Report - d.app6.i4.cn/evasion/jb84.7z

Report Overview

Submitted URL
d.app6.i4.cn/evasion/jb84.7z
IP
58.221.32.108
ASN
#4134 Chinanet
Submitted
2024-04-23 08:22:54
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
d.app6.i4.cn	unknown	2004-06-11	2015-01-22	2024-04-14	398 B	20 MB	58.222.46.204

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
d.app6.i4.cn/evasion/jb84.7z
IP
58.222.46.204
ASN
#4134 Chinanet

File type
7-zip archive data, version 0.3
Size
20 MB (19579365 bytes)
Hash
640196e51faa9e933cd7a4b7f9e99066
a196b6b9d846d112b71d7ca8c97b34e6910201ad
ebd5115a13ee9b8ba01fd0320fbd000ba55b3840c4a966b0f06d5c37dd54b306

Archive (49)

Filename

Md5

File type

106

500e4d3abc8f0c51edb71cf857494b40

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

amfid_load_32

746dd84f8b71f7b08d5411c06df02385

Mach-O armv7 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|PIE>

amfid_load_64

43831eba594e3cf2c3b0fc134f6143a7

Mach-O 64-bit arm64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|PIE>

launch_1disk

7c59bc17fa5c4cebf86d972c1f834670

zlib compressed data

valid

d6199cdc686fe03966cb893d652d2fe5

zlib compressed data

cydiaandtaigbase.tar

356856b0d825b9e3b5ae92bad069e3b3

data

packagelist.tar

c9039c7f9771646d07b7a4212864b2ca

data

u001_taig_patch_tar.tar

5bd62e7b4564b44e661249114a2ce711

data

amfid_arm64_8.2

0158c2502c537dd255c85c142f1f285d

data

amfid_armv7s_8.2

488f1e78de093fbbf724be3242269a7f

data

amfid_armv7_8.2

d0879a1729047707a6cc83de6b32fbb1

data

arm64_8.2

5a8c7350d206f2530bb895791a1949cf

zlib compressed data

armv7s_8.2

56d29c238906fd503b56443a1a924ec5

zlib compressed data

armv7_8.2

b5e61cb5e82813c95ea60123f8a3b9f4

zlib compressed data

dyld_arm64_8.2

5f9da0c6256ebc83b6135a2b9891e1ef

data

dyld_armv7s_8.2

d7e39418eb20c75891da142337e367a4

data

dyld_armv7_8.2

fbfc104b3338f8ac40ed5dd82a84a4ef

data

amfid_arm64_8.1.3

589ce3a892c67e754a622915fd2f4010

data

amfid_arm64_8.3

78773eb0d28fb96a1f488a9829b39893

data

amfid_armv7s_8.1.3

9e7248f85105cbc5fdccc3278c595739

data

amfid_armv7s_8.3

95ba15a3f04cb39a4f3702a91a4a1313

data

amfid_armv7_8.1.3

a06bcbcc85bd86a2cd88eb63756fadf2

data

amfid_armv7_8.3

195f19401743a0e2925c4f1ddc639e2b

data

arm64_8.1.3

40b4ff41945fceb2ece5763c890f835c

zlib compressed data

arm64_8.3

a153b9ef0bf3edc4172aa0c4fa48bc06

zlib compressed data

armv7s_8.1.3

2dd4cd8459d8108bda459f91c2b37353

zlib compressed data

armv7s_8.3

e0cf7c70372a37e088bb42549de9900e

zlib compressed data

armv7_8.1.3

84863be7fbf2f4db693128e8c404864b

zlib compressed data

armv7_8.3

33a41cfb172cce35bac2d3ee9d83a76c

zlib compressed data

dyld_arm64_8.1.3

578a640d3a0392a62c6daab5edbb439f

data

dyld_arm64_8.3

8082f46c50a92c69632f62cb19948a63

data

dyld_armv7s_8.1.3

599bed5b24a9383a2d5e57ce022740f6

data

dyld_armv7s_8.3

ec47ee3b00c3ccc1265362dbcb228034

data

dyld_armv7_8.1.3

3cd7b1210472e4e8b7c0d3258f021093

data

dyld_armv7_8.3

1e72cd5acd7b6b099cb985f1711a0a34

data

amfid_arm64_8.4

5795fd0cec4de3e4115d2e6c6f25b5d9

data

amfid_armv7s_8.4

d7449152ecefc737cf4bfe987a156bbf

data

amfid_armv7_8.4

8adbff6e47aa5b1abb0dfba5fa46529e

data

arm64_8.4

fe7c282c811e7256549ed919f62900b4

zlib compressed data

armv7s_8.4

a5017e0ffbadb42982e14081245b4974

zlib compressed data

armv7_8.4

12f53459605d51cf2f658f1b50e11c4d

zlib compressed data

dyld_arm64_8.4

a66c03fccd7167d72e50a9288a0c4f2c

data

dyld_armv7s_8.4

8c19cef4d7ed9f0c2e917ca67daf7286

data

dyld_armv7_8.4

f4ecdcbc5deee7a98b7baade4afaab98

data

Manifest.mbdb

2b0df7a7c81f77672207166c3a960b8d

data

Manifest.plist

023bfc13cc25c81cea6e2df4ce5d5d15

Apple binary property list

Status.plist

61faaa37ee673c64bc1e2d0415f21be3

Apple binary property list

Sync_00000001.plist

b35b7206a765c574ad452ec3aa8168e6

XML 1.0 document, Unicode text, UTF-8 text

Sync_00000002.plist

e29e32fe7ff63955a107620d27408bbd

XML 1.0 document, Unicode text, UTF-8 text

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	d.app6.i4.cn/evasion/jb84.7z	58.222.46.204	200 OK	20 MB
URL User Request GET HTTP/1.1 d.app6.i4.cn/evasion/jb84.7z IP 58.222.46.204:80 ASN #4134 Chinanet File type 7-zip archive data, version 0.3 Size 20 MB (19579365 bytes) Hash 640196e51faa9e933cd7a4b7f9e99066 a196b6b9d846d112b71d7ca8c97b34e6910201ad ebd5115a13ee9b8ba01fd0320fbd000ba55b3840c4a966b0f06d5c37dd54b306 HTTP Headers `GET /evasion/jb84.7z HTTP/1.1 Host: d.app6.i4.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: Tengine Content-Type: application/x-7z-compressed Content-Length: 19579365 Connection: keep-alive Date: Mon, 01 Apr 2024 21:15:03 GMT Last-Modified: Sat, 22 Aug 2015 16:00:00 GMT ETag: "55d89c80-12ac1e5" Accept-Ranges: bytes Age: 1854439 Via: cache12.cn6866[1,0] Timing-Allow-Origin: * EagleId: 3ade2ea017138605425032937e`

d.app6.i4.cn/evasion/jb84.7z

58.222.46.204

200 OK

20 MB

URL User Request GET HTTP/1.1
d.app6.i4.cn/evasion/jb84.7z
IP
58.222.46.204:80
ASN
#4134 Chinanet

File type
7-zip archive data, version 0.3
Size
20 MB (19579365 bytes)
Hash
640196e51faa9e933cd7a4b7f9e99066
a196b6b9d846d112b71d7ca8c97b34e6910201ad
ebd5115a13ee9b8ba01fd0320fbd000ba55b3840c4a966b0f06d5c37dd54b306

HTTP Headers

GET /evasion/jb84.7z HTTP/1.1
Host: d.app6.i4.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-7z-compressed
Content-Length: 19579365
Connection: keep-alive
Date: Mon, 01 Apr 2024 21:15:03 GMT
Last-Modified: Sat, 22 Aug 2015 16:00:00 GMT
ETag: "55d89c80-12ac1e5"
Accept-Ranges: bytes
Age: 1854439
Via: cache12.cn6866[1,0]
Timing-Allow-Origin: *
EagleId: 3ade2ea017138605425032937e

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (49)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers