IP210.74.41.123:0 ASN#58866 China Financial Certification Authority
Hashf56b80e40397796f9d7b22e12613a5f1 56cf5f07518b4a96f0e7c9d2e5d03ac00f017ff8 0a08e9e6b9e299826c666ee81160a516787b64d3b2f707c88ecfa8f4c1b3fbb0
POST /ocsp HTTP/1.1
Host: ocsp.cfca.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: sslgw
Date: Fri, 10 May 2024 19:52:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1487
Connection: keep-alive
Content-transfer-encoding: binary
ETag: "56cf5f07518b4a96f0e7c9d2e5d03ac00f017ff8"
last-modified: Fri, 10 May 2024 16:03:00 GMT
expires: Sat, 11 May 2024 20:03:00 GMT
cache-control: public, no-transform, must-revalidate
|
IP210.74.41.123:0 ASN#58866 China Financial Certification Authority
Hashf56b80e40397796f9d7b22e12613a5f1 56cf5f07518b4a96f0e7c9d2e5d03ac00f017ff8 0a08e9e6b9e299826c666ee81160a516787b64d3b2f707c88ecfa8f4c1b3fbb0
POST /ocsp HTTP/1.1
Host: ocsp.cfca.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: sslgw
Date: Fri, 10 May 2024 19:52:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1487
Connection: keep-alive
Content-transfer-encoding: binary
ETag: "56cf5f07518b4a96f0e7c9d2e5d03ac00f017ff8"
last-modified: Fri, 10 May 2024 16:03:00 GMT
expires: Sat, 11 May 2024 20:03:00 GMT
cache-control: public, no-transform, must-revalidate
|
| www.xjrccb.com.cn/corbank/ocx/serverfile/CW_USBKey.exe | 222.82.235.196 | 200 OK | 739 kB |
URL User Request GET HTTP/1.1www.xjrccb.com.cn/corbank/ocx/serverfile/CW_USBKey.exe IP222.82.235.196:443
CertificateIssuerChina Financial Certification Authority Subject*.xjrccb.com.cn Fingerprint28:F3:39:83:BC:F1:0A:F0:17:A5:96:E5:9E:17:D8:E4:E3:B9:33:C4 ValiditySat, 23 Mar 2024 10:13:45 GMT - Wed, 26 Feb 2025 06:47:38 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections Size739 kB (738896 bytes) Hashd9f38d365b7710b2ce6f5110ab51b090 a99bf69be60de3a70a52863832b2a3e6a49d1da4 2ec6ee841febd37853ac022b3b06f587cf4dd7fdbf2f5d3932122a9715218790
Analyzer | Verdict | Alert | VirusTotal | suspicious | |
GET /corbank/ocx/serverfile/CW_USBKey.exe HTTP/1.1
Host: www.xjrccb.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Set-Cookie: AlteonP=ALg+ZRYgG6wmiZlzqF2nBA$$; Secure
Server: nginx/1.21.1
Date: Fri, 10 May 2024 19:50:55 GMT
Content-Type: application/octet-stream
Content-Length: 738896
Last-Modified: Fri, 01 Sep 2023 15:59:06 GMT
ETag: "64f20a4a-b4650"
Accept-Ranges: bytes
Connection: Keep-alive
Via: 1.1 ID-0001544135664210 uproxy-3
|