Report - ftp.vector.co.jp/77/48/2329/claunch2.zip

Report Overview

Visited public
2025-05-08 05:04:47
Tags
URL
ftp.vector.co.jp/77/48/2329/claunch2.zip
Finishing URL
about:privatebrowsing
IP / ASN
180.214.37.164
#15830 Equinix (EMEA) Acquisition Enterprises B.V.
Title
about:privatebrowsing

Detections

urlquery

0

Network Intrusion Detection

0

Threat Detection Systems

2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ftp.vector.co.jp	unknown	1994-01-18	2012-05-22	2025-05-08	508 B	382 kB	180.214.37.162

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
ftp.vector.co.jp/77/48/2329/claunch2.zip
IP
180.214.37.162
ASN
#15830 Equinix (EMEA) Acquisition Enterprises B.V.

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
382 kB (381916 bytes)
Hash
dea9b0493803914a1825c936ee0254eb
bc18ed7345032e0a8737f135bd31eb272c32d077
59728ee0e6dc607261a23723121219b524eb322fe5bb5d6975d18fc7d25ca367

Archive (31)

Filename

Md5

File type

CLaunch2.exe

bd16a434e8c3f1d2f7b6f8006928586c

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

CLCore.dll

287946edc58b949bfd0c38b25924a08a

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

lclick.png

2a4b87472c9cdf2d6660153bb715f588

PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

mclick.png

48f6f097587696420a5fbb70d59c5822

PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

mdown.png

3171db2114b6088f7f006861dc9aa0ef

PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

mouse.png

c9a55dfac7333b21cebc21c0452c29c7

PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

move.png

a4618aae3b3f98ad33989b145a619d31

PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

mup.png

52a1a6915744d0287f888444bafafaf2

PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

rclick.png

8c668189063c0354797bc1e1e49881c6

PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

x1click.png

104b5271699fa8d68e3220fe24665000

PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

x2click.png

6a8032a3117241791fbc0ec8daf72207

PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

lclick.png

d7eb755cb6195d81ecb36e9de6a3b5c6

PNG image data, 100 x 120, 8-bit/color RGBA, non-interlaced

mclick.png

d4be7687bc1399465b6bcea9db231f55

PNG image data, 100 x 120, 8-bit/color RGBA, non-interlaced

mdown.png

6b25a675244c7a3b8d18339be9415ca0

PNG image data, 100 x 120, 8-bit/color RGBA, non-interlaced

mouse.png

b3bcdcac3b5d6d9d9ba16e278f9aa9b8

PNG image data, 100 x 120, 8-bit/color RGBA, non-interlaced

move.png

3ebfbc76d245daa007e42e8812805eb3

PNG image data, 100 x 120, 8-bit/color RGBA, non-interlaced

mup.png

a913a8bcb8df8775e31736039152f571

PNG image data, 100 x 120, 8-bit/color RGBA, non-interlaced

rclick.png

7074661b7db8b9508f5b06f8b63d30f7

PNG image data, 100 x 120, 8-bit/color RGBA, non-interlaced

x1click.png

d6e1bc4af105db84639d88988aadb758

PNG image data, 100 x 120, 8-bit/color RGBA, non-interlaced

x2click.png

ac81ce5f1a1fc23a56df104490357d0b

PNG image data, 100 x 120, 8-bit/color RGBA, non-interlaced

ReadMe.txt

a338ea3649865e8630b8dde4a0e7fbb7

Unicode text, UTF-8 text, with CRLF line terminators

skin_black.bmp

ae3723294fbfd67c904609a88dd0b941

PC bitmap, Windows 3.x format, 125 x 90 x 8, image size 11520, cbSize 12598, bits offset 1078

skin_black2.bmp

5ccde418958a6cdf2b5c8abce89e5b12

PC bitmap, Windows 3.x format, 125 x 90 x 8, image size 11520, cbSize 12598, bits offset 1078

skin_default.bmp

59d48b29e41b2762be371032450ab1f3

PC bitmap, Windows 3.x format, 125 x 90 x 4, image size 5760, cbSize 5878, bits offset 118

skin_ime2002.bmp

1ba7e6286921516a4acf40182da8d282

PC bitmap, Windows 3.x format, 125 x 90 x 8, image size 11520, cbSize 12598, bits offset 1078

skin_mac.bmp

2cd5357c9e9b94880df0e7a905c193c8

PC bitmap, Windows 3.x format, 125 x 90 x 8, image size 11520, cbSize 12598, bits offset 1078

skin_metal.bmp

23432b9f6c4d3cf55eae2abf441748c8

PC bitmap, Windows 3.x format, 125 x 90 x 8, image size 11520, cbSize 12598, bits offset 1078

skin_old.bmp

4ebcd1baad3a4432f2fc59d76a222aad

PC bitmap, Windows 3.x format, 125 x 90 x 8, image size 11520, cbSize 12598, bits offset 1078

skin_orange.bmp

8ffa97c07ac7fba3fa9d142b04b387fb

PC bitmap, Windows 3.x format, 125 x 90 x 8, image size 11520, cbSize 12598, bits offset 1078

skin_purple.bmp

d1732a98be581b79289337cb70587940

PC bitmap, Windows 3.x format, 125 x 90 x 8, image size 11520, cbSize 12598, bits offset 1078

skin_white.bmp

46a8d5a4d9c835b5cc4f61d9afa709c6

PC bitmap, Windows 3.x format, 125 x 90 x 8, image size 11520, cbSize 11702, bits offset 182

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

ftp.vector.co.jp/77/48/2329/claunch2.zip

180.214.37.162

200 OK

382 kB

URL User Request GET
ftp.vector.co.jp/77/48/2329/claunch2.zip
IP
180.214.37.162:443
ASN
#15830 Equinix (EMEA) Acquisition Enterprises B.V.

Certificate
IssuerCybertrust Japan Co., Ltd.
Subject*.vector.co.jp
Fingerprint20:C8:2B:DB:3E:45:1D:25:B4:63:B7:27:4F:6D:FF:D1:03:88:E5:6F
ValidityTue, 03 Dec 2024 08:11:44 GMT - Fri, 02 Jan 2026 14:59:00 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
382 kB (381916 bytes)
Hash
dea9b0493803914a1825c936ee0254eb
bc18ed7345032e0a8737f135bd31eb272c32d077
59728ee0e6dc607261a23723121219b524eb322fe5bb5d6975d18fc7d25ca367

HTTP Headers

GET /77/48/2329/claunch2.zip HTTP/1.1
Host: ftp.vector.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 May 2025 05:04:17 GMT
Server: Apache
Last-Modified: Fri, 17 Jan 2025 11:45:36 GMT
ETag: "5d3dc-62be572ee7800"
Accept-Ranges: bytes
Content-Length: 381916
Content-Disposition: filename=claunch2.zip
Connection: close
Content-Type: application/zip