Report - www.sidiary.org/download/driver/IME-DC-Fidelity-USBCableDriver.zip

Report Overview

Submitted URL
www.sidiary.org/download/driver/IME-DC-Fidelity-USBCableDriver.zip
IP
52.169.206.2
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-04-16 16:40:21
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
status.geotrust.com	3662	1999-04-04	2017-12-01	2024-04-16	662 B	1.5 kB	192.229.221.95
www.sidiary.org	unknown	2004-01-05	2012-07-22	2024-04-16	1.1 kB	502 kB	52.169.206.2
diabetes.sinovo.net	unknown	2002-06-06	2012-12-19	2024-04-15	608 B	628 B	52.169.206.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.sidiary.org/DownloadM/driver/IME-DC-Fidelity-USBCableDriver.zip
IP
52.169.206.2
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
501 kB (500958 bytes)
Hash
3d38375e22af24ce595dd0d38f1fd0fc
bccc7c61267f93a791da6df50b33850b115eec1f
ff749bfff41e9dfe1f0cffc3cfda3b716dbc4ac836a1661b8661a7a953104e1b

Archive (19)

Filename

Md5

File type

USB 2.0 TO RS232 Cable for Windows user's manual.doc

8623128f6ca702ff2cb4030dd02860c2

Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 936, Title: USB TO Serial cable Installation Guide, Author: James Lin, Template: Normal.dot, Last Saved By: Billgates, Revision Number: 21, Name of Creating Application: Microsoft Office Word, Total Editing Time: 59:00, Last Printed: Thu Jun 3 02:23:00 1999, Create Time/Date: Tue Oct 22 02:38:00 2002, Last Saved Time/Date: Tue Mar 2 05:57:00 2004, Number of Pages: 7, Number of Words: 478, Number of Characters: 2726, Security: 0

COMPORT.PDF

605b6dc46b53640eeb1bcdfb2cb4357b

PDF document, version 1.2, 1 pages

FTCOMMS.VXD

b73b1dba48ba6d10ad5eb1cfd94836dd

MS-DOS executable, LE executable for MS Windows (VxD)

FTDIBUS.CAT

d322f4ce2b58e05cf198cd7e64f5f07a

DER Encoded PKCS#7 Signed Data

FTDIBUS.INF

11b72a59766851d111e67defb61b6ff8

Windows setup INFormation

ftdibus.sys

b2e774fa71d853aa6062cf390d25b812

PE32 executable (native) Intel 80386, for MS Windows, 7 sections

FTDIPORT.CAT

b671bffc2f3bd3ed8d57297e25dea7c2

DER Encoded PKCS#7 Signed Data

FTDIPORT.INF

07797b86857531c8091da3d293c12d91

Windows setup INFormation

FTDIUN2K.INI

87d7eef88da1a0fb7e9e5657f6382b59

ASCII text, with CRLF line terminators

FTDIUNIN.EXE

5bb5eece611cf5877dad35b6251feea8

PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 8 sections

FTDIUNIN.INI

5cbe3f45234ec34b917a6c5a5bfedae7

ASCII text, with CRLF line terminators

FTSENUM.SYS

49209f797f4890e8df6f31a2852581bb

PE32 executable (native) Intel 80386, for MS Windows, 6 sections

FTSENUM.VXD

c3e157b841760baf3957f1aece633a13

MS-DOS executable, LE executable for MS Windows (VxD)

ftser2k.sys

539e3f2a379c0e27a7ec1fab8c5b5514

PE32 executable (native) Intel 80386, for MS Windows, 9 sections

FTSERIAL.SYS

a63ea535c3e0046e97237dfc3abf554d

PE32 executable (DLL) (native) Intel 80386, for MS Windows, 10 sections

FTSERMOU.INF

a2db9d30a03944897bd214bcf13fecc7

Windows setup INFormation

FTSERMOU.VXD

b750ca5db6bc08bfc01059725578b137

MS-DOS executable, LE executable for MS Windows (VxD)

ftserui2.dll

0cae241457ac6300355980bcb7edfa6c

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

FTSERUI.DLL

3a171daad501009f2de4dbbc681ce570

MS-DOS executable, NE for MS Windows 3.x (4.0) (DLL or font)

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (5)

	URL	IP	Response	Size
	status.geotrust.com/	192.229.221.95		471 B
URL status.geotrust.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 2465654677465fd0c603951675b04d5b cd53cd533e2c8346632e56c880f69daf84f48d16 95e2d146d654cfb9ad902067ee4e55883b640004c83c231e6e33b432322b7095 HTTP Headers `POST / HTTP/1.1 Host: status.geotrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 80 Cache-Control: max-age=7200 Content-Type: application/ocsp-response Date: Tue, 16 Apr 2024 16:39:55 GMT Last-Modified: Tue, 16 Apr 2024 16:38:35 GMT Server: ECAcc (ska/F775) X-Cache: HIT Content-Length: 471`

	www.sidiary.org/download/driver/IME-DC-Fidelity-USBCableDriver.zip	52.169.206.2	302 Object moved	291 B
URL User Request GET HTTP/1.1 www.sidiary.org/download/driver/IME-DC-Fidelity-USBCableDriver.zip IP 52.169.206.2:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerDigiCert Inc Subjectsidiary.org Fingerprint44:98:77:34:FE:AD:BA:26:A4:90:FF:44:97:CE:2F:E5:D9:21:D8:A8 ValidityMon, 06 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT File type HTML document, ASCII text Size 291 B (291 bytes) Hash 3090d997a3e592ee3707248d4c59799e 2446a4825b5aa2a364fa6b316d73081c7c889022 c722b2a9843c5aed5ec671133ecd1e9dab12d0ff258ec4f6f7b4e1f087015903 HTTP Headers GET /download/driver/IME-DC-Fidelity-USBCableDriver.zip HTTP/1.1 Host: www.sidiary.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Object moved Cache-Control: private Content-Type: text/html Location: https://diabetes.sinovo.net/dlc.aspx?s=https://www.sidiary.org/DownloadM/driver/IME-DC-Fidelity-USBCableDriver.zip&dk=driver/IME-DC-Fidelity-USBCableDriver.zip&r= Server: Microsoft-IIS/8.5 Set-Cookie: ASPSESSIONIDSCUCRCTD=NAGBHGADACNPHFOFACAAFBMO; secure; path=/ X-Powered-By: Hello World X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000; includeSubDomains Date: Tue, 16 Apr 2024 16:39:55 GMT Content-Length: 291

	status.geotrust.com/	192.229.221.95		471 B
URL status.geotrust.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 4905fc61fd9c17e4630b12158736bdf6 dd4b6c835c400c0c42f90bdd0a69533144e03510 9b6c14ec7cfbeffe006f67a200f6fd6dcf946592de157aec00a1931fa27764c8 HTTP Headers `POST / HTTP/1.1 Host: status.geotrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 80 Cache-Control: max-age=7200 Content-Type: application/ocsp-response Date: Tue, 16 Apr 2024 16:39:55 GMT Last-Modified: Tue, 16 Apr 2024 16:38:36 GMT Server: ECAcc (ska/F775) X-Cache: HIT Content-Length: 471`

	diabetes.sinovo.net/dlc.aspx?s=https://www.sidiary.org/DownloadM/driver/IME-DC-Fidelity-USBCableDriver.zip&dk=driver/IME-DC-Fidelity-USBCableDriver.zip&r=	52.169.206.2	302 Found	192 B
URL User Request GET HTTP/1.1 diabetes.sinovo.net/dlc.aspx?s=https://www.sidiary.org/DownloadM/driver/IME-DC-Fidelity-USBCableDriver.zip&dk=driver/IME-DC-Fidelity-USBCableDriver.zip&r= IP 52.169.206.2:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerDigiCert Inc Subjectsinovo.net FingerprintE1:C2:BB:68:0C:00:13:C4:10:52:BA:74:50:80:49:63:1B:06:C4:DE ValidityMon, 13 Nov 2023 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT File type HTML document, ASCII text, with CRLF line terminators Size 192 B (192 bytes) Hash 25c3b97194b692b1f56259168b2f995e 60cbe4366cbe5bb33e9a2321e2dc12ca88f0ae96 67c0b7b4487f997f436c751be672bc6cc6595f4ee413ed40770ab306bb2b1118 HTTP Headers GET /dlc.aspx?s=https://www.sidiary.org/DownloadM/driver/IME-DC-Fidelity-USBCableDriver.zip&dk=driver/IME-DC-Fidelity-USBCableDriver.zip&r= HTTP/1.1 Host: diabetes.sinovo.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 Found Cache-Control: private Content-Type: text/html; charset=utf-8 Location: https://www.sidiary.org/DownloadM/driver/IME-DC-Fidelity-USBCableDriver.zip Server: Microsoft-IIS/8.5 X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000; includeSubDomains Date: Tue, 16 Apr 2024 16:39:55 GMT Content-Length: 192`

	www.sidiary.org/DownloadM/driver/IME-DC-Fidelity-USBCableDriver.zip	52.169.206.2	200 OK	501 kB
URL User Request GET HTTP/1.1 www.sidiary.org/DownloadM/driver/IME-DC-Fidelity-USBCableDriver.zip IP 52.169.206.2:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerDigiCert Inc Subjectsidiary.org Fingerprint44:98:77:34:FE:AD:BA:26:A4:90:FF:44:97:CE:2F:E5:D9:21:D8:A8 ValidityMon, 06 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 501 kB (500958 bytes) Hash 3d38375e22af24ce595dd0d38f1fd0fc bccc7c61267f93a791da6df50b33850b115eec1f ff749bfff41e9dfe1f0cffc3cfda3b716dbc4ac836a1661b8661a7a953104e1b HTTP Headers GET /DownloadM/driver/IME-DC-Fidelity-USBCableDriver.zip HTTP/1.1 Host: www.sidiary.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: ASPSESSIONIDSCUCRCTD=NAGBHGADACNPHFOFACAAFBMO Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: application/x-zip-compressed Last-Modified: Fri, 30 Mar 2007 09:40:30 GMT Accept-Ranges: bytes ETag: "5677f74af72c71:0" Server: Microsoft-IIS/8.5 X-Powered-By: Hello World X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000; includeSubDomains Date: Tue, 16 Apr 2024 16:39:55 GMT Content-Length: 500958`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (19)

Detections

JavaScript (0)

HTTP Transactions (5)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers