Report Overview

  1. Visited public
    2025-05-08 19:03:52
    Tags
  2. URL

    danzogit.github.io/dy/zapret-all-1.7.1.zip

  3. Finishing URL

    about:privatebrowsing

  4. IP / ASN
    185.199.108.153

    #54113 FASTLY

    Title
    about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
danzogit.github.iounknown2013-03-082025-04-262025-05-08

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    danzogit.github.io/dy/zapret-all-1.7.1.zip

  2. IP

    185.199.110.153

  3. ASN

    #54113 FASTLY

  1. File type

    Zip archive data, at least v1.0 to extract, compression method=store

    Size

    2.1 MB (2107784 bytes)

  2. Hash

    31b112a234885b3b38c71dd60fcb21bb

    501c724116977a7f0a0b4a142b1c9980f5e5cdb1

  1. Archive (30)

    2. FilenameMd5File type
    1_general1.bat
    4017d302aa185eafa6a91f1967cd6c1f
    		DOS batch file, ASCII text
    2_general2.bat
    fe398c1dc9577092907090a2a511a468
    		DOS batch file, ASCII text
    cygwin1.dll
    a1c82ed072dc079dd7851f82d9aa7678
    		PE32+ executable (DLL) (console) x86-64, for MS Windows, 14 sections
    quic_initial_www_google_com.bin
    312526d39958d89b1f8ab67789ab985f
    		data
    tls_clienthello_www_google_com.bin
    7ab7ad857c5b8794fbdf1091b494dc94
    		data
    tls_earth_google_com.bin
    6b7843ae5fce01fde6d5520c5f44082e
    		data
    WinDivert.dll
    b2014d33ee645112d5dc16fe9d9fcbff
    		PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections
    WinDivert64.sys
    89ed5be7ea83c01d0de33d3519944aa5
    		PE32+ executable (native) x86-64, for MS Windows, 8 sections
    winws.exe
    4d3bf0f712d48e14d4d3de7c717dc856
    		PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections
    cloudflare_switch.bat
    b5e7bfbc31f4687d40428102bf3b2b6e
    		DOS batch file, ASCII text
    general (ALT).bat
    b51d6ee8e29c9633d5bb43c19217cbd7
    		DOS batch file, ASCII text
    general (ALT2).bat
    54f0b216c41149934f30ee044db5d43f
    		DOS batch file, ASCII text
    general (ALT3).bat
    995ca449aae1a2836270f637f3187952
    		DOS batch file, ASCII text
    general (ALT4).bat
    80cf2fea13f4f7b20da00a860c2362f6
    		DOS batch file, ASCII text
    general (ALT5).bat
    2b0a8e417b2426e219b3e3df9bebbb54
    		DOS batch file, ASCII text
    general (FAKE TLS MOD ALT).bat
    1222f3cce28e6fe903399a2aefd56e12
    		DOS batch file, ASCII text
    general (FAKE TLS MOD AUTO).bat
    65b5ac0439a336518c29ed4337ba888c
    		DOS batch file, ASCII text
    general (FAKE TLS MOD).bat
    d3f7f517de86f88157b1f971d90f7e29
    		DOS batch file, ASCII text
    general (����).bat
    47a2c4b233cea215ea211cd989393441
    		DOS batch file, ASCII text
    general (����2).bat
    1125f0ec1698a151669471daac754f13
    		DOS batch file, ASCII text
    ipset-cloudflare.txt
    3c49a0e8b9ba6b97af6e08c15b8b877b
    		ASCII text, with CRLF line terminators
    list-general.txt
    37914ad379c003a37d5f7f22c2d6148d
    		ASCII text, with CRLF line terminators
    old_general.bat
    34c3721da77f12eebbf826c92eefa641
    		DOS batch file, ASCII text, with CRLF line terminators
    old_general2.bat
    772dd5d369afc6e227a1af4eea7d9901
    		DOS batch file, ASCII text, with CRLF line terminators
    old_general3.bat
    8f221c9083de34eae48b2950fa7dc3b3
    		DOS batch file, ASCII text, with CRLF line terminators
    old_general4.bat
    a48c74eb2a588018d6f654eb01636eec
    		DOS batch file, ASCII text, with CRLF line terminators
    old_general5.bat
    a61579b285ab5ab2c030a3051fef3025
    		DOS batch file, ASCII text, with CRLF line terminators
    service_install.bat
    c7869e9d093d0b9bce58634f9bef47a2
    		DOS batch file, Unicode text, UTF-8 text, with CRLF line terminators
    service_remove.bat
    a693a3b4f43fcb3e9768f4f220bcbb37
    		DOS batch file, Unicode text, UTF-8 text, with CRLF line terminators
    service_status.bat
    629e439096846c15e1bf856966e1af0b
    		DOS batch file, ASCII text

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    Detects WinDivert User-Mode packet capturing driver
    YARAhub by abuse.chmalware
    files - file ~tmp01925d3f.exe
    VirusTotalsuspicious
    VirusTotal - Scan result 2/65

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
danzogit.github.io/dy/zapret-all-1.7.1.zip
185.199.110.153200 OK2.1 MB