Report - kemono.su/74/c4/74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18.7z

Report Overview

Visited public
2025-04-24 04:11:06
Tags
URL
kemono.su/74/c4/74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18.7z
Finishing URL
about:privatebrowsing
IP / ASN
190.115.16.14
#59692 IQWeb FZ-LLC
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
kemono.su	unknown	2022-08-25	2023-06-03	2025-03-26	551 B	4.6 MB	190.115.16.14
n1.kemono.su	unknown	2022-08-25	2024-07-25	2025-04-17	666 B	4.6 MB	91.149.227.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
n1.kemono.su/data/74/c4/74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18.7z
IP
91.149.227.10
ASN
#200508 Sorok76 Ltd

File type
7-zip archive data, version 0.4
Size
4.6 MB (4596481 bytes)
Hash
3407186874d4eafa612fffa2c4a7a8fa
7bac04d4accfde2db23cdd673e45fb1f645a6094
74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18

Archive (46)

Filename

Md5

File type

phoenix

d41d8cd98f00b204e9800998ecf8427e

2025_03_01.txt

763852b15629bfafe9e9e082cfb513d1

ASCII text, with CRLF, LF line terminators

ProfilesBackupCPU.ini

bb397004dde24239de3a268c34d25ecd

Generic INItialization configuration [PBO2]

ProfilesBackupGPU.ini

2916e7a81dca0bab5f6ec47f9c2a7903

Generic INItialization configuration [GPU_PROFILE_0]

ProfilesCPU.ini

bb397004dde24239de3a268c34d25ecd

Generic INItialization configuration [PBO2]

ProfilesGPU.ini

2916e7a81dca0bab5f6ec47f9c2a7903

Generic INItialization configuration [GPU_PROFILE_0]

Settings.ini

cd5cc9b994a0d8d2c4660437498ee159

ASCII text, with CRLF line terminators

Settings_Backup.ini

cd5cc9b994a0d8d2c4660437498ee159

ASCII text, with CRLF line terminators

AMDVBFLASH_User_Guide_NDA.pdf

f4a483489567d6b10b6a2a884205da5d

PDF document, version 1.7, 12 page(s)

arguments.txt

696a0182c4867d2f6c6d7fb72674e7a2

Unicode text, UTF-8 text, with CRLF line terminators

Changelog.txt

e55a0130c287f8acaaa432b787a4c8bb

ASCII text, with CRLF line terminators

readme.txt

b60613ca7dbe272cec714088dc518682

ASCII text, with CRLF line terminators

AdlTune.dll

8b2e7eb05d72a41cd9326c3edc473a25

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

amdvbflash.exe

313ed2279df1af019a0ccd06b4507277

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

AMDVBFlashDriverInstaller.exe

98d09e802ee2130801160a3f395b5774

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

Bunifu.Licensing.dll

2b2740e0c34a46de31cf9da8a75d77cf

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.1.5.3.dll

019b3a5dd20f3e55b426e652ed512079

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuButton.dll

7e751ae1a357a30e3aa5153352ebcafd

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuCheckBox.dll

4274a77b71f547347f241386c6729cd6

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuCircleProgress.dll

69beccb5c9e400ca1434932d094d137a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuDataGridView.dll

c895e9bad25d4a9d97ec1db436f7071e

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuDropdown.dll

c715cbdee4b7e42294bea2a949626d41

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuFormDock.dll

e650ea1fb5e93378801e29ea63448e6b

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuGauge.dll

67a0fdeffa7a25ace3510a3dbb6fbf98

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuGradientPanel.dll

63efe260262b27a23e19eeff6af0136d

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuImageButton.dll

ac51e7ef8f6c6c7c702da1b1c866aaac

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuLoader.dll

5c5e23a67c2aeb47cfc22f427938bc60

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuPages.dll

afdcd61a8a6af3e24c8a078c6a061a9e

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuPictureBox.dll

601c4bcad4fa72e1aa2969c886561851

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuProgressBar.dll

d184cab2f5ab5d4b039db5e0fc1775ce

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuScrollBar.dll

bf1ee8bb0b5d51536d10bd1032cf10e2

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuSeparator.dll

6045f5a968c65d08d47827d14e04dcab

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuShapes.dll

9f6fdd0ac1f813eb3168cd0764f53ada

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuSlider.dll

6dc11a882fe619c030263e1b2b2990bd

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuTextBox.dll

94d2d9fe55e9a608e865dd472a98ba75

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuToggleSwitch.dll

08adb1587981473e8032d0397a994467

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Bunifu.UI.WinForms.BunifuToolTip.dll

27529cab8c6b19ef0b8a6f5f4d131cc4

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

HYDRA.exe

86902603a6ccda95c5ff855d4f7f5bdd

PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows, 3 sections

HydraBench.dll

f0b26140806f2a6c92d1c344d6d138ac

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

hydra_1.dll

e7f999b313f4431633b2047af1c5b0f5

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

hydra_2.dll

49bd0408506e9128795b2e1d09a48c32

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

memtest.exe

2da23869191b9b93106967d1924e6342

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

Microsoft.Win32.TaskScheduler.dll

0616ea42b68a8f5f2f01bcd985bdcbc7

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Newtonsoft.Json.dll

195ffb7167db3219b217c4fd439eedd6

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

NVapi.dll

78db70d98a9c1f7fd6160bacb98a1876

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

restart64.exe

297aa19bade534a791d053ca190b74ad

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect pe file that no import table

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	kemono.su/74/c4/74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18.7z	190.115.16.14	302 Found	4.6 MB
URL User Request GET kemono.su/74/c4/74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18.7z IP 190.115.16.14:443 ASN #59692 IQWeb FZ-LLC Certificate IssuerLet's Encrypt Subjectkemono.su FingerprintC4:D9:E4:C6:18:16:14:92:D6:5B:2E:F6:79:2E:93:E0:07:99:BD:F1 ValidityThu, 17 Apr 2025 08:02:48 GMT - Wed, 16 Jul 2025 08:02:47 GMT File type Size 4.6 MB (4596481 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /74/c4/74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18.7z HTTP/1.1 Host: kemono.su User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: ddos-guard set-cookie: __ddg8_=DMY3bb4NBfJodqsR; Domain=.kemono.su; Path=/; Expires=Thu, 24-Apr-2025 04:30:30 GMT __ddg10_=1745467830; Domain=.kemono.su; Path=/; Expires=Thu, 24-Apr-2025 04:30:30 GMT __ddg9_=91.90.42.154; Domain=.kemono.su; Path=/; Expires=Thu, 24-Apr-2025 04:30:30 GMT __ddg1_=z41wsjaNaHHQa7U4gBtD; Domain=.kemono.su; HttpOnly; Path=/; Expires=Fri, 24-Apr-2026 04:10:30 GMT content-security-policy: upgrade-insecure-requests; date: Thu, 24 Apr 2025 04:10:30 GMT content-type: text/html content-length: 138 location: https://n1.kemono.su/data/74/c4/74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18.7z strict-transport-security: max-age=63072000; includeSubDomains; preload age: 0 ddg-cache-status: MISS,MISS X-Firefox-Spdy: h2

	n1.kemono.su/data/74/c4/74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18.7z	91.149.227.10	200 OK	4.6 MB
URL User Request GET n1.kemono.su/data/74/c4/74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18.7z IP 91.149.227.10:443 ASN #200508 Sorok76 Ltd Certificate IssuerLet's Encrypt Subjectn1.kemono.su FingerprintFA:02:22:4B:31:FB:B4:47:85:6F:60:CA:DA:72:4A:08:8E:52:5A:58 ValidityMon, 24 Mar 2025 08:20:56 GMT - Sun, 22 Jun 2025 08:20:55 GMT File type 7-zip archive data, version 0.4 Size 4.6 MB (4596481 bytes) Hash 3407186874d4eafa612fffa2c4a7a8fa 7bac04d4accfde2db23cdd673e45fb1f645a6094 74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18 HTTP Headers GET /data/74/c4/74c49518c6e7647c99ca4ef929b710698547ec40d5112ccd3bc79db431981b18.7z HTTP/1.1 Host: n1.kemono.su User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: __ddg8_=DMY3bb4NBfJodqsR; __ddg10_=1745467830; __ddg9_=91.90.42.154; __ddg1_=z41wsjaNaHHQa7U4gBtD Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Thu, 24 Apr 2025 04:10:30 GMT content-type: application/x-7z-compressed content-length: 4596481 last-modified: Tue, 04 Mar 2025 12:43:52 GMT etag: "67c6f588-462301" x-cache-status: STALE x-cache-range: bytes=0-4194303 access-control-allow-origin: https://kemono.su access-control-allow-methods: GET, OPTIONS access-control-allow-headers: * cache-control: public, max-age=2592000, s-maxage=2592000 accept-ranges: bytes X-Firefox-Spdy: h2`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (46)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers