Report - cctvdesk.com/download-file/yyp2p_for_windows

Report Overview

Submitted URL
cctvdesk.com/download-file/yyp2p_for_windows_1.0.0.42.zip
IP
104.26.0.125
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 10:36:50
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cctvdesk.com	58812	2018-05-19	2018-09-26	2024-04-18	511 B	16 MB	172.67.73.60

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cctvdesk.com/download-file/yyp2p_for_windows_1.0.0.42.zip
IP
172.67.73.60
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
16 MB (15517547 bytes)
Hash
3235a224cb9d29a1366658b2c44f87e5
c504752e2c5a6e7b398a83d9a6ae58cdd193da1c
b7227d68fe1522cd7fc2cf6c1ad641cd04fa413f478d516c07e664c2477aa0f7

Archive (6)

Filename

Md5

File type

.DS_Store

4f17adc69f41d52a74636013d188441a

Apple Desktop Services Store

CMS quick operation guideline v1.0 -EN .pdf

f56265c3b30a16ad16592868c22e9f13

PDF document, version 1.5, 10 pages (zip deflate encoded)

CMSSetup_1.0.0.42.exe

1c75439f671719ff20080aa03d1b984c

PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections

vcredist2005.exe

199ccbe11966c1b636cc6316c7fe8c07

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

vcredist2008sp1.exe

35da2bf2befd998980a495b6f4f55e60

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

vcredist2010.exe

b88228d5fef4b6dc019d69d4471f23ec

PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files is `SliverFox` malware
YARAhub by abuse.ch	malware	detect_Redline_Stealer
VirusTotal	suspicious	VirusTotal - Scan result 1/59

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

cctvdesk.com/download-file/yyp2p_for_windows_1.0.0.42.zip

172.67.73.60

200 OK

16 MB

URL User Request GET HTTP/2
cctvdesk.com/download-file/yyp2p_for_windows_1.0.0.42.zip
IP
172.67.73.60:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcctvdesk.com
Fingerprint62:31:4F:2E:FB:0B:72:17:76:7E:E7:B1:B0:54:2D:E1:F3:F7:EE:5C
ValidityThu, 28 Mar 2024 13:46:37 GMT - Wed, 26 Jun 2024 13:46:36 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
16 MB (15517547 bytes)
Hash
3235a224cb9d29a1366658b2c44f87e5
c504752e2c5a6e7b398a83d9a6ae58cdd193da1c
b7227d68fe1522cd7fc2cf6c1ad641cd04fa413f478d516c07e664c2477aa0f7

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/59

HTTP Headers

GET /download-file/yyp2p_for_windows_1.0.0.42.zip HTTP/1.1
Host: cctvdesk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 10:36:22 GMT
content-type: application/zip
content-length: 15517547
cf-ray: 879573aa2bf1b517-OSL
cf-cache-status: MISS
accept-ranges: bytes
cache-control: max-age=691200
etag: "ecc76b-5fc5ea21-c7019039a0958443;;;"
last-modified: Tue, 01 Dec 2020 07:00:49 GMT
vary: Accept-Encoding
cf-apo-via: origin,no-cache
platform: hostinger
x-turbo-charged-by: LiteSpeed
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbJ6lEyzTAbiuOy%2BunLFXQBoH98ZSflbbhACL1HerOI0icH2Bw2GA5pkeUceHuT5%2FcbC4S5OqoKGfSehyU%2FobM7MhvkX3LnlQM1MwSCpv3OcCIzsu0L1K3zWBKx7lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (6)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers