Report - cdn.shopifycdn.net/s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip?v=1699946805

Report Overview

Visited public
2023-12-24 02:37:30
Tags
URL
cdn.shopifycdn.net/s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip?v=1699946805
Finishing URL
about:privatebrowsing
IP / ASN
23.227.60.200
#396982 GOOGLE-CLOUD-PLATFORM
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.shopifycdn.net	45469	2020-03-06	2020-05-26 11:40:34	2023-12-23 11:04:48	574 B	1.9 MB	23.227.60.200

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.shopifycdn.net/s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip?v=1699946805
IP
23.227.60.200
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.9 MB (1921845 bytes)
Hash
41e88a3511a4ffd98f40265ea6b42546
0ca152250441a649d359355f16f9369f1729c688
a0ab0789c21731a37e618333396c96b0351cb205aaeda249a42aa64643692fdb

Archive (3)

Filename

Md5

File type

ZXWUpdateTool.exe

6257595123844b6c100781994249b83b

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

��ģZA68_RGB68��ť_��_��_CSa1a6_20231026��䣩.hex

7d509fba9c63707346a918eadf73c8d2

ASCII text, with CRLF line terminators

ע��.txt

4533f056fcf1410814b06c06c87515d0

ISO-8859 text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	GET cdn.shopifycdn.net/s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip?v=1699946805	23.227.60.200	200 OK	1.9 MB
URL User Request GET HTTP/2 cdn.shopifycdn.net/s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip?v=1699946805 IP 23.227.60.200:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Certificate IssuerLet's Encrypt Subjectcdn.shopifycdn.net Fingerprint13:9F:AE:6F:C7:E8:12:E9:C7:25:EB:1C:59:45:7D:D5:CA:22:03:A5 ValidityThu, 09 Nov 2023 14:42:18 GMT - Wed, 07 Feb 2024 14:42:17 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 1.9 MB (1921845 bytes) Hash 41e88a3511a4ffd98f40265ea6b42546 0ca152250441a649d359355f16f9369f1729c688 a0ab0789c21731a37e618333396c96b0351cb205aaeda249a42aa64643692fdb HTTP Headers GET /s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip?v=1699946805 HTTP/1.1 Host: cdn.shopifycdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Sun, 24 Dec 2023 02:37:04 GMT content-type: application/zip content-length: 1921845 access-control-allow-origin: * access-control-expose-headers: * cache-control: public, max-age=31557600 link: <https://cdn.shopifycdn.net/s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip>; rel="canonical" timing-allow-origin: * x-content-type-options: nosniff x-request-id: da5086e3-0472-4065-896c-2c211e4c0e66 x-xss-protection: 1; mode=block strict-transport-security: max-age=15552000; includeSubDomains; preload last-modified: Sun, 24 Dec 2023 02:37:04 GMT cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXcygfeF0oqrDC5UCG9hmy8SkkQEzr%2F6lU2h0s%2F8pp1Y2vOmLC2sz4XCoiAOEHkjTuu1tYI4gUj%2Fbw6c0FZ3mE29RkBO06u4kF%2F%2FTONGcM83KdSj3xXnqRmrB5EZh3WXeTwKrQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server-timing: imagery;dur=42.564, imageryFetch;dur=42.121, cfRequestDuration;dur=272.000074 server: cloudflare cf-ray: 83a575d43f3856b5-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

GET cdn.shopifycdn.net/s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip?v=1699946805

23.227.60.200

200 OK

1.9 MB

URL User Request GET HTTP/2
cdn.shopifycdn.net/s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip?v=1699946805
IP
23.227.60.200:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subjectcdn.shopifycdn.net
Fingerprint13:9F:AE:6F:C7:E8:12:E9:C7:25:EB:1C:59:45:7D:D5:CA:22:03:A5
ValidityThu, 09 Nov 2023 14:42:18 GMT - Wed, 07 Feb 2024 14:42:17 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.9 MB (1921845 bytes)
Hash
41e88a3511a4ffd98f40265ea6b42546
0ca152250441a649d359355f16f9369f1729c688
a0ab0789c21731a37e618333396c96b0351cb205aaeda249a42aa64643692fdb

HTTP Headers

GET /s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip?v=1699946805 HTTP/1.1
Host: cdn.shopifycdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Dec 2023 02:37:04 GMT
content-type: application/zip
content-length: 1921845
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopifycdn.net/s/files/1/0577/2604/2157/files/ZA68_b1c52e17-ad67-488d-9cf7-ef221415f0a6.zip>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: da5086e3-0472-4065-896c-2c211e4c0e66
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 24 Dec 2023 02:37:04 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXcygfeF0oqrDC5UCG9hmy8SkkQEzr%2F6lU2h0s%2F8pp1Y2vOmLC2sz4XCoiAOEHkjTuu1tYI4gUj%2Fbw6c0FZ3mE29RkBO06u4kF%2F%2FTONGcM83KdSj3xXnqRmrB5EZh3WXeTwKrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=42.564, imageryFetch;dur=42.121, cfRequestDuration;dur=272.000074
server: cloudflare
cf-ray: 83a575d43f3856b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (3)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers