Report - xmsecu.com:8080/tool/DeviceManage/UpgradeInstall.zip

Report Overview

Submitted URL
xmsecu.com:8080/tool/DeviceManage/UpgradeInstall.zip
IP
49.4.84.205
ASN
#55990 Huawei Cloud Service data center
Submitted
2024-04-25 21:48:36
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
	unknown				422 B	8.1 MB	49.4.84.205

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
xmsecu.com:8080/tool/DeviceManage/UpgradeInstall.zip
IP
49.4.84.205
ASN
#55990 Huawei Cloud Service data center

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
8.1 MB (8081747 bytes)
Hash
3450e005ab0f5dadcfdd0acf89cd15bb
795514d3f111cec38324432c0d3efb0097c3c9b3
dcf3209b89cc590ef5a77977fb34c9d27beccf1158d22ce30e6817d1388ba852

Archive (22)

Filename

Md5

File type

Config.ini

ffa605801f6f7db1c47b4a211d5009a2

Generic INItialization configuration [SystemLogin_Info]

cyggcc_s-1.dll

d266174ae339e62d9effd7b30407db97

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 8 sections

cyglzma-5.dll

e07abb4eb7957e6384a62bfd96e0ab16

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 8 sections

cygwin1.dll

0a5a32a041aad33744a742ba32b70628

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 13 sections

cygz.dll

64d43df3ac85c29fbdb205accdc03d98

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 9 sections

DeviceManage.exe

8241f79073b60a0b2b12b942b7b6dd2e

PE32 executable (GUI) Intel 80386, for MS Windows, 7 sections

English.lang

1e62eb3a86cc9a604a1841cf6ba5bed1

Generic INItialization configuration [String]

H264Play.dll

f1b5893dd6ecfaa6e6475f325e00731b

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 8 sections

Install.bat

966823a0ecf5b2552f84fc1f40178593

DOS batch file, Unicode text, UTF-8 text, with CRLF line terminators

Japanese.lang

4953c2ac6b9a8dd969db3f766f2919c2

Generic INItialization configuration [String]

libxl.dll

8f06a601fd85e2162e81f402c74a555b

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

mkimage.dll

3725bae7e25c2362661a066487807837

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

mksquashfs.exe

edf3da1790ce2db88ebe110319ae85a6

PE32 executable (console) Intel 80386, for MS Windows, 13 sections

NetSdk.dll

0359ae97696c21bd482bafb3a659496b

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

General_HZXM_IPC_HI3518E_50H10L_S38_V4.02.R12.20141018_USER.bin

0643a268c307280d03cc8f00089c89b0

Zip archive data, at least v2.0 to extract, compression method=deflate

Russian.lang

aa5442b7b5b2eac0b2670548ea3853f7

Unicode text, UTF-16, little-endian text, with CRLF line terminators

SimpChinese.lang

b8b5322b833db2559f4e44e1af8a3d4d

Unicode text, UTF-16, little-endian text, with CRLF line terminators

StreamReader.dll

a5fc0a782cb0fa8f16bb0cea9a5d2e35

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

ToJpg.dll

63871c3f7b0d48b253b079684bad2aca

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

TradChinese.lang

264d6afb40ea80ccdc448ff30f2df191

Unicode text, UTF-16, little-endian text, with CRLF line terminators

version.txt

1d129ac0735c60a1c20880fafa98d469

ISO-8859 text, with CRLF line terminators

Wait.ani

e6f47b6fda4cf7d24829cd7f6af4c3c2

RIFF (little-endian) data, animated cursor

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Size
	xmsecu.com:8080/tool/DeviceManage/UpgradeInstall.zip	49.4.84.205	8.1 MB
URL xmsecu.com:8080/tool/DeviceManage/UpgradeInstall.zip IP 49.4.84.205:0 ASN #55990 Huawei Cloud Service data center File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 8.1 MB (8081747 bytes) Hash 3450e005ab0f5dadcfdd0acf89cd15bb 795514d3f111cec38324432c0d3efb0097c3c9b3 dcf3209b89cc590ef5a77977fb34c9d27beccf1158d22ce30e6817d1388ba852 HTTP Headers `GET /tool/DeviceManage/UpgradeInstall.zip HTTP/1.1 Host: xmsecu.com:8080 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Thu, 25 Apr 2024 21:48:08 GMT Content-Type: application/zip Content-Length: 8081747 Last-Modified: Wed, 03 Apr 2024 03:14:47 GMT Connection: keep-alive ETag: "660cc9a7-7b5153" Accept-Ranges: bytes`

xmsecu.com:8080/tool/DeviceManage/UpgradeInstall.zip

49.4.84.205

8.1 MB

URL
xmsecu.com:8080/tool/DeviceManage/UpgradeInstall.zip
IP
49.4.84.205:0
ASN
#55990 Huawei Cloud Service data center

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
8.1 MB (8081747 bytes)
Hash
3450e005ab0f5dadcfdd0acf89cd15bb
795514d3f111cec38324432c0d3efb0097c3c9b3
dcf3209b89cc590ef5a77977fb34c9d27beccf1158d22ce30e6817d1388ba852

HTTP Headers

GET /tool/DeviceManage/UpgradeInstall.zip HTTP/1.1
Host: xmsecu.com:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 21:48:08 GMT
Content-Type: application/zip
Content-Length: 8081747
Last-Modified: Wed, 03 Apr 2024 03:14:47 GMT
Connection: keep-alive
ETag: "660cc9a7-7b5153"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (22)

JavaScript (0)

HTTP Transactions (1)

URL

IP

ASN

File type

Size

Hash

HTTP Headers