| universal.driver.160.com/universal/driver/DTLvcredist_2005_x86.exe | 221.204.209.110 | 302 Found | 0 B |
URL User Request GET HTTP/1.1universal.driver.160.com/universal/driver/DTLvcredist_2005_x86.exe IP221.204.209.110:443 ASN#4837 CHINA UNICOM China169 Backbone
CertificateIssuerTrustAsia Technologies, Inc. Subjectuniversal.driver.160.com Fingerprint39:04:41:F5:F8:93:50:0D:50:93:03:F3:DC:B6:82:51:A1:80:2E:93 ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /universal/driver/DTLvcredist_2005_x86.exe HTTP/1.1
Host: universal.driver.160.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Location: https://nouniversal.driver.160.com/universal/driver/DTLvcredist_2005_x86.exe
Content-Length: 0
X-NWS-LOG-UUID: 5824539897000529642
Connection: keep-alive
Server: Lego Server
Date: Thu, 28 Mar 2024 21:21:38 GMT
X-Cache-Lookup: Return Directly
|
| universal.driver.160.com/ | 124.163.195.65 | | 0 B |
URL universal.driver.160.com/ IP124.163.195.65:0 ASN#4837 CHINA UNICOM China169 Backbone
CertificateIssuerTrustAsia Technologies, Inc. Subjectuniversal.driver.160.com Fingerprint39:04:41:F5:F8:93:50:0D:50:93:03:F3:DC:B6:82:51:A1:80:2E:93 ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: universal.driver.160.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Location: https://nouniversal.driver.160.com/
Content-Length: 0
X-NWS-LOG-UUID: 4914362331236562017
Connection: keep-alive
Server: Lego Server
Date: Thu, 28 Mar 2024 21:21:41 GMT
X-Cache-Lookup: Return Directly
|
| nouniversal.driver.160.com/ | 221.204.166.213 | | 449 B |
URL nouniversal.driver.160.com/ IP221.204.166.213:0 ASN#4837 CHINA UNICOM China169 Backbone
File typeXML 1.0 document, ASCII text Hash70c6b58f2293b2e1dced7a3b5a4fa8ad a7cf8f357bb9964ba702b42d709ad72b02f5db29 8bf889cd1559ee279cc8c9efccac6f2aac0e12b791053a5207891141a6732c51
GET / HTTP/1.1
Host: nouniversal.driver.160.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Content-Type: application/xml
Date: Thu, 28 Mar 2024 21:21:42 GMT
Server: tencent-cos
x-cos-request-id: NjYwNWRmNjZfNDI3MTIwOV84ZWQ4XzhjMDUzNjY=
x-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OTBjYzE2MjAxN2M1MzJiOTdkZjMxMDVlYTZjN2FiMmI0ZjZmYzUxNDY4MmRmMTFjNjMyZjA4YjA1OTdjMDY0NmI=
X-Cache-Lookup: Cache Miss, Hit From Upstream Cluster, Hit From Inner Cluster, Cache Miss
Content-Length: 449
X-NWS-LOG-UUID: 18035961659687746198
Connection: keep-alive
|
| nouniversal.driver.160.com/universal/driver/DTLvcredist_2005_x86.exe | 221.204.166.213 | 200 OK | 2.7 MB |
URL User Request GET HTTP/1.1nouniversal.driver.160.com/universal/driver/DTLvcredist_2005_x86.exe IP221.204.166.213:443 ASN#4837 CHINA UNICOM China169 Backbone
CertificateIssuerTrustAsia Technologies, Inc. Subjectnouniversal.driver.160.com FingerprintFC:FB:08:56:B0:CF:22:75:7B:B9:9F:86:19:3B:E3:86:CD:95:E7:16 ValidityMon, 19 Feb 2024 00:00:00 GMT - Thu, 20 Mar 2025 23:59:59 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, 3 sections Size2.7 MB (2682880 bytes) Hash1f8e9fec647700b21d45e6cda97c39b7 037288ee51553f84498ae4873c357d367d1a3667 9c110c0426f4e75f4384a527f0abe2232fe71f2968eb91278b16b200537d3161
Analyzer | Verdict | Alert | YARAhub by abuse.ch | malware | detect_Redline_Stealer |
GET /universal/driver/DTLvcredist_2005_x86.exe HTTP/1.1
Host: nouniversal.driver.160.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Tue, 22 Oct 2019 02:02:50 GMT
Etag: "1f8e9fec647700b21d45e6cda97c39b7"
Content-Type: application/x-msdownload
Date: Wed, 27 Mar 2024 03:38:06 GMT
Server: tencent-cos
x-cos-meta-md5: 1f8e9fec647700b21d45e6cda97c39b7
x-cos-request-id: NjYwMzk0OWVfMzYzNTE2MGJfYmIwMV82NDI4NjRi
x-cos-version-id: null
Content-Length: 2682880
Accept-Ranges: bytes
X-NWS-LOG-UUID: 10872211468439093059
Connection: keep-alive
X-Cache-Lookup: Cache Refresh Hit
|