Report - djrking.s3.amazonaws.com/MHW_3DFix_3

Report Overview

Visited public
2025-04-16 17:57:01
Tags
URL
djrking.s3.amazonaws.com/MHW_3DFix_3_0.zip
Finishing URL
about:privatebrowsing
IP / ASN
54.231.165.217
#16509 AMAZON-02
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
djrking.s3.amazonaws.com	unknown	2005-08-18	2022-06-19	2025-04-16	510 B	3.0 MB	3.5.8.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
djrking.s3.amazonaws.com/MHW_3DFix_3_0.zip
IP
3.5.8.191
ASN
#14618 AMAZON-AES

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
3.0 MB (2999718 bytes)
Hash
d9373a99c8edebebb9ea8c9cf908169c
70e29b8397fb68bcd2faab12dc21efe61d003fd3
491b679180ff2f1a9123a1e5941e58cbdd7ba733b0568b730bf2da6b2eed730e

Archive (25)

Filename

Md5

File type

3DMigoto Loader.exe

cb13f79fe7ffe58d539b90255c213281

PE32+ executable (console) x86-64, for MS Windows, 6 sections

d3d11.dll

6b8c62154115683df690a1c9c2582f1e

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

d3dcompiler_46.dll

65f98232112e4da7f561c500bf3f3b93

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

d3dx.ini

718f6897f805eed9307926094fc00658

ASCII text, with CRLF line terminators

nvapi64.dll

13e4527525361d030a6bc35199391e33

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

3dvision2sbs.hlsl

6b4b5cc6254e47b6f08be72876866421

C source, ASCII text, with CRLF line terminators

3dvision2sbs.ini

dba975d27308f8495dc3ba3d0c35edfd

Generic INItialization configuration [Present]

3dvision2sbs_sli_downscale_pass1.hlsl

167f84ee78f2a99d83f0a5e5793ea966

C source, ASCII text, with CRLF line terminators

3dvision2sbs_sli_downscale_pass2.hlsl

d11ebae7765223f77069d1d89b7419b6

C source, ASCII text, with CRLF line terminators

8741c12cfd6cdd62-cs.txt

d7739013d9accafa78a6cf152c66f1a2

ASCII text

crosshair.hlsl

d95eb8a12677b29e4ed2642b8ee191a4

ASCII text, with CRLF line terminators

DJRK_debug.ini

da4b44f7e8473bd139b15e5cfc902da6

Generic INItialization configuration [Constants]

full_screen.hlsl

4584a87ebe16bb40b02b06861e6def9c

C source, ASCII text

help.hlsl

96646f157092a1b4efa8c5ab046481a3

C source, ASCII text

help.ini

ffafd8e7d7bf1201608e620bcc8ff97a

Generic INItialization configuration [CommandListHelp]

help.txt

bb4ad13d705f69e3bb8a8c24b11880fa

ASCII text, with CRLF line terminators

help_short.txt

3873fdded480d937eabc85d65d6fad19

ASCII text

LiberationSans-Bold.dds

025b976bf55c59e6102dfa285b4e80a5

Microsoft DirectDraw Surface (DDS): 256 x 96, 32-bit color, ARGB8888

LiberationSans-Bold.png

e333607192ba8332a793f03a61f60631

PNG image data, 256 x 96, 8-bit grayscale, non-interlaced

MHW_fix.ini

7542f0b5b658d5d63dd57d1eb483de5e

Generic INItialization configuration [KeyHUDDepth]

mouse.hlsl

cb2d34db1d995c5f9d27340a4252abcd

C source, ASCII text, with CRLF line terminators

mouse.ini

81972b06dcb30a1d97d68a1c588ccece

Generic INItialization configuration [Device]

upscale.hlsl

e224e613c8a383faa2e658b54f7f2d4e

C source, ASCII text, with CRLF line terminators

upscale.ini

91d4225f00c05a03ab46a33d82ccd845

Generic INItialization configuration [Device]

uninstall.bat

5efc41fcfa1cd171db8f46793a346f92

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/68

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

djrking.s3.amazonaws.com/MHW_3DFix_3_0.zip

3.5.8.191

200 OK

3.0 MB

URL User Request GET
djrking.s3.amazonaws.com/MHW_3DFix_3_0.zip
IP
3.5.8.191:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
Fingerprint2E:BA:63:64:95:A8:CE:55:DD:7E:EB:A9:98:83:14:B1:6F:6B:61:69
ValidityFri, 14 Feb 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
3.0 MB (2999718 bytes)
Hash
d9373a99c8edebebb9ea8c9cf908169c
70e29b8397fb68bcd2faab12dc21efe61d003fd3
491b679180ff2f1a9123a1e5941e58cbdd7ba733b0568b730bf2da6b2eed730e

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/68

HTTP Headers

GET /MHW_3DFix_3_0.zip HTTP/1.1
Host: djrking.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: PKn0umS3+pB1tn7wLP1QVBlzu2CwQVmvPJ8+yzubf/vVJGL+66NytNEFnPOLjubyEpaRdEJmnJrYxAMrgOAwig==
x-amz-request-id: 1G6CSKMEADMGC647
Date: Wed, 16 Apr 2025 17:56:39 GMT
Last-Modified: Wed, 26 Aug 2020 03:16:05 GMT
ETag: "d9373a99c8edebebb9ea8c9cf908169c"
x-amz-version-id: 7ddOBnovmvwEKhYF9p9LtPkWu8antTVl
Accept-Ranges: bytes
Content-Type: application/zip
Content-Length: 2999718
Server: AmazonS3

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (25)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers