Report - cdn-media.huggingface.co/frpc-gradio-0.3/frpc_windows

Report Overview

Visitedpublic

2024-09-23 22:00:15

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-23 07:24:11	981 B	2.7 kB	23.33.119.57
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-23 07:24:14	1.3 kB	3.5 kB	23.33.119.27
cdn-media.huggingface.co	unknown	2016-07-18	2023-02-13 16:06:29	2024-09-03 10:48:10	517 B	12 MB	143.204.55.69

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-09-23	medium	cdn-media.huggingface.co/frpc-gradio-0.3/frpc_windows_amd64.exe	Linux.Proxy.Frp

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

cdn-media.huggingface.co/frpc-gradio-0.3/frpc_windows_amd64.exe

IP / ASN

143.204.55.69

#16509 AMAZON-02

File Overview

File TypePE32+ executable (console) x86-64, for MS Windows, 8 sections

Size12 MB (12315136 bytes)

MD56ac79215a7ced7e1e71a9ad173233f80

SHA1a12521a48970aa89f54b70279b5ae5fae6f346c4

SHA25614bc0ea470be5d67d79a07412bd21de8a0a179c6ac1116d7764f68e942dc9ceb

Detections

Analyzer	Verdict	Alert
Elastic Security YARA Rules	malware	Linux.Proxy.Frp

JavaScript (0)

HTTP Transactions (8)

URL IP Response Size

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-23

Last Seen2024-09-28

Times Seen30040

Size504 B (504 bytes)

MD572e206e9b89445fb2fb4031a6abe6169

SHA1a18bebfb86a71685bd817c15e348cfb5ea438c72

SHA256856f85441e043130f88668be6cf68110187856f17999bddc4332437d383c79b6

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "856F85441E043130F88668BE6CF68110187856F17999BDDC4332437D383C79B6"
Last-Modified: Mon, 23 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4882
Expires: Mon, 23 Sep 2024 23:21:10 GMT
Date: Mon, 23 Sep 2024 21:59:48 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-23

Last Seen2024-09-28

Times Seen2794

Size504 B (504 bytes)

MD545bb723a1174e82d026bc311af3c166e

SHA18cbcbd02f9b502eceff234b965df8e1878431f3a

SHA2563b65014c44a993c77cc67c6fe2df7d305bf95495b2f23d72a56fdce16ee11973

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3B65014C44A993C77CC67C6FE2DF7D305BF95495B2F23D72A56FDCE16EE11973"
Last-Modified: Mon, 23 Sep 2024 16:40:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9738
Expires: Tue, 24 Sep 2024 00:42:06 GMT
Date: Mon, 23 Sep 2024 21:59:48 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-23

Last Seen2024-09-28

Times Seen3022

Size504 B (504 bytes)

MD5cee6f187f86d8f7b2779939286a4bbaa

SHA152ca24c4137cb54a6437894f645919084cb479ee

SHA256e1738902960c8c11c246196351ee0adbe1f5c5722ba7765dc0a536efff18b85e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E1738902960C8C11C246196351EE0ADBE1F5C5722BA7765DC0A536EFFF18B85E"
Last-Modified: Mon, 23 Sep 2024 13:26:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10848
Expires: Tue, 24 Sep 2024 01:00:37 GMT
Date: Mon, 23 Sep 2024 21:59:49 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-22

Last Seen2024-09-28

Times Seen24132

Size504 B (504 bytes)

MD58ab80371465a057b549a046eb6f97853

SHA10ccf179fc8a2f02fc91bdb73161837daf6f5c08a

SHA256e8d786bfe63e0db6078c37a721dcd2c244ca27d70e5ecc8d99ccea1755073729

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E8D786BFE63E0DB6078C37A721DCD2C244CA27D70E5ECC8D99CCEA1755073729"
Last-Modified: Sun, 22 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7580
Expires: Tue, 24 Sep 2024 00:06:09 GMT
Date: Mon, 23 Sep 2024 21:59:49 GMT
Connection: keep-alive

GET cdn-media.huggingface.co/frpc-gradio-0.3/frpc_windows_amd64.exe

143.204.55.69

200 OK

12 MB

URL User Request GET HTTPS

cdn-media.huggingface.co/frpc-gradio-0.3/frpc_windows_amd64.exe

IP / ASN

143.204.55.69

#16509 AMAZON-02

Requested byN/A

Resource Info

File typePE32+ executable (console) x86-64, for MS Windows, 8 sections

First Seen2024-09-24

Last Seen2025-05-28

Times Seen9

Size12 MB (12315136 bytes)

MD56ac79215a7ced7e1e71a9ad173233f80

SHA1a12521a48970aa89f54b70279b5ae5fae6f346c4

SHA25614bc0ea470be5d67d79a07412bd21de8a0a179c6ac1116d7764f68e942dc9ceb

Certificate Info

IssuerAmazon

Subjecthuggingface.co

Fingerprint3C:C8:37:B1:60:20:4B:3C:F1:6A:6A:6A:0E:B7:22:23:91:6B:2C:D2

ValidityMon, 13 May 2024 00:00:00 GMT - Wed, 11 Jun 2025 23:59:59 GMT

Detections

Analyzer	Verdict	Alert
Elastic Security YARA Rules	malware	Linux.Proxy.Frp

HTTP Headers

GET /frpc-gradio-0.3/frpc_windows_amd64.exe HTTP/1.1
Host: cdn-media.huggingface.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-msdownload
content-length: 12315136
date: Mon, 23 Sep 2024 05:45:07 GMT
last-modified: Fri, 30 Aug 2024 02:33:49 GMT
etag: "6ac79215a7ced7e1e71a9ad173233f80"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c3OVKJGfb2FGdBWTy7g-uT6IZQEWsfK_5wU-ljL49LXf51J8gZYOxw==
age: 58483
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-23

Last Seen2024-09-28

Times Seen9001

Size504 B (504 bytes)

MD59b46c3577c9513b260ce14c295639451

SHA1500d1a034702255133167cbbb43b8be0e6d7523e

SHA256046224cbdaa03b08777500a934c9044b725cf5e2a50d1f80dfe7a31712694ab9

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "046224CBDAA03B08777500A934C9044B725CF5E2A50D1F80DFE7A31712694AB9"
Last-Modified: Mon, 23 Sep 2024 12:40:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10413
Expires: Tue, 24 Sep 2024 00:53:24 GMT
Date: Mon, 23 Sep 2024 21:59:51 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-23

Last Seen2024-09-28

Times Seen9001

Size504 B (504 bytes)

MD59b46c3577c9513b260ce14c295639451

SHA1500d1a034702255133167cbbb43b8be0e6d7523e

SHA256046224cbdaa03b08777500a934c9044b725cf5e2a50d1f80dfe7a31712694ab9

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "046224CBDAA03B08777500A934C9044B725CF5E2A50D1F80DFE7A31712694AB9"
Last-Modified: Mon, 23 Sep 2024 12:40:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10413
Expires: Tue, 24 Sep 2024 00:53:24 GMT
Date: Mon, 23 Sep 2024 21:59:51 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.57

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-09-23

Last Seen2024-09-28

Times Seen9001

Size504 B (504 bytes)

MD59b46c3577c9513b260ce14c295639451

SHA1500d1a034702255133167cbbb43b8be0e6d7523e

SHA256046224cbdaa03b08777500a934c9044b725cf5e2a50d1f80dfe7a31712694ab9

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "046224CBDAA03B08777500A934C9044B725CF5E2A50D1F80DFE7A31712694AB9"
Last-Modified: Mon, 23 Sep 2024 12:40:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10413
Expires: Tue, 24 Sep 2024 00:53:24 GMT
Date: Mon, 23 Sep 2024 21:59:51 GMT
Connection: keep-alive