| webdlb.160.com/universal/driver/vcredist_2005_x64.exe | 49.234.95.190 | 301 Moved Permanently | 166 B |
URL User Request GET HTTP/1.1webdlb.160.com/universal/driver/vcredist_2005_x64.exe IP49.234.95.190:80 ASN#45090 Shenzhen Tencent Computer Systems Company Limited
File typeHTML document, ASCII text, with CRLF line terminators Hash3ea1c8d079b38532a6e01a96216ba5e2 598d3ff91d3e252f1e13df8cf0348b270ff2da3f 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /universal/driver/vcredist_2005_x64.exe HTTP/1.1
Host: webdlb.160.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Tue, 07 May 2024 21:20:17 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: http://universal.driver.160.com/universal/driver/vcredist_2005_x64.exe
|
| universal.driver.160.com/universal/driver/vcredist_2005_x64.exe | 61.54.7.169 | 302 Found | 0 B |
URL User Request GET HTTP/1.1universal.driver.160.com/universal/driver/vcredist_2005_x64.exe IP61.54.7.169:443 ASN#4837 CHINA UNICOM China169 Backbone
CertificateIssuerTrustAsia Technologies, Inc. Subjectuniversal.driver.160.com Fingerprint39:04:41:F5:F8:93:50:0D:50:93:03:F3:DC:B6:82:51:A1:80:2E:93 ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /universal/driver/vcredist_2005_x64.exe HTTP/1.1
Host: universal.driver.160.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Location: https://nouniversal.driver.160.com/universal/driver/vcredist_2005_x64.exe
Content-Length: 0
X-NWS-LOG-UUID: 9157823080323388714
Connection: keep-alive
Server: Lego Server
Date: Tue, 07 May 2024 21:20:18 GMT
X-Cache-Lookup: Return Directly
|
| nouniversal.driver.160.com/universal/driver/vcredist_2005_x64.exe | 61.54.7.111 | 200 OK | 3.2 MB |
URL User Request GET HTTP/1.1nouniversal.driver.160.com/universal/driver/vcredist_2005_x64.exe IP61.54.7.111:443 ASN#4837 CHINA UNICOM China169 Backbone
CertificateIssuerTrustAsia Technologies, Inc. Subjectnouniversal.driver.160.com FingerprintFC:FB:08:56:B0:CF:22:75:7B:B9:9F:86:19:3B:E3:86:CD:95:E7:16 ValidityMon, 19 Feb 2024 00:00:00 GMT - Thu, 20 Mar 2025 23:59:59 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, 3 sections Size3.2 MB (3194536 bytes) Hashbda4f3e8213453d15702bc36c65e99d5 d7441cf2d47e7e656aa11b0718977e491a6afec1 c2e638e88c7207fb6fe14b43482b4e4348dd61ac7320bf12d261c2810b7a2f2e
Analyzer | Verdict | Alert | YARAhub by abuse.ch | malware | detect_Redline_Stealer |
GET /universal/driver/vcredist_2005_x64.exe HTTP/1.1
Host: nouniversal.driver.160.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Tue, 22 Oct 2019 01:52:35 GMT
Etag: "bda4f3e8213453d15702bc36c65e99d5"
Content-Type: application/x-msdownload
Date: Wed, 13 Mar 2024 12:57:11 GMT
Server: tencent-cos
x-cos-meta-md5: bda4f3e8213453d15702bc36c65e99d5
x-cos-request-id: NjVmMWEyYTdfNTJjNDAzMDlfMTA5MjJfMzUzMzM5ZQ==
x-cos-version-id: null
Content-Length: 3194536
Accept-Ranges: bytes
X-NWS-LOG-UUID: 7352591375828266814
Connection: keep-alive
X-Cache-Lookup: Cache Hit
|