Report - dwn.megaupp.com/files/selfishnet+wincap-bramjstore.zip?

Report Overview

Visitedpublic

2025-02-03 08:58:34

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
dwn.megaupp.com	unknown	2020-12-27	2023-07-19	2025-02-03	521 B	2.4 MB	104.21.2.156

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-02-03	medium	dwn.megaupp.com/files/selfishnet+wincap-bramjstore.zip?	Detect files is `SliverFox` malware

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

dwn.megaupp.com/files/selfishnet+wincap-bramjstore.zip?

IP / ASN

104.21.2.156

#13335 CLOUDFLARENET

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=store

Size2.4 MB (2417848 bytes)

MD595b44d297e14068ebe9d8e38188c6b83

SHA176adf2bfee2ce243aa1dfdf5b07a256498265142

SHA256672f27887353429b2dd255740853e28a3a73f779b6c98737e923f96940c676ec

Archive (24)

Modified	Filename	Size	MD5	File type
2014-12-01 12:28	WinPcap_4_1_3.exe	915 kB	a11a2f0cfe6d0b4c50945989db6360cd	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections
2014-12-01 12:42	readme.txt	321 B	813d4d61acb24b75ddb59b5af8fe3f0a	ASCII text, with CRLF line terminators
2015-09-22 16:25	p4crypter.rar	27 kB	357dcba0a10fccb366cf6680444d17aa	RAR archive data, v4, os: Win32
2007-02-02 04:30	WanPacket.dll	66 kB	f2a093e0118714900f077124b1daa52a	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2007-06-02 06:08	PcapNet.dll	168 kB	54dbc0a3028aba8c8d23e1aee623331c	PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 5 sections
2007-05-30 03:42	Selfish.exe	254 kB	04e079f6af9f84215596e22c6df03eec	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 4 sections
2007-01-25 01:31	npf.sys	42 kB	b15e0180c43d8b5219196d76878cc2dd	PE32 executable (native) Intel 80386, for MS Windows, 6 sections
2007-06-04 06:06	release_notes.txt	305 B	4b2878dfde66e4bd503f0f894d99ac7e	ASCII text, with CRLF line terminators
2007-03-20 02:10	LicenseYouAccepted.txt	16 kB	b8616f7eb5808dd404ccea903459f848	ISO-8859 text, with very long lines (756), with CRLF line terminators
2007-06-04 05:46	npptools.dll	49 kB	48311b5a88816c6560a10d9fda75dc7a	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2007-03-20 02:24	HlpIndex.html	4.4 kB	c9c4b7a22300961c3a06800c8e803a86	XML 1.0 document, ASCII text, with CRLF line terminators
2007-03-16 00:42	Packet.dll	86 kB	9639b457636e43081671b140195ada01	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2007-05-30 03:38	ExpandableGridView.dll	41 kB	3843d2cd531f8271a6a220dde8b24905	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2007-05-30 08:05	DataGridViewNumericUpDownElements.dll	33 kB	bbe2e524ffc4250ae70bcfe2cc95bdb0	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2007-06-02 06:19	release_notes.txt	137 B	fb78e2513b37e2b2b2729363517a00c3	ASCII text, with CRLF line terminators
2007-06-02 06:08	PcapNet.dll	168 kB	54dbc0a3028aba8c8d23e1aee623331c	PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 5 sections
2007-02-02 04:30	WanPacket.dll	66 kB	f2a093e0118714900f077124b1daa52a	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2007-05-30 03:42	SelfishNetv0.2-beta.exe	254 kB	04e079f6af9f84215596e22c6df03eec	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 4 sections
2007-03-20 02:24	HlpIndex.html	4.4 kB	c9c4b7a22300961c3a06800c8e803a86	XML 1.0 document, ASCII text, with CRLF line terminators
2007-03-16 00:42	Packet.dll	86 kB	9639b457636e43081671b140195ada01	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2007-05-30 08:05	DataGridViewNumericUpDownElements.dll	33 kB	bbe2e524ffc4250ae70bcfe2cc95bdb0	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2007-03-20 02:10	LicenseYouAccepted.txt	16 kB	b8616f7eb5808dd404ccea903459f848	ISO-8859 text, with very long lines (756), with CRLF line terminators
2007-05-30 03:38	ExpandableGridView.dll	41 kB	3843d2cd531f8271a6a220dde8b24905	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2007-01-25 01:31	npf.sys	42 kB	b15e0180c43d8b5219196d76878cc2dd	PE32 executable (native) Intel 80386, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files is `SliverFox` malware
YARAhub by abuse.ch	malware	Detect files is `SliverFox` malware
VirusTotal	malicious	VirusTotal - Scan result 26/64

JavaScript (0)

HTTP Transactions (1)

	URL	IP	Response	Size