Report - www.iposcomputer.com.my/_files/archives/fdcea5_96774bf55de444cab6c551f7299fd02d.zip

Report Overview

Submitted URL
www.iposcomputer.com.my/_files/archives/fdcea5_96774bf55de444cab6c551f7299fd02d.zip
IP
34.149.87.45
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2024-05-04 09:08:07
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.iposcomputer.com.my	unknown	unknown	2019-07-09	2022-08-19	537 B	1.4 MB	34.149.87.45

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.iposcomputer.com.my/_files/archives/fdcea5_96774bf55de444cab6c551f7299fd02d.zip
IP
34.149.87.45
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.4 MB (1358471 bytes)
Hash
fb0e436adc73b392ac86243c0395516e
ed19f114aa305eb38b8853de34f07dfdb52dcb4a
bf38a407301efc2b66af523600cc6477a1c96a639904d173096efcbfa9d75e80

Archive (22)

Filename

Md5

File type

-+8¦.ico

46565ed477b3099ffd54899d90666eed

MS Windows icon resource - 1 icon, 48x48, 8 bits/pixel

Black.bmp

bb81de7d2effab0521feb17f56442222

PC bitmap, Windows 3.x format, 15 x 15 x 24, image size 720, cbSize 774, bits offset 54

Green.bmp

9ada34dda96e8f063222e2d60358080b

PC bitmap, Windows 3.x format, 15 x 15 x 24, image size 720, cbSize 774, bits offset 54

Red.bmp

23a2bd879d0b964384835cb27ac1e469

PC bitmap, Windows 3.x format, 15 x 15 x 24, image size 720, cbSize 774, bits offset 54

XinYeLogo.bmp

c6a89887a5c70b3277010e0ddd056dbb

PC bitmap, Windows 3.x format, 85 x 77 x 32, resolution 3780 x 3780 px/m, cbSize 26234, bits offset 54

XprintLogo.bmp

c6a89887a5c70b3277010e0ddd056dbb

PC bitmap, Windows 3.x format, 85 x 77 x 32, resolution 3780 x 3780 px/m, cbSize 26234, bits offset 54

EnCodeQr.dll

25fcf57d840630d3132eda3343f1cf3c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

How to Disable Printer Sounds - Screen Shot.jpg

8d56105bd405e23361bc75e4aa059a30

JPEG image data, JFIF standard 1.02, resolution (DPI), density 120x120, segment length 16, comment: "LEADTOOLS v20.0", baseline, precision 8, 954x480, components 3

+¦¦ª.bmp

3c36c8b2168afd7f123c02fc86d8607a

PC bitmap, Windows 3.x format, 566 x 566 x 24, image size 962200, resolution 11811 x 11811 px/m, cbSize 962254, bits offset 54

-+8¦.bmp

ccde3eb2a3739c569895912932c2b45d

PC bitmap, Windows 3.x format, 566 x 566 x 24, image size 962200, resolution 11811 x 11811 px/m, cbSize 962254, bits offset 54

JsLogo.bmp

8890db73d2c50522f010d2e2860f1c17

PC bitmap, Windows 3.x format, 128 x 175 x 24, image size 67200, cbSize 67254, bits offset 54

Rabit.bmp

e74212e0ad0f5f73d570f6c8b9b055bc

PC bitmap, Windows 3.x format, 228 x 76 x 1, image size 2432, resolution 3780 x 3780 px/m, cbSize 2494, bits offset 62

XinYe.bmp

7799339e1c3c0a60fde85f2a5a58de97

PC bitmap, Windows 3.x format, 200 x 200 x 32, resolution 3780 x 3780 px/m, cbSize 160054, bits offset 54

READ MEEEEE.txt

d142f456501cc256894f2528a2949abd

ASCII text, with CRLF line terminators

temp.txt

6e609e6e081a268ba12085cf65d57027

data

TempQr.bmp

4cfd148360cad6b9c73d36192b414ba4

PC bitmap, Windows 3.x format, 231 x 231 x 1, image size 7392, 2 important colors, cbSize 7454, bits offset 62

BmpHexFile.txt

8b30b0fbff03e2ced409735393d96ca8

ASCII text, with very long lines (65536), with no line terminators

Traditional_58.jsp

66984f6859900f71875db3a0295fc569

data

Traditional_76.jsp

2912cdf3eff188f56044972c058f3b47

data

Traditional_80.jsp

71b2994197cdddd2dd999dec2554128d

data

XPrinter.exe

41d9ae13f2e352df992fcc9fe69d11d2

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

XPrinter.ini

9c413198f09da136d7491d9092534e99

Generic INItialization configuration [Port Name]

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	www.iposcomputer.com.my/_files/archives/fdcea5_96774bf55de444cab6c551f7299fd02d.zip	34.149.87.45	200 OK	1.4 MB
URL User Request GET HTTP/2 www.iposcomputer.com.my/_files/archives/fdcea5_96774bf55de444cab6c551f7299fd02d.zip IP 34.149.87.45:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Certificate IssuerLet's Encrypt Subjectiposcomputer.com.my FingerprintAB:62:13:35:F4:9F:35:3A:C5:03:46:41:1A:B8:73:10:D4:3A:07:19 ValidityWed, 24 Apr 2024 01:36:52 GMT - Tue, 23 Jul 2024 01:36:51 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 1.4 MB (1358471 bytes) Hash fb0e436adc73b392ac86243c0395516e ed19f114aa305eb38b8853de34f07dfdb52dcb4a bf38a407301efc2b66af523600cc6477a1c96a639904d173096efcbfa9d75e80 HTTP Headers GET /_files/archives/fdcea5_96774bf55de444cab6c551f7299fd02d.zip HTTP/1.1 Host: www.iposcomputer.com.my User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-length: 1358471 content-type: application/x-zip-compressed last-modified: Sat, 25 Nov 2023 09:19:54 GMT etag: "fb0e436adc73b392ac86243c0395516e" access-control-allow-origin: * access-control-expose-headers: Content-Length timing-allow-origin: * x-robots-tag: noindex, nofollow x-amz-cf-pop: DUB56-P2 x-amz-cf-id: Kw67DO45_YQpnqGt1kH63W52bVbt-vUpFeiYYlyW5y-nsYgEE7f1zw== x-wix-request-id: 1714813661.1079236520624812549 content-disposition: inline; filename="XPrinter%20Thermal%20Receipt%20Printer%20Test%20Tool%20V3.6.zip"; filename*=UTF-8''XPrinter%20Thermal%20Receipt%20Printer%20Test%20Tool%20V3.6.zip strict-transport-security: max-age=86400 age: 0 cache-control: public, max-age=15552000, immutable expires: Sat, 04 May 2024 10:07:41 GMT accept-ranges: bytes server: Pepyaka x-content-type-options: nosniff date: Sat, 04 May 2024 09:07:41 GMT x-served-by: cache-hel1410023-HEL x-cache: Miss from cloudfront, MISS server-timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_84_g x-seen-by: yvSunuo/8ld62ehjr5B7kA==,REmTqJKTo7BM/eF7JdTbUrxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLm+RUUxFrhyTYE58WvxHjkmdv/c7uH0ky0wFkt5EFvml,2d58ifebGbosy5xc+FRall5MVqwiwuj9NmcP8/CK/UvqGpBSFZvOG0hjfmuEBYKkHjV2MHDppM7b+dLyO8OdrA==,2UNV7KOq4oGjA5+PKsX47E8vuwy8i4iHyoNZ4rkpz968ZDY613cHYLbuhNMgAom1,VdATtBf5hevuWcyf9l5KlpCK5rbuYarAGePVwyK6BTA=,tQ3Mb/rR9i5VCT9eTJRm7zZMtZm8CG59rGH4SkDd2CQ=,0gGrL7iazMoiuqlb7dEO3dAtaAAi8ur9Gg/X3KY+IhWrrHaNOsa8MRSGGO8lPcvczpQQ1EJP2i8zCEUEcIa1WQ==,gcp.us-central-1.media-router-6fb99f9c5-nsbqf via: 1.1 google glb-x-seen-by: bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc= alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

www.iposcomputer.com.my/_files/archives/fdcea5_96774bf55de444cab6c551f7299fd02d.zip

34.149.87.45

200 OK

1.4 MB

URL User Request GET HTTP/2
www.iposcomputer.com.my/_files/archives/fdcea5_96774bf55de444cab6c551f7299fd02d.zip
IP
34.149.87.45:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subjectiposcomputer.com.my
FingerprintAB:62:13:35:F4:9F:35:3A:C5:03:46:41:1A:B8:73:10:D4:3A:07:19
ValidityWed, 24 Apr 2024 01:36:52 GMT - Tue, 23 Jul 2024 01:36:51 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.4 MB (1358471 bytes)
Hash
fb0e436adc73b392ac86243c0395516e
ed19f114aa305eb38b8853de34f07dfdb52dcb4a
bf38a407301efc2b66af523600cc6477a1c96a639904d173096efcbfa9d75e80

HTTP Headers

GET /_files/archives/fdcea5_96774bf55de444cab6c551f7299fd02d.zip HTTP/1.1
Host: www.iposcomputer.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 1358471
content-type: application/x-zip-compressed
last-modified: Sat, 25 Nov 2023 09:19:54 GMT
etag: "fb0e436adc73b392ac86243c0395516e"
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-robots-tag: noindex, nofollow
x-amz-cf-pop: DUB56-P2
x-amz-cf-id: Kw67DO45_YQpnqGt1kH63W52bVbt-vUpFeiYYlyW5y-nsYgEE7f1zw==
x-wix-request-id: 1714813661.1079236520624812549
content-disposition: inline; filename="XPrinter%20Thermal%20Receipt%20Printer%20Test%20Tool%20V3.6.zip"; filename*=UTF-8''XPrinter%20Thermal%20Receipt%20Printer%20Test%20Tool%20V3.6.zip
strict-transport-security: max-age=86400
age: 0
cache-control: public, max-age=15552000, immutable
expires: Sat, 04 May 2024 10:07:41 GMT
accept-ranges: bytes
server: Pepyaka
x-content-type-options: nosniff
date: Sat, 04 May 2024 09:07:41 GMT
x-served-by: cache-hel1410023-HEL
x-cache: Miss from cloudfront, MISS
server-timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_84_g
x-seen-by: yvSunuo/8ld62ehjr5B7kA==,REmTqJKTo7BM/eF7JdTbUrxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLm+RUUxFrhyTYE58WvxHjkmdv/c7uH0ky0wFkt5EFvml,2d58ifebGbosy5xc+FRall5MVqwiwuj9NmcP8/CK/UvqGpBSFZvOG0hjfmuEBYKkHjV2MHDppM7b+dLyO8OdrA==,2UNV7KOq4oGjA5+PKsX47E8vuwy8i4iHyoNZ4rkpz968ZDY613cHYLbuhNMgAom1,VdATtBf5hevuWcyf9l5KlpCK5rbuYarAGePVwyK6BTA=,tQ3Mb/rR9i5VCT9eTJRm7zZMtZm8CG59rGH4SkDd2CQ=,0gGrL7iazMoiuqlb7dEO3dAtaAAi8ur9Gg/X3KY+IhWrrHaNOsa8MRSGGO8lPcvczpQQ1EJP2i8zCEUEcIa1WQ==,gcp.us-central-1.media-router-6fb99f9c5-nsbqf
via: 1.1 google
glb-x-seen-by: bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (22)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers