Report - trendyscreen.co/wp-content/server/dsf4i000954.zip

Report Overview

Visitedpublic

2024-07-11 01:02:47

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-09 18:12:41	2.3 kB	6.2 kB	23.36.77.32
trendyscreen.co	unknown	2023-09-19	2023-09-20 01:17:40	2023-09-21 19:48:59	503 B	6.8 MB	198.187.31.229

Related reports

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

trendyscreen.co/wp-content/server/dsf4i000954.zip

IP / ASN

198.187.31.229

#22612 NAMECHEAP-NET

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=deflate

Size6.8 MB (6821893 bytes)

MD51a111248461db6baadd1106730b5f541

SHA106e8002ed1a3d60090526b567368d9009aaa814d

SHA2565d6d16fdf60d7dd80a2340b7851d01b076bd7174a92fe3c78d0708da35ccae83

Archive (10)

Modified	Filename	Size	MD5	File type
2024-07-07 19:07	File ver2-065.msi	4.5 MB	094bffe76d0e01a0a2dddc7021916c24	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: ComboTIFF for Windows (64 Bit) - UNREGISTERED - Wrapped using MSI Wrapper from www.exemsi.com 0.0.0.0, Subject: ComboTIFF for Windows (64 Bit) - UNREGISTERED - Wrapped using MSI Wrapper from www.exemsi.com, Author: iRedSoft Technology Inc, Keywords: Installer, Comments: This installation was built with Inno Setup., Template: Intel;1033, Revision Number: {4C0DED81-118E-4270-B4EA-66090A44E4D8}, Create Time/Date: Thu Jan 11 14:59:44 2024, Last Saved Time/Date: Thu Jan 11 14:59:44 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: MSI Wrapper (11.0.53.0), Security: 2
2024-07-01 14:00	License.txt	403 kB	0507b454d8793e3c59ed750dfeead0f4	Unicode text, UTF-8 text, with very long lines (755), with CRLF line terminators
2024-03-08 19:03	app_type.xml	159 B	c6e524037a2152d1963a2c29dbfa2966	XML 1.0 document, ASCII text, with CRLF line terminators
2023-12-15 16:11	config.ini	175 B	c487e005db348b8885a99b7327401168	ASCII text, with CRLF line terminators
2023-12-11 20:55	part1.7z	82 B	376c011a05342973485d88ac988383ca	7-zip archive data, version 0.4
2023-12-11 20:55	part2.7z	167 B	18f06a80a2bf297e36da89e4b7ae0e8e	7-zip archive data, version 0.4
2023-12-11 20:55	part3.7z	360 B	3423b37119f842d6e9838c721e97124c	7-zip archive data, version 0.4
2023-12-15 16:11	unins000.dat	2.8 MB	a73d07ab51f706c4c75e1c8c41972b07	InnoSetup Log lesta Wotspeak ModPack 1.23.0.0 ver.3 {JustDj-D437-4D2E-BFBD-2E44F58DD32C}, version 0x418, 2801435 bytes, LAPTOP-I2\PC�� , C:\Games\Tanki�� ^
2023-12-15 16:10	unins000.exe	1.5 MB	3ab31d714c50ae078f9eaba7b2497191	PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections
2023-09-08 08:45	vivoxsdk.dll	4.1 MB	2e61c567d528d08cef62b718cb8aa82f	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 8 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 3/66

JavaScript (0)

HTTP Transactions (8)

	URL	IP	Response	Size