Report - pdds.ucweb.com/download/stfile/ggmjnnllighkgilng/iflytek-arm64-v8a-20240521191119.zip

Report Overview

Visitedpublic

2024-09-18 10:08:36

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-17 18:12:05	1.3 kB	3.6 kB	23.36.77.32
pdds.ucweb.com	198884	2003-05-20	2015-02-05 04:25:44	2024-07-25 23:25:59	539 B	794 B	59.82.23.55
pdds-cdn.uc.cn	105752	2003-03-17	2019-04-12 20:59:49	2024-08-29 09:37:26	652 B	3.6 MB	138.113.181.2
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-17 18:12:27	981 B	2.7 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

pdds-cdn.uc.cn/57-4/stfile/2405/8faa93735de5ef1c52215e1d082cc71e/iflytek-arm64-v8a-20240521191119.zip?auth_key=1727258891-0-0-97cdfbb578cc803dc5a889dbaef706b4&SESSID=13274125ac198ec4036cb4604c5e5c68

IP / ASN

138.113.181.2

#54994 ML-1432-54994

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=deflate

Size3.6 MB (3556210 bytes)

MD58faa93735de5ef1c52215e1d082cc71e

SHA1ff5d8d1ae36a1fd152f123ec04b47a5499d24bcb

SHA2566406033ea57a506036dcafca2b8232470813bb498ce5c79e76f8ab8f3facfaa7

Archive (2)

Modified	Filename	Size	MD5	File type
1980-02-01 00:00	libAIKIT.so	3.4 MB	3d38407890dc4dbdb106033b89ddb68a	ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV)
1980-02-01 00:00	libebd1bade4_v1033_aee.so	6.3 MB	d0a28b065c5e24eb78e4568680ea76bf	ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV)

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (9)

	URL	IP	Response	Size