Report - partnerdownload.xunyou.com/specver/xunyou

Report Overview

Visited public
2025-02-23 11:03:21
Tags
URL
partnerdownload.xunyou.com/specver/xunyou_duowan.zip
Finishing URL
about:privatebrowsing
IP / ASN
23.33.119.147
#20940 Akamai International B.V.
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
partnerdownload.xunyou.com	535736	2005-06-26	2013-06-06	2025-02-16	518 B	18 MB	23.36.76.161

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
partnerdownload.xunyou.com/specver/xunyou_duowan.zip
IP
23.36.76.161
ASN
#20940 Akamai International B.V.

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
18 MB (17576462 bytes)
Hash
f36c30f2d20fd4c733e66bc9efdcc273
c8f9363c0a7844474270af56d154e0c150866c3c
74e0df46a69be8aed7cf2d81468446afb10970773eb20ebe6137ca17b274d848

Archive (110)

Filename

Md5

File type

FlowSta.dll

7ffe88bc9e648fc90e1e70f0f36c05dc

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

game_find.dll

dbaf29984fc06cdf3a44687deff790c0

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

gameconfig.txt

ce22bd9966655f5224b847784d798d0d

ASCII text, with CRLF line terminators

games.txt

8ae7c7bcfa36503137cf06b014f0d242

ASCII text, with CRLF line terminators

gameurlinfo.txt

e1ed159474d1bb0d5399951ddeead81e

ASCII text, with CRLF line terminators

installlsp.exe

afa65a682a25c764482d8ca994035bca

PE32+ executable (GUI) x86-64, for MS Windows, 5 sections

js.dll

fdf3217fca5a773b008067f70ee2cfea

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

libeay32.dll

964e8f5dcaa913e1b742e401fe8060e6

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 7 sections

misc.dll

a2441eaee98692491785de71362c7cd6

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

misc.exe

5daf927aa97729af6c98d04d9a328db6

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

mode3.dll

f62e2ff59dda3d38849634e0c91830d6

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

mode4.dll

d58c84663d75e735c730660e8ff691db

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

newwhitelist.txt

6b15281b84c9fed8ecc78cfb79166b72

ASCII text, with CRLF line terminators

nodes.txt

12f52e4e5a7134cd13efd5d0d3253a3b

ASCII text, with CRLF line terminators

ProTraMon.dll

191364654d44002f55d128fde5e39583

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

ProTraMonIF.dll

ad60f0a6de2fb302f8f77e88dc1fb2d1

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

rasRemote.exe

69e91ede5b8bb6de11ef9fce9b562f4f

PE32+ executable (console) x86-64, for MS Windows, 5 sections

skin.txt

594cb2bf6b562ac2b0940be0cda386ca

ASCII text, with CRLF line terminators

special.txt

8364f3e97119bf4b20081690b3eecec7

ASCII text, with CRLF line terminators

splist.txt

44fb7bd628b76ea01703c5b8f6c23329

ASCII text, with CRLF line terminators

ssleay32.dll

117f18d0480c1c591c1780339152d977

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

style.xml

834057f6e6a039b57641928415b1f3bb

ASCII text, with CRLF line terminators

ta.key

90558e23b3cdb3a4e97cd49253cd85a2

ASCII text

UIView.dll

adb52658e19c0454f81d9bc12a9370b2

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

uninstall.dat

be323b825c3f64010479c51c22fe66ad

data

uninstall.exe

7d16f15bb78a311016c9cb6c5bdcf505

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

uninstalllsp.exe

ebac224f15814fd6467d02a2c9598fba

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

update.dll

abca61d7a9fcc42c84cddfce40984c01

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

update.exe

6873b85e5bd250a5db652e5b705e738f

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

verinfo.ini

48f426c613d27c67deacd2c0189c1de0

ASCII text, with CRLF line terminators

VersionCollect.exe

cd7b739cfb0e6fa8448c035d95fe3785

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

ws_xunyou.dll

20a7f20248d556062db9623d9fe6a995

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

ws_xunyou64.dll

c9db1117199f2a96885f7f83800a730f

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections

xunyou.exe

2bcb331f7d01ef0fe5ac344c76bfc73b

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

xunyouat.dll

59ef0c7b0ca5211ef555c64adab749d6

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

xunyouip.dll

1297bc4c418729fe195776491f2771d6

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

xunyount64.dll

2715cc446da77d4b27bc2f8ffb63a266

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

xunyouplatform.txt

1aaa27f75d49bf40a8bf8655d20cfbee

ASCII text, with CRLF line terminators

XunYouTM.exe

193ba33593e6fd1c80b237082afec2c3

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

XYCrashReport.exe

d922ee40cbda2c50a5441e2bf71edd86

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

XYDump.dll

3fea518336c0e03e34e7460db82e3c38

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

xyforwarder.exe

9deec6b81c2c9e734c29d5f4c264f6e8

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

XYQuick.exe

98f9c6a294547d2e6526cf5f5d1b2933

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

XYQuick64.exe

ef94ed1df536183e1f42ca0691039a34

PE32+ executable (GUI) x86-64, for MS Windows, 7 sections

XYQuickLink.dll

fbe8b3cb48dd6bae50a92ba2a2ea29c9

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

alarm.txt

d91e7f1e7d5120dd78b78d950d075741

Generic INItialization configuration [SPEED]

AreaEqGame.txt

05c92653a9263b283984cd79d45e850e

ASCII text, with CRLF line terminators

areavpnnode.txt

d41d8cd98f00b204e9800998ecf8427e

BlackList.txt

fe7cb2da2d0dc86f6ae7a9dba881d8ee

ISO-8859 text, with CRLF line terminators

blackrouter.txt

2e5e164600d789de8ad96b032e878a04

ASCII text, with CRLF line terminators

gameAreaDR.txt

4868381b768aa26d80b68a2d498696e4

ASCII text, with no line terminators

gameareaspro.txt

cb30ab74ca37d28e62c56c1074d78c49

ASCII text, with CRLF line terminators

gamecomparison.txt

c4f24c30bb1f262f302b2e9d56116de4

ASCII text, with CRLF line terminators

gameDataConfig.txt

a2cb9b38e35b143a148bab00fca49b4b

ASCII text, with very long lines (65536), with no line terminators

gamelist.txt

1078d72f637997c42d655dfe9e57375b

CSV ASCII text

gameNodesIndicator.txt

9f1499294611adbc0e2e4a63e4aeb4ce

ASCII text, with CRLF line terminators

gamesdata.txt

e04c9da0a4313fd198c40414f82d164a

ASCII text, with CRLF line terminators

gameserverorder.txt

20b1b31e1bf957a4a7cf66b3d2473f3c

ASCII text, with CRLF line terminators

gamespf.txt

4c47561567b18be5bb169960f37b46dc

ASCII text, with CRLF line terminators

gamesudpenable.txt

a667f97fb41cfc2fa8e4ac4218f95d54

ASCII text, with CRLF line terminators

gametype.txt

a924b17edc282230930dc63cc7506bee

ASCII text, with CRLF line terminators

game_info.txt

99f95de2d2e8ea0fdb87d1fcc1ecdbf6

ASCII text, with CRLF line terminators

Game_Path.txt

16693573587f3e28e713102e28396461

CSV ISO-8859 text

Hf_PlatForm.txt

53dd7f6972206587a34074745a9bcad7

ASCII text, with CRLF line terminators

hostgames.txt

ea870601853f04c82d3ab15bc7a40e92

ASCII text, with CRLF line terminators

hostgametype.txt

2a0cb9380b68278720810c15a5520d99

ASCII text, with no line terminators

hostrt.txt

3e3807491f8820235a1a16f002a9c66f

ASCII text, with CRLF line terminators

interCfg.txt

84890dfd63e56cb7f4dd1e497ad976cc

Generic INItialization configuration [Mon]

intl_xunyou.txt

5a2be52fdb7d04efcf9674fc8ff1f48f

ASCII text, with CRLF line terminators

mode4route.txt

fc82bc8b4a3d19660ff508966023df0e

ASCII text, with CRLF line terminators

newexcluderoute.txt

36873c9220d6fa04a0bddd0a4a831f6f

ASCII text, with CRLF line terminators

newgamelist.txt

191204844271666eec0f6f64ea8048e2

CSV ASCII text

nodeareas.txt

0d23d38fafbf8cc8f7cca7e641c5a08e

ASCII text, with CRLF line terminators

nodelinename.txt

13b7d8a730593dd5279e7cb82b4a46c7

ASCII text, with no line terminators

nodeNameOnArea.txt

9adeb43c902e25662c432e3623b5c812

ASCII text, with no line terminators

noderecommend.txt

9f67dd002c855fa6fe738aa52ff22f46

ASCII text, with CRLF line terminators

nodes2.txt

4387ab49c3b8251d4b04904c95177c3a

ASCII text, with CRLF line terminators

nodesnb.txt

c280801b1f7b4c385bc80f47e178eac5

ASCII text, with CRLF line terminators

nodesos.txt

df58b07a549fd91c9d26db8ccf200100

ASCII text, with CRLF line terminators

osgames.txt

8235331efa13e46c88697b2bbfc168a7

ASCII text, with CRLF line terminators

osgametype.txt

1896e5f838cf11d9db8c992384f0f895

ASCII text, with CRLF line terminators

oshot.txt

586f1321171ff5a31aedfd32bec9f422

ASCII text, with CRLF line terminators

osrt.txt

23ea365a5e34325343817f53926b8492

ASCII text, with CRLF line terminators

privilegegametip.txt

34a9939ee9cc31765e88f08c2835fe6b

ASCII text, with CRLF line terminators

speedviewcfg.txt

52e6a0149c1840a5e89a5059173ae0a3

ASCII text, with no line terminators

subgames.txt

f4312688bff265229c4057b8aa0f7788

ASCII text, with CRLF line terminators

updateserver.txt

b3b2b750cc3b45447b7c04f7a3909971

ASCII text, with CRLF line terminators

verify.txt

0edc26c9dea039d454ccc23c3274db71

ASCII text, with CRLF line terminators

VS_PlatForm.txt

e11718874e6168999ab8695879fc7b85

ASCII text, with CRLF line terminators

webgames.txt

f33f6fc169eb450533e388e08fd6f821

ASCII text, with CRLF line terminators

webgametype.txt

f00ed37822935ad65bab6dbf3e27b58b

ASCII text, with no line terminators

webp2p.txt

f063462e137c25ee725a6bb10458dc16

ASCII text, with CRLF line terminators

Whitelist.txt

d47bddb63d53c0e793a4e050a9937b0a

ASCII text, with CRLF line terminators

xunyou.txt

0d99e7b556bce94eb8aebf16340d3925

ASCII text, with CRLF line terminators

bmnet32.inf

ac79236bbe50b089a316266205fef598

Windows setup INFormation

bmnet32.txt

35f6e88285cdc66f61de02cd3154e52d

PE32 executable (native) Intel 80386, for MS Windows, 7 sections

bmnet64.inf

7e378c481181d087eb5a6342c1af3212

Windows setup INFormation

bmnet64.txt

814d7ce124444c654a239806e077ec3a

PE32+ executable (native) x86-64, for MS Windows, 8 sections

bmnetx64.cat

5fa33c19f532c002466e1ce744200b00

DER Encoded PKCS#7 Signed Data

bmnetx86.cat

28ea98d89891820d8b81c93d4081ae10

DER Encoded PKCS#7 Signed Data

drvinst32.exe

b85d584be0353b4538e04968bc85d8b0

PE32 executable (console) Intel 80386, for MS Windows, 4 sections

drvinst64.exe

44479e442229fd7a0018588b2aac70de

PE32+ executable (console) x86-64, for MS Windows, 5 sections

252.ico

d2728eb3619df4aa796da3e9f865eb66

MS Windows icon resource - 4 icons, 256x256, 32 bits/pixel, 48x48, 32 bits/pixel

default.xml

60047980ded951172a1a83df86c050d9

data

NHComm.dll

87256d955aac9a37527ff8fd36ed12cf

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

areanode.txt

29b537ac7ad84816bfb491b7521d226d

CSV ASCII text

ca.crt

fe064a7b0e8b020e08cb9d5bfc595973

PEM certificate

client.crt

e5c4637af97a12a0bcf018bf251eecd2

data

conncfg.bin

a148fc031a5ecafc0d557b591b2d6164

ASCII text, with CRLF line terminators

conncfg6.bin

38e4e35f2aae7bc0daa9853aeda39fc1

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 3/63

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

partnerdownload.xunyou.com/specver/xunyou_duowan.zip

23.36.76.161

200 OK

18 MB

URL User Request GET HTTP/1.1
partnerdownload.xunyou.com/specver/xunyou_duowan.zip
IP
23.36.76.161:443
ASN
#20940 Akamai International B.V.

Certificate
IssuerLet's Encrypt
Subjectmy.xunyou.com
Fingerprint7C:69:6B:03:AB:48:E5:A7:99:A9:18:9F:EB:5A:A7:29:B1:F5:DD:6C
ValidityMon, 30 Dec 2024 05:18:19 GMT - Sun, 30 Mar 2025 05:18:18 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
18 MB (17576462 bytes)
Hash
f36c30f2d20fd4c733e66bc9efdcc273
c8f9363c0a7844474270af56d154e0c150866c3c
74e0df46a69be8aed7cf2d81468446afb10970773eb20ebe6137ca17b274d848

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 3/63

HTTP Headers

GET /specver/xunyou_duowan.zip HTTP/1.1
Host: partnerdownload.xunyou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/zip
EO-LOG-UUID: 1670166237475474317
EO-Cache-Status: MISS
Last-Modified: Fri, 20 Apr 2018 07:20:03 GMT
Content-Length: 17576462
Cache-Control: max-age=300
Expires: Sun, 23 Feb 2025 11:07:48 GMT
Date: Sun, 23 Feb 2025 11:02:48 GMT
Connection: keep-alive

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (110)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers