Report - download.webcamtests.com/drivers/webcam/Realtek/10-0-16299-11322/Windows-7x86-10x86.zip

Report Overview

Visited public
2024-08-21 03:19:04
Tags
URL
download.webcamtests.com/drivers/webcam/Realtek/10-0-16299-11322/Windows-7x86-10x86.zip
Finishing URL
about:privatebrowsing
IP / ASN
172.67.223.209
#13335 CLOUDFLARENET
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-08-19 18:12:03	981 B	2.7 kB	23.33.119.57
download.webcamtests.com	unknown	2017-10-27	2018-10-06 12:10:14	2024-04-18 02:55:40	541 B	6.6 MB	172.67.223.209
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-08-19 18:12:02	1.3 kB	3.5 kB	23.33.119.57

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
download.webcamtests.com/drivers/webcam/Realtek/10-0-16299-11322/Windows-7x86-10x86.zip
IP
172.67.223.209
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
6.6 MB (6609156 bytes)
Hash
51d5e15de32dc3ebabe4db2636ce284f
b4a1c88fd3f6ad413ff38ac164f43c0d088dbbdf
9664003e9a0bd1bbb8b5847b703424cb46996d2ddc1d77089f6acf0e993390b5

Archive (45)

Filename

Md5

File type

FTData.xml

f40278e071f1578715103902540426e8

XML 1.0 document, ASCII text, with CRLF line terminators

FTDataP.xml

7feb1d34faf2c5bb771d67d0106363c4

XML 1.0 document, ASCII text, with CRLF line terminators

FTDataR0.xml

0ef04c1e8bcea356fb49401045dd5571

XML 1.0 document, ASCII text, with CRLF line terminators

FTDataR1.xml

f8349790e1adb125da918da3de2f291f

XML 1.0 document, ASCII text, with CRLF line terminators

msvcp140.dll

a9f622c03af58fc99fed5314de96b3db

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 6 sections

msvcp140d.dll

38e75652b4560c98ec4b0ac47290acea

PE32+ executable (DLL) (console) x86-64, for MS Windows, 7 sections

RsDecode.dll

9d37390567bb5f985c25793703bb007c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

RsDMFT.dll

5a1bdf5d3c2b312b8256a4c713df8453

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 10 sections

RsProvider.dll

9114a933f9ffdefcb374953189bb91f1

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

RtAsus.inf

6f7e5886527977e170aefda38e56f17e

Windows setup INFormation

RtCamO.dll

a4478a176638ee57fc980d81e5835efc

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

RtCamP.dll

9812c22a7b2d715f680d637431b4f988

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

RtCamU.exe

359e08e53a007cf7b902ec86189fd5ad

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

RtChFJ.inf

fbceec16cf75ced96426fe6e2849b54a

Windows setup INFormation

RtChHP.inf

51e528a4850dcc3c5473089cf4050d73

Windows setup INFormation

RtChHPC.inf

f10c58b487750b260da2dc21df57b2c1

Windows setup INFormation

RtChTS.inf

4418536b6883c54a1ff357d35dca08ab

Windows setup INFormation

RtDell.inf

b13305ba0072ab86f76995dbf66efb9c

Windows setup INFormation

RtDellF.inf

fdb83a3134512c19b48d0b245747bb51

Windows setup INFormation

RTFTrack.exe

272f92af4b76b592d72e9c2e9f41f5db

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

RTFTrack.xml

7811e1d8b9e144d07350d66a4f363cd9

XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators

RtHuawei.inf

06557930b4c4ddef2b744214673959a2

Windows setup INFormation

RtLeBA.inf

6f86ac5ea922ada8dc5557bc81f02613

Windows setup INFormation

RtLeJ.inf

de9e2de90ed9fce964f524ef8c193cf4

Windows setup INFormation

RtLeJA.inf

79aef3cdff273c7f357a94efe785accf

Windows setup INFormation

RtLeJE.inf

0150214c3405e5d3cacfb684ec1b72d2

Windows setup INFormation

RtLeJF.inf

14c432868de6b360c2ec1f51c3147086

Windows setup INFormation

RtLeShA.inf

42be5fc05b593395bc2eff7084193dfa

Windows setup INFormation

RtLeShF.inf

07d0b4cf4f8635414d70c414fdb72d31

Windows setup INFormation

RtLeShL.inf

a3a21f7baebbb9b824fe83191fb535a6

Windows setup INFormation

RtLeShS.inf

881d7b3f9365cd0bbc895cad7cb1cbfb

Windows setup INFormation

RtLeShV.inf

08ba87ebfe69cc125a5b7538ae5f97ca

Windows setup INFormation

RtLeSLF.inf

93a62f5a06a27cf3d010d21b55a23c59

Windows setup INFormation

RtNec.inf

a09f2025cc23afb265f8511f40d611f8

Windows setup INFormation

RtPanasonic.inf

8880d72acadc6f2cf303fc444a82bf09

Windows setup INFormation

RtSamSu.inf

61ab5e41f934324f810943aea1976a8c

Windows setup INFormation

RtsCM.exe

0ecfb1665cf25d6311af6f76d6746b22

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

RtsCM.xml

14e300aaeef59f9818eb3d8e6cacecc6

XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators

RtsMFT0.dll

0b7340e16c150e48fcaba7610e70bd38

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

RtsUVC.inf

f8e1fcf3be414c6b005598ddc073d72d

Windows setup INFormation

RtsUVC.sys

cd94dc0c59812d68b9c173acd7261c18

PE32 executable (native) Intel 80386, for MS Windows, 8 sections

rtsuvc32.cat

94b6f6b15f639851127e8e7996233ca0

DER Encoded PKCS#7 Signed Data

RtTWN.ds

345d1880c1f9e5b543cb9fb062b6570c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

vccorlib140.dll

eb4318cd6987c322571dd1e2a9f9dcc8

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 6 sections

vcruntime140.dll

fd2da4cddf42c6f6188081a2e57a38a3

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (8)

	URL	IP	Response	Size
	r11.o.lencr.org/	23.33.119.57		504 B
URL r11.o.lencr.org/ IP 23.33.119.57:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 50a89b39234eb6cc4eda70d7e27be17f 306340eb26b6817fd8851a085563a88eed7e2b6b eaabd011ed0722deeee97e566b8318b17d8e993d31db4c2cc31cf0e3cd8191f5 HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "EAABD011ED0722DEEEE97E566B8318B17D8E993D31DB4C2CC31CF0E3CD8191F5" Last-Modified: Mon, 19 Aug 2024 12:55:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2941 Expires: Wed, 21 Aug 2024 04:07:34 GMT Date: Wed, 21 Aug 2024 03:18:33 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.33.119.57		504 B
URL r10.o.lencr.org/ IP 23.33.119.57:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 845d79542d05f08c933181b3750ce01b 0220d4237c8891f2c270be589e23d0036c397d62 4689a75cc3d66fe81d22664238a8bf82f2c96f28f52752eaf39f5d4aee4b3f51 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "4689A75CC3D66FE81D22664238A8BF82F2C96F28F52752EAF39F5D4AEE4B3F51" Last-Modified: Sun, 18 Aug 2024 18:27:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3882 Expires: Wed, 21 Aug 2024 04:23:15 GMT Date: Wed, 21 Aug 2024 03:18:33 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.33.119.57		504 B
URL r10.o.lencr.org/ IP 23.33.119.57:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 5d0dd93e6a07253100201a9c8a3e15a5 30adbd52887825ae2779d7fb12276bed8b1d8178 07bb496669af2e33765f0ad730934dad6f8ad79a628c6b21cd545505335471c6 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "07BB496669AF2E33765F0AD730934DAD6F8AD79A628C6B21CD545505335471C6" Last-Modified: Mon, 19 Aug 2024 21:59:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3271 Expires: Wed, 21 Aug 2024 04:13:05 GMT Date: Wed, 21 Aug 2024 03:18:34 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.33.119.57		504 B
URL r10.o.lencr.org/ IP 23.33.119.57:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 18f75729f3e25e2eb7f12b70dfce3849 479177b92dda7c4e8763c80a15cbc71c3386d06c 0b7da2da1fcba23c5118479e14828f87a605a32af15d0962f216115a9ff1d02a HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "0B7DA2DA1FCBA23C5118479E14828F87A605A32AF15D0962F216115A9FF1D02A" Last-Modified: Sun, 18 Aug 2024 15:19:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19511 Expires: Wed, 21 Aug 2024 08:43:46 GMT Date: Wed, 21 Aug 2024 03:18:35 GMT Connection: keep-alive`

	download.webcamtests.com/drivers/webcam/Realtek/10-0-16299-11322/Windows-7x86-10x86.zip	172.67.223.209	200 OK	6.6 MB
URL User Request GET HTTP/2 download.webcamtests.com/drivers/webcam/Realtek/10-0-16299-11322/Windows-7x86-10x86.zip IP 172.67.223.209:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectwebcamtests.com FingerprintCC:A7:DF:14:69:5D:E1:67:AE:80:ED:E2:25:13:82:5E:11:AA:0C:F1 ValiditySat, 10 Aug 2024 01:39:28 GMT - Fri, 08 Nov 2024 01:39:27 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 6.6 MB (6609156 bytes) Hash 51d5e15de32dc3ebabe4db2636ce284f b4a1c88fd3f6ad413ff38ac164f43c0d088dbbdf 9664003e9a0bd1bbb8b5847b703424cb46996d2ddc1d77089f6acf0e993390b5 HTTP Headers GET /drivers/webcam/Realtek/10-0-16299-11322/Windows-7x86-10x86.zip HTTP/1.1 Host: download.webcamtests.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 21 Aug 2024 03:18:34 GMT content-type: application/zip content-length: 6609156 last-modified: Wed, 05 Feb 2020 17:30:44 GMT etag: "5e3afbc4-64d904" x-remote-ip: 91.90.42.154 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkNfqJyVvFA9A6lzGiwqbEhdR0%2BQYLAvfqSF1YuHjDpBV0pGB1LKt46GARI7c8Uu%2FiDePVIf9tZL1PLC3NFF4Ffj6%2FLGSAXgj2Wr4V8ULIZVRBv9arldbEOFaNiv4a%2BLWiqtd%2B0zigRoxzI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8b677a014ddd56a8-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	r11.o.lencr.org/	23.36.76.226		504 B
URL r11.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 663683cf83257c4867434f1b98db8939 f0ca9dbee82d2d4031edbf65bc9aa36d25264687 42b541fd8690abf306d19e5601a846c6b5a6c494342f17fe60b6048a340cd67d HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "42B541FD8690ABF306D19E5601A846C6B5A6C494342F17FE60B6048A340CD67D" Last-Modified: Tue, 20 Aug 2024 09:16:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2792 Expires: Wed, 21 Aug 2024 04:05:08 GMT Date: Wed, 21 Aug 2024 03:18:36 GMT Connection: keep-alive`

	r11.o.lencr.org/	23.36.76.226		504 B
URL r11.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 663683cf83257c4867434f1b98db8939 f0ca9dbee82d2d4031edbf65bc9aa36d25264687 42b541fd8690abf306d19e5601a846c6b5a6c494342f17fe60b6048a340cd67d HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "42B541FD8690ABF306D19E5601A846C6B5A6C494342F17FE60B6048A340CD67D" Last-Modified: Tue, 20 Aug 2024 09:16:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2792 Expires: Wed, 21 Aug 2024 04:05:08 GMT Date: Wed, 21 Aug 2024 03:18:36 GMT Connection: keep-alive`

	r11.o.lencr.org/	23.36.77.32		504 B
URL r11.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 663683cf83257c4867434f1b98db8939 f0ca9dbee82d2d4031edbf65bc9aa36d25264687 42b541fd8690abf306d19e5601a846c6b5a6c494342f17fe60b6048a340cd67d HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "42B541FD8690ABF306D19E5601A846C6B5A6C494342F17FE60B6048A340CD67D" Last-Modified: Tue, 20 Aug 2024 09:16:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2808 Expires: Wed, 21 Aug 2024 04:05:24 GMT Date: Wed, 21 Aug 2024 03:18:36 GMT Connection: keep-alive`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (45)

Detections

JavaScript (0)

HTTP Transactions (8)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers