f657bd7ce5b924e9f6a14164a4585f7 Certificate Info IssuerGoogle Trust Services Subjectglobalhax.com Fingerprint4A:FE:9D:98:9E:0D:A1:55:F1:FA:24:76:A1:9F:EB:2F:7B:45:32:87 ValidityThu, 09 Jan 2025 00:51:53 GMT - Wed, 09 Apr 2025 01:50:29 GMT HTTP Headers `GET /api/l04d/Upd4t3/GH.exe HTTP/1.1 Host: globalhax.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 20 Jan 2025 22:30:14 GMT content-type: application/x-msdownload content-length: 1628160 last-modified: Thu, 16 Jan 2025 02:29:37 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJrflVejdd2NtbVTn3qxPcQMlNu5F3se%2B%2FBqdUVU4y7VeJLoi2QSt%2FfLLP8ZoVFYiEAGmkNUTwdSgovYgbjcyVCeKQJbPskitr1CpUxgTolz50RlWVRg1LNJV6p%2F8M10"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 905282025f4b1bfe-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=6533&min_rtt=471&rtt_var=10984&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1132&delivery_rate=7581151&cwnd=254&unsent_bytes=0&cid=5b8a1bf022378b53&ts=589&x=0" X-Firefox-Spdy: h2

GET globalhax.com/api/l04d/Upd4t3/GH.exe

104.21.16.1

200 OK

1.6 MB

URL User Request GET HTTPS

globalhax.com/api/l04d/Upd4t3/GH.exe

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typePE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 5 sections

First Seen2025-01-20

Last Seen2025-01-20

Times Seen1

Size1.6 MB (1628160 bytes)

MD5f63fc4d8353c83e424aaa93a629c233d

SHA1b94e1b707d2c1f99a4b524b222beada407381220

SHA2567bdd6025971764d528c54918509286494f657bd7ce5b924e9f6a14164a4585f7

Certificate Info

IssuerGoogle Trust Services

Subjectglobalhax.com

Fingerprint4A:FE:9D:98:9E:0D:A1:55:F1:FA:24:76:A1:9F:EB:2F:7B:45:32:87

ValidityThu, 09 Jan 2025 00:51:53 GMT - Wed, 09 Apr 2025 01:50:29 GMT

HTTP Headers

GET /api/l04d/Upd4t3/GH.exe HTTP/1.1
Host: globalhax.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 20 Jan 2025 22:30:14 GMT
content-type: application/x-msdownload
content-length: 1628160
last-modified: Thu, 16 Jan 2025 02:29:37 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJrflVejdd2NtbVTn3qxPcQMlNu5F3se%2B%2FBqdUVU4y7VeJLoi2QSt%2FfLLP8ZoVFYiEAGmkNUTwdSgovYgbjcyVCeKQJbPskitr1CpUxgTolz50RlWVRg1LNJV6p%2F8M10"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 905282025f4b1bfe-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6533&min_rtt=471&rtt_var=10984&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1132&delivery_rate=7581151&cwnd=254&unsent_bytes=0&cid=5b8a1bf022378b53&ts=589&x=0"
X-Firefox-Spdy: h2