Report - www.primosync.com/product/primo-android-data-recovery.7z

Report Overview

Visitedpublic

2025-03-29 13:53:25

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
www.primosync.com	unknown	2015-12-11	2017-02-24	2021-03-08	524 B	17 MB	54.213.132.175

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

www.primosync.com/product/primo-android-data-recovery.7z

IP / ASN

54.213.132.175

#16509 AMAZON-02

File Overview

File Type7-zip archive data, version 0.4

Size17 MB (17422989 bytes)

MD5309a66c484dab64e231d56f3d48af3f0

SHA18e44daaacc8722be602960eb2535db60a50b5ffd

SHA256fb2ae36cc3b80d07b4b2431d9a0e4d4d0a72d228e7514d6c27648945bc48133a

Archive (45)

Modified	Filename	Size	MD5	File type
2017-05-31 08:13	ADSqliteLibrary.lib	2.6 kB	03a3c657c2162dd69144266ff33f7acc	current ar archive
2017-06-01 05:22	AnayticsLib.lib	2.2 kB	0474dc570362af8ac14be3717c978fc3	current ar archive
2017-05-11 08:56	driver.7z	8.5 MB	8ea614d3237f02b7369e445bf8fdadb5	7-zip archive data, version 0.4
2017-05-23 11:57	libcurl_imp.lib	13 kB	303c45843823d020953e0660be3e4c85	current ar archive
2017-07-18 09:40	Primo Android Data Recovery.exe.config	988 B	57e691012c5a00c1a436ef944deb5daa	XML 1.0 document, ASCII text, with CRLF line terminators
2017-07-20 10:06	primoservice.apk	2.3 MB	1e53529cd49a78c9236bd5c46f6f265a	Android package (APK), with AndroidManifest.xml Zip archive data, at least v2.0 to extract, compression method=deflate
2017-04-20 06:59	7z.dll	914 kB	04ad4b80880b32c94be8d0886482c774	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections
2017-04-20 06:59	7z.exe	164 kB	a51d90f2f9394f5ea0a3acae3bd2b219	PE32 executable (console) Intel 80386, for MS Windows, 4 sections
2017-04-20 06:59	aapt.exe	862 kB	8e135be8d927db16146c1d092fa5e43c	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 5 sections
2017-05-04 02:31	adb.exe	1.0 MB	d1138ffc833b6143297d766ec8cbd4c3	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 9 sections
2017-05-04 02:31	AdbWinApi.dll	111 kB	e6c348b719c6286bd003ef98e043725c	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2017-05-04 02:31	AdbWinUsbApi.dll	76 kB	329824d9e9cd8f346e6ac9a04ab383cf	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2017-07-20 09:28	AdCommLibrary.dll	115 kB	2fe3f0bea847696834755314e18afe09	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-20 09:29	ADSqliteLibrary.dll	91 kB	fdb31d02a053622746ca4fd894b06a9a	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2017-07-20 09:29	AnayticsLib.dll	37 kB	0379875804afb3aa5bc40e2cdc3e50c4	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2017-07-20 09:28	AndroidSqliteDAO.dll	106 kB	ef5260847936b851e75304139c9259fd	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-20 09:28	ARUsbLibrary.dll	77 kB	715361eff5ab577a07539dc94b856631	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-20 09:28	BugReport.exe	832 kB	93486f06ca7c936256d41ff605a22e48	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-05-02 01:50	DPInst32.exe	795 kB	3f442906b29b552f1c9fec1e221d90b7	PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections
2017-05-02 01:50	DPInst_x64.exe	1.0 MB	4192a5b905374e423ec1e545599aa86e	PE32+ executable (GUI) x86-64, for MS Windows, 5 sections
2017-07-20 09:28	DriverInstaller.exe	2.2 MB	30622c7d301aac3dcccd809da2275105	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-03 03:57	ICSharpCode.SharpZipLib.dll	143 kB	2cccadaa3052ceb5b112554f041bcd22	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-20 09:28	iMobieHelper.dll	168 kB	66b529dade7de6730f9d597c065eb927	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-14 03:11	Interop.PortableDeviceApiLib.dll	29 kB	a0b2f1820ef03d4cd6c3818ff3d5a8fa	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 2 sections
2017-07-14 03:11	Interop.PortableDeviceTypesLib.dll	22 kB	2700d1ed42fda46b7ef8dcc76669ad96	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-20 09:29	IPSWHelp.exe	130 kB	4e6a6ec2a4d595855afd0bda77775475	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-05-23 11:57	libcurl.dll	640 kB	1cbf9aa00b17275c586e308ff84e0224	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 11 sections
2017-05-23 11:57	libeay32.dll	1.7 MB	41fcf7cf7aeea0b7280dcbce914d4bcb	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 11 sections
2017-05-23 11:57	libidn-11.dll	280 kB	56295c7afe3f0542d59d12ca955380db	PE32 executable (DLL) (console) Intel 80386, for MS Windows, 9 sections
2017-05-23 11:57	LibSSH2.dll	421 kB	a09366c40f5d0ea9d3f7477743c53011	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-03 03:57	log4net.dll	242 kB	04d2ee2f2712b8368216300455f0557b	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-05-23 11:57	msvcp100.dll	421 kB	03e9314004f504a14a61c3d364b62f66	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2017-05-23 11:57	msvcp100d.dll	1.0 MB	cdc9a614e6ecaa0e238b9e6c2ed5ae4d	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2017-05-23 11:57	msvcr100.dll	770 kB	67ec459e42d3081dd8fd34356f7cafc1	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2017-05-23 11:57	msvcr100d.dll	1.9 MB	6bd937154e59b791b1f9fb781816b91f	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 9 sections
2017-07-20 09:29	NamePipe.dll	30 kB	e9dd42eade38a5a303183fd02f8e8b82	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-03 03:57	Newtonsoft.Json.dll	349 kB	1ab311546131ef528b9ecb2a426fc01a	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-20 09:28	Primo Android Data Recovery.exe	3.7 MB	18cbf5e13918bd810064a54e6dc6a970	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-20 09:29	RootLibrary.dll	46 kB	895824d4f9d1e055ab101f857b8fbf67	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-07-20 09:29	SendMail.dll	24 kB	72748d46275e328ba23e678a0a3a7263	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2017-04-20 06:59	sqlite3.dll	646 kB	e477a96c8f2b18d6b5c27bde49c990bf	PE32 executable (DLL) (console) Intel 80386, for MS Windows, 19 sections
2017-05-23 11:57	ssleay32.dll	369 kB	23d502041c9fd43337933d44bca90e12	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 11 sections
2017-07-03 03:57	System.Data.SQLite.dll	1.1 MB	5d8c745bffc141ff35f8caad8ef73a92	PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 5 sections
2017-07-03 03:57	zlib.net.dll	70 kB	5c677eba3a7a05c0bc22288198c19383	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2017-05-23 11:57	zlib1.dll	80 kB	6b25d5f1693083dd640253a5b05c744e	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_stackstrings
VirusTotal	suspicious	VirusTotal - Scan result 1/60

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET www.primosync.com/product/primo-android-data-recovery.7z

54.213.132.175

200 OK

17 MB

URL User Request GET HTTPS

www.primosync.com/product/primo-android-data-recovery.7z

IP / ASN

54.213.132.175

#16509 AMAZON-02

Requested byN/A

Resource Info

File type7-zip archive data, version 0.4

First Seen2025-03-29

Last Seen2025-03-29

Times Seen1

Size17 MB (17422989 bytes)

MD5309a66c484dab64e231d56f3d48af3f0

SHA18e44daaacc8722be602960eb2535db60a50b5ffd

SHA256fb2ae36cc3b80d07b4b2431d9a0e4d4d0a72d228e7514d6c27648945bc48133a

Certificate Info

IssuerLet's Encrypt

Subjectwww.primosync.com

Fingerprint82:99:E6:7B:36:BE:05:E1:73:44:F5:DD:0A:92:89:DB:24:C8:FF:66

ValiditySun, 23 Mar 2025 12:06:17 GMT - Sat, 21 Jun 2025 12:06:16 GMT

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/60

HTTP Headers

GET /product/primo-android-data-recovery.7z HTTP/1.1
Host: www.primosync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 29 Mar 2025 13:52:55 GMT
content-type: application/x-7z-compressed
content-length: 17422989
last-modified: Thu, 20 Jul 2017 10:10:09 GMT
etag: "59708181-109da8d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2