Report - pdds.quark.cn/download/stfile/kkprnnkoklokmmrp/quarkit-arm64-v8a-20220424104922-7z.zip

Report Overview

Submitted URL
pdds.quark.cn/download/stfile/kkprnnkoklokmmrp/quarkit-arm64-v8a-20220424104922-7z.zip
IP
59.82.23.63
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Submitted
2024-04-23 07:51:31
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pdds.quark.cn	unknown	2012-06-18	2023-04-27	2024-04-17	540 B	800 B	59.82.23.63
pdds-cdn.quark.cn	unknown	2012-06-18	2023-03-07	2024-04-17	658 B	5.1 MB	61.170.80.232

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
pdds-cdn.quark.cn/27-4/stfile/2204/e488477c1db50841985b7e7635893030/quarkit-arm64-v8a-20220424104922-7z.zip?auth_key=1714463463-0-0-1f9000c708e28ee3a72640d13ec93aa8&SESSID=0eb7dcf9d06880dd3c1c1d87b2a914c0
IP
61.170.80.232
ASN
#4812 China Telecom Group

File type
7-zip archive data, version 0.4
Size
5.1 MB (5058474 bytes)
Hash
e488477c1db50841985b7e7635893030
7d1e12ef6f701e24d698ea7a984a14e1d176cbee
2bc274afe459e118bac113a9f8377397d68c042ff81af97e930dff3f1ad25fa0

Archive (5)

Filename

Md5

File type

lib_info.json

fde666b7b1145606561526fa74223308

JSON text data

libopencv_java3.so

cb1acdd77f0562c3ca5146f293b55113

ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV)

libquarkit.so

faa25c27c7265d8786136cff164758a8

ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV)

libtbb.so

40b37f74c2c6a596512df1572aa4e23d

ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV)

libupipe_jni.so

b32a981d295bdae3f9da93902f211f82

ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV)

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	pdds.quark.cn/download/stfile/kkprnnkoklokmmrp/quarkit-arm64-v8a-20220424104922-7z.zip	59.82.23.63	302 Found	0 B
URL User Request GET HTTP/2 pdds.quark.cn/download/stfile/kkprnnkoklokmmrp/quarkit-arm64-v8a-20220424104922-7z.zip IP 59.82.23.63:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Certificate IssuerGlobalSign nv-sa Subject.alibaba.com FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /download/stfile/kkprnnkoklokmmrp/quarkit-arm64-v8a-20220424104922-7z.zip HTTP/1.1 Host: pdds.quark.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Tue, 23 Apr 2024 07:51:03 GMT content-length: 0 location: https://pdds-cdn.quark.cn/27-4/stfile/2204/e488477c1db50841985b7e7635893030/quarkit-arm64-v8a-20220424104922-7z.zip?auth_key=1714463463-0-0-1f9000c708e28ee3a72640d13ec93aa8&SESSID=0eb7dcf9d06880dd3c1c1d87b2a914c0 server: Tengine x-application-context: pdds:9019 set-cookie: downloadid=0eb7dcf9d06880dd3c1c1d87b2a914c0; Max-Age=1800; Expires=Tue, 23-Apr-2024 08:21:03 GMT x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: 0 x-frame-options: DENY strict-transport-security: max-age=31536000 ; includeSubDomains eagleeye-traceid: 213d9b9717138586639073932efc32 timing-allow-origin: X-Firefox-Spdy: h2

	pdds-cdn.quark.cn/27-4/stfile/2204/e488477c1db50841985b7e7635893030/quarkit-arm64-v8a-20220424104922-7z.zip?auth_key=1714463463-0-0-1f9000c708e28ee3a72640d13ec93aa8&SESSID=0eb7dcf9d06880dd3c1c1d87b2a914c0	61.170.80.232	200 OK	5.1 MB
URL User Request GET HTTP/1.1 pdds-cdn.quark.cn/27-4/stfile/2204/e488477c1db50841985b7e7635893030/quarkit-arm64-v8a-20220424104922-7z.zip?auth_key=1714463463-0-0-1f9000c708e28ee3a72640d13ec93aa8&SESSID=0eb7dcf9d06880dd3c1c1d87b2a914c0 IP 61.170.80.232:443 ASN #4812 China Telecom Group Certificate IssuerGlobalSign nv-sa Subjectpdds-cdn.quark.cn Fingerprint35:31:5A:7D:83:7E:0C:93:64:56:AF:B6:98:39:31:20:46:D0:B4:A0 ValidityMon, 25 Mar 2024 07:56:08 GMT - Sat, 26 Apr 2025 07:56:07 GMT File type 7-zip archive data, version 0.4 Size 5.1 MB (5058474 bytes) Hash e488477c1db50841985b7e7635893030 7d1e12ef6f701e24d698ea7a984a14e1d176cbee 2bc274afe459e118bac113a9f8377397d68c042ff81af97e930dff3f1ad25fa0 HTTP Headers GET /27-4/stfile/2204/e488477c1db50841985b7e7635893030/quarkit-arm64-v8a-20220424104922-7z.zip?auth_key=1714463463-0-0-1f9000c708e28ee3a72640d13ec93aa8&SESSID=0eb7dcf9d06880dd3c1c1d87b2a914c0 HTTP/1.1 Host: pdds-cdn.quark.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Server: Tengine Content-Type: application/zip Content-Length: 5058474 Connection: keep-alive Date: Tue, 23 Apr 2024 07:03:51 GMT x-oss-request-id: 66275D57DE6F423933427D13 x-oss-cdn-auth: success Accept-Ranges: bytes x-oss-object-type: Multipart x-oss-storage-class: Standard x-oss-server-time: 77 Ali-Swift-Global-Savetime: 1713855831 Via: cache52.l2cn1827[0,0,304-0,H], cache39.l2cn1827[0,0], vcache13.cn6012[0,0,200-0,H], vcache12.cn6012[1,0] ETag: "D1C7DD8AB001F4CDBBBEBC74767C7FB9-5" Last-Modified: Sun, 24 Apr 2022 02:51:17 GMT x-oss-hash-crc64ecma: 5820993647026580994 Age: 2833 X-Cache: HIT TCP_MEM_HIT dirn:11:444657834 mlen:0 X-Swift-SaveTime: Tue, 23 Apr 2024 07:51:00 GMT X-Swift-CacheTime: 3600 Timing-Allow-Origin: * EagleId: 3daa502017138586648135282e

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (5)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers