Report Overview

  1. Visited public
    2024-06-05 19:09:46
    Tags
  2. URL

    129.204.205.124/app/gw/update.zip

  3. Finishing URL

    about:privatebrowsing

  4. IP / ASN
    129.204.205.124

    #45090 Shenzhen Tencent Computer Systems Company Limited

    Title
    about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
10

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
129.204.205.124unknownunknown2019-04-18 09:40:102023-12-05 05:12:28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IP 129.204.205.124
ET INFO Dotted Quad Host ZIP Request
mediumClient IP 129.204.205.124
ET INFO Dotted Quad Host ZIP Request

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS
SeverityIndicatorAlert
medium129.204.205.124Sinkholed

ThreatFox

No alerts detected


Files detected

  1. URL

    129.204.205.124/app/gw/update.zip

  2. IP

    129.204.205.124

  3. ASN

    #45090 Shenzhen Tencent Computer Systems Company Limited

  1. File type

    Zip archive data, at least v1.0 to extract, compression method=store

    Size

    3.9 MB (3935972 bytes)

  2. Hash

    7b00cac1214d343f17c52934646add75

    b66d8448d87ce6a3c9474fe76cee03fa3d285d37

  1. Archive (58)

    2. FilenameMd5File type
    NfcKing.resources.dll
    a330f9fe98d62403d7f7408355d64df6
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    iClass-Black.txt
    26dff97f8305d50b755d32d61259c44b
    		Unicode text, UTF-8 (with BOM) text
    MIfare-S20-320b-Black.txt
    bf8b3bdf35cf7a121cf99fddc7f5984c
    		Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
    MIfare-S20-320b.txt
    34d0770bcdd84a03eef753d94db73657
    		Unicode text, UTF-8 (with BOM) text
    MIfare-S50-1k-Black.txt
    cb06cb7f6afee00bcdbb1871492be4f1
    		Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
    MIfare-S50-1k.txt
    b54a6c9642aa668ba1e1383273ebcdc0
    		Unicode text, UTF-8 (with BOM) text
    Ultralight-EV1-164B-Black.txt
    2b5343ab1b756abe287cfa1e846cfebb
    		ASCII text, with CRLF line terminators
    Ultralight-EV1-164B.txt
    9eda333fb47eb07f4e38e653814a4318
    		ASCII text
    NfcKing.resources.dll
    2429d7eea11c0ce709ff5a91367ba527
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Be.Windows.Forms.HexBox.dll
    7a6a1deafc87dda48858f80b3c3eec0f
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    ChameleonMiniGUI.exe
    b0380e0a549e1212e53bac7a45107988
    		PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    ChameleonMiniGUI.exe.config
    21893023c4029d62fd41528922e21dee
    		XML 1.0 document, ASCII text, with CRLF line terminators
    Crapto1Sharp.dll
    c8903d18a45ab817d572b6b2cf426084
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    DynamicExpresso.Core.dll
    8634d7e93d203b7df8dbfcc450a30819
    		PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Map.xml
    ecaa88f7fa0bf610a5a26cf545dcd3aa
    		Unicode text, UTF-8 text, with no line terminators
    msvcr100.dll
    53e17c3eedcb0479971fbbe99fa9c0a0
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
    NfcKing.exe
    d26127dfb9e47dc210e2a25f4b83942b
    		PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    Ntool.exe
    a66ec00166f73816c35ec1c9ef650f7d
    		PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections
    PN532CardReader.pdb
    d41d8cd98f00b204e9800998ecf8427e
    update.exe
    3c4af7fc1dd461f223e12656052c40d3
    		PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
    update.exe.config
    bb5dc6045efa2481926d1cd9fd06796c
    		XML 1.0 document, ASCII text, with CRLF line terminators
    updatelist
    b8a14d7feb98c5f7cca5be33045274d7
    		ASCII text, with CRLF line terminators
    history.db
    d41d8cd98f00b204e9800998ecf8427e
    Cdc_com.exe
    182d502acf9be563d439550ed89ae54f
    		PE32 executable (GUI) Intel 80386, for MS Windows, RAR self-extracting archive, 5 sections
    Chinese.txt
    b4f5df149fca04a1723854f190a3424a
    		Unicode text, UTF-8 text
    Dutch.txt
    14954ce90fe4e4c5f7f6cbb847c785c0
    		ASCII text, with CRLF line terminators
    English.txt
    899ed515b6c41a2ed3cf36b88eb260d8
    		ASCII text
    Francais.txt
    a46b795ceb5a6546ad7392e7d0297eb3
    		Unicode text, UTF-8 text
    Franxais.txt
    a46b795ceb5a6546ad7392e7d0297eb3
    		Unicode text, UTF-8 text
    German.txt
    bb198e5b6cb7cc7cd49e4ced130874e7
    		Unicode text, UTF-8 text, with CRLF line terminators
    Greek.txt
    9c7ec2425a12e9c5157739e733148dce
    		Unicode text, UTF-8 text
    Italiano.txt
    2b6f1feaccf751ef95500720624d98d7
    		Unicode text, UTF-8 text
    Spanish.txt
    c1b257c210b55d428468e7a051c92b1f
    		Unicode text, UTF-8 (with BOM) text
    Svenska.txt
    2c6cc077271fd70104c6229d1df43325
    		Unicode text, UTF-8 text
    blankq.db
    f7ceeb63e9db26611f4e7b5e722563b9
    		data
    libnfc.dll
    fcbdca4dc480b1d5d5474b18b5c79979
    		PE32 executable (DLL) (console) Intel 80386, for MS Windows, 18 sections
    libnfc0.dll
    a77d0cf15758556d18c0ba0f7aa9cf94
    		Unicode text, UTF-8 text
    libnfc11.dll
    3513a766c4b5e756b8bd4f5a9e13267e
    		Unicode text, UTF-8 text, with CRLF line terminators
    libnfc_hardnested.exe
    42930a2bc658fd0a9a97de09965478b7
    		PE32 executable (console) Intel 80386, for MS Windows, 15 sections
    libusb6.dll
    1d8215f7f8cd02a553499b534ccfb4d5
    		PE32+ executable (DLL) (console) x86-64, for MS Windows, 5 sections
    mfcuk.exe
    c4898632a6aa5a1e82054d84587c2fe9
    		PE32 executable (console) Intel 80386, for MS Windows, 7 sections
    mfoc.exe
    31df5cbc7e81fdf1912482db50634276
    		PE32 executable (console) Intel 80386, for MS Windows, 7 sections
    mfocx64.exe
    ce88f156af30ce811f7141b2ee22f932
    		PE32+ executable (console) x86-64, for MS Windows, 7 sections
    nfc-mfsetuid.exe
    c527e2073d596fc99f5ada8f92903130
    		PE32 executable (console) Intel 80386, for MS Windows, 7 sections
    nfc.dll
    0d00984a757873c0feb7251ac585a610
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections
    nfcemulatetag.exe
    8e6876730ec52340403ea80b71762f1a
    		PE32 executable (console) Intel 80386, for MS Windows, 7 sections
    nfctag.exe
    c3af3e28ed4a369861a79d67e226c3b7
    		PE32 executable (console) Intel 80386, for MS Windows, 7 sections
    nfd.dll
    af9df826fb085012f8d3d71c01991b80
    		PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections
    nlist.exe
    725d259ba5cad7056703d508210cd8c9
    		PE32 executable (console) Intel 80386, for MS Windows, 7 sections
    pthreadVC2.dll
    7812f0f73eda837e9353b3a433abc9a9
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections
    libnfc.dll
    b8a4ffdea1128cfc9f907783939768e6
    		ASCII text, with no line terminators
    mfcuk_tmpl_oyster.mfd
    9f62d968ba9f9555ab015d956b3b4220
    		data
    mfcuk_tmpl_ratb.mfd
    286326eb129608ac621269976aba816c
    		data
    mfcuk_tmpl_skgt.mfd
    6b0fe7676b68e5b08b06ab53cac38676
    		data
    trace1.txt
    c85d21cd244dd2e63d5b64e8d0b06f84
    		ASCII text, with CRLF line terminators
    trace2.txt
    b716f1fc636a0dfcf90c39c12fb69e79
    		ASCII text, with CRLF line terminators
    trace3.txt
    93e59e02a8a39d329e61f772eaf49d07
    		ASCII text, with CRLF line terminators
    update.zip
    f0cef2f96d6043de89e723082f5683f6
    		HTML document, ASCII text, with very long lines (1836)

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    files - file ~tmp01925d3f.exe
    YARAhub by abuse.chmalware
    meth_stackstrings

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
129.204.205.124/app/gw/update.zip
129.204.205.124200 OK3.9 MB