Report - 222.195.70.221:8089/lib/driver.zip

Report Overview

Submitted URL
222.195.70.221:8089/lib/driver.zip
IP
222.195.70.221
ASN
#4538 China Education and Research Network Center
Submitted
2024-04-23 09:00:23
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
5

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
222.195.70.221:8089	unknown	unknown	No data	No data	404 B	4.2 MB	222.195.70.221

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
222.195.70.221:8089/lib/driver.zip
IP
222.195.70.221
ASN
#4538 China Education and Research Network Center

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
4.2 MB (4193502 bytes)
Hash
50ab9d8bb7ca0a5ca07f3e757eba6b61
2795669c123593b555a93c9f06ca5a82001d5c00
b6eaaf56b615832ad827ba88aba9ff443582c9e45e9dc2ad0dd292d924ae2204

Archive (42)

Filename

Md5

File type

Driver Install.exe

478dbadef2be5b766c26993baed5b171

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

DS40xxDrv.inf

27eb7daa2782f83b445fe58e1eeb6a46

Windows setup INFormation

DS40xxDrv.sys

811cd6cfeea4b30490d6c8612c35976c

PE32 executable (native) Intel 80386, for MS Windows, 8 sections

DS41xxDrv.inf

991c0611f789d30a9a29c286d41da6fe

Windows setup INFormation

DS41xxDrv.sys

a080a883c40147e3192773283adc2a16

PE32 executable (native) Intel 80386, for MS Windows, 8 sections

DS42xxDrv.inf

8602572f19574db9627d57ee87f3537e

Windows setup INFormation

DS42xxDrv.sys

ed3b8933d35f77fd2089eb96288ca438

PE32 executable (native) Intel 80386, for MS Windows, 8 sections

��װ��Demo��˵��.txt

2c7aca4217e428069d030b28c991220f

ISO-8859 text, with CRLF line terminators

data.ini

ad0bb309712556fc02bff8c20602de03

Generic INItialization configuration [SourceFolder]

data1.cab

8ffa84ada7374aaebc6b09381e94ea9b

InstallShield CAB, version 0x20004b0

data1.hdr

a8d66477aeadb43d859b2e805f6a32ed

InstallShield setup header, version 0x20004b0, descriptor size 0x245d

data2.cab

77906c49bc135eeeb02394f28194734d

InstallShield CAB, version 0x20004b0

ISSetup.dll

e0347cfb68da6e23f52fe39a198d7b12

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

layout.bin

8fd37707654f6474fb65f7a9c23f5944

data

setup.exe

a205551e7ba8580d2c0ff896a4d79fa9

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

setup.ini

cf02536bd1964a300e3fc449d6b2a6af

Generic INItialization configuration [Languages]

setup.iss

f0cb0891eb57271f98b70c22bcaab0bc

Generic INItialization configuration [File Transfer]

exvmuvc.ax

1efadfc82e62632e4e81ea4c31586e3f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

vm1028.lrc

86dd892b97cd17021162044a0a9565ae

ISO-8859 text, with CRLF line terminators

vm1033.lrc

36046e18ed919369ec685a83862c95b2

Generic INItialization configuration [VMPOWERLINEPROPERTY]

vm2052.lrc

294d755104e724126dfc9508ca49967a

Generic INItialization configuration [VMPOWERLINEPROPERTY]

VMC440.cat

5caf6cb96e4d91bed7a09d95a9d68b3d

DER Encoded PKCS#7 Signed Data

VMC440.dll

a7bafb1b1d1ab7fd9606e3a094b37a62

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

VMC440.inf

5bcc273752a0691f6f818a182da9f058

Windows setup INFormation

VMC440.sys

549ce04f9af38c2e6a8aa8d2c4b313fb

PE32+ executable (native) x86-64, for MS Windows, 9 sections

VMCtrlC440.ax

8008a2bc4acc2cb6886ed56abb23afb1

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

exvmuvc.ax

1efadfc82e62632e4e81ea4c31586e3f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

vm1028.lrc

86dd892b97cd17021162044a0a9565ae

ISO-8859 text, with CRLF line terminators

vm1033.lrc

36046e18ed919369ec685a83862c95b2

Generic INItialization configuration [VMPOWERLINEPROPERTY]

vm2052.lrc

294d755104e724126dfc9508ca49967a

Generic INItialization configuration [VMPOWERLINEPROPERTY]

VMC440.cat

c99dfce8b9b3feb4bad68fadbabd5729

DER Encoded PKCS#7 Signed Data

VMC440.dll

a7bafb1b1d1ab7fd9606e3a094b37a62

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections

VMC440.inf

bff205dc8f4aec665452eda294ddefe8

Windows setup INFormation

VMC440.sys

35fba36e3c35b9f5709238ab558d2e3c

PE32 executable (native) Intel 80386, for MS Windows, 9 sections

VMCtrlC440.ax

8008a2bc4acc2cb6886ed56abb23afb1

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

_Setup.dll

2985a79020ec96afc2d1c8ab318b866f

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 3 sections

samcoins.dll

31dd6bc79696e8f2c1371b74446195f9

PE32+ executable (DLL) (console) x86-64, for MS Windows, 4 sections

sdt_s_drv_x64.cat

aad16699ffb9bc215040da69ca3fdd2f

DER Encoded PKCS#7 Signed Data

USBDrv.sys

1681994fec5a026f53fead3e3062dcd7

PE32+ executable (native) x86-64, for MS Windows, 6 sections

USBDrvCo.inf

1958cbbcc808a8e994141daa5028b0d5

Windows setup INFormation

��߰�װж��˵��.docx

67a4b786d8dfa8ee422a26a84246a6ae

Microsoft Word 2007+

RFID_Driver_Setup.exe

3a5e1cff0fca389f5b06d7b0295cde4d

PE32 executable (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive, 4 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 3/60

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

222.195.70.221:8089/lib/driver.zip

222.195.70.221

200 OK

4.2 MB

URL User Request GET HTTP/1.1
222.195.70.221:8089/lib/driver.zip
IP
222.195.70.221:8089
ASN
#4538 China Education and Research Network Center

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
4.2 MB (4193502 bytes)
Hash
50ab9d8bb7ca0a5ca07f3e757eba6b61
2795669c123593b555a93c9f06ca5a82001d5c00
b6eaaf56b615832ad827ba88aba9ff443582c9e45e9dc2ad0dd292d924ae2204

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 3/60

HTTP Headers

GET /lib/driver.zip HTTP/1.1
Host: 222.195.70.221:8089
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cassini/2.1.8.1
Date: Tue, 23 Apr 2024 08:59:44 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: application/x-zip-compressed
Content-Length: 4193502
Connection: Close

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (42)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers