Report - www.cici.com/download-desktop/cdn_obj/cici_pc/1.33.8/Cici_online

Report Overview

Visitedpublic

2025-03-11 20:31:15

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
www.cici.com	unknown	1998-01-29	2025-03-05	2025-03-05	546 B	11 MB	23.36.77.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-03-11	medium	www.cici.com/download-desktop/cdn_obj/cici_pc/1.33.8/Cici_online_installer.exe	meth_stackstrings

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

www.cici.com/download-desktop/cdn_obj/cici_pc/1.33.8/Cici_online_installer.exe

IP / ASN

23.36.77.35

#20940 Akamai International B.V.

File Overview

File TypePE32+ executable (GUI) x86-64, for MS Windows, 7 sections

Size11 MB (10886904 bytes)

MD5a5eb70890dcabf2c61c833054d622822

SHA11d1545ba4669890b5fc16c4cf471b33ab60c074e

SHA256bb79cc71b1154e909d164d32b9c4a53c9109c2b68967eed2cb75ec541081349e

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

GET www.cici.com/download-desktop/cdn_obj/cici_pc/1.33.8/Cici_online_installer.exe

23.36.77.35

200 OK

11 MB

URL User Request GET HTTPS

www.cici.com/download-desktop/cdn_obj/cici_pc/1.33.8/Cici_online_installer.exe

IP / ASN

23.36.77.35

#20940 Akamai International B.V.

Requested byN/A

Resource Information

File typePE32+ executable (GUI) x86-64, for MS Windows, 7 sections

First Seen2025-03-11

Last Seen2025-03-11

Times Seen1

Size11 MB (10886904 bytes)

MD5a5eb70890dcabf2c61c833054d622822

SHA11d1545ba4669890b5fc16c4cf471b33ab60c074e

SHA256bb79cc71b1154e909d164d32b9c4a53c9109c2b68967eed2cb75ec541081349e

Certificate Information

IssuerDigiCert Inc

Subject*.cici.com

Fingerprint37:A8:3C:96:30:6D:FE:F7:9D:BE:CD:3A:70:91:8C:AE:31:2E:D3:0D

ValiditySun, 13 Oct 2024 00:00:00 GMT - Thu, 13 Nov 2025 23:59:59 GMT

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_stackstrings

HTTP Headers

GET /download-desktop/cdn_obj/cici_pc/1.33.8/Cici_online_installer.exe HTTP/1.1
Host: www.cici.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-msdos-program
content-length: 10886904
accept-ranges: bytes
content-md5: petwiQ3KvyxhyDMFTWIoIg==
etag: "a5eb70890dcabf2c61c833054d622822"
last-modified: Wed, 04 Dec 2024 18:01:38 GMT
x-bdcdn-cache-status: TCP_MISS
x-tos-request-id: 4ab5c0c7a1bf9d1667c7a1bf-ad7b562
x-tos-response-time: Wed, 05 Mar 2025 00:58:39 GMT
x-request-ip: fdbd:dc51:ff:a001:1:251:77:176
x-response-cinfo: fdbd:dc51:ff:a001:1:251:77:176
x-response-cache: miss
x-tt-trace-host: 01ab208d8576b4b4fa755af68a356f429b082ab9e3861818755764b1f9fcfd7730082e6c91c4fc5535941a6f52e7eaba8c498cab392d2391e5d7cc000dea9317cb38431c165d08e43442ed889ce22a5d3c23b645bf1ce760690929107d67337430
x-tt-trace-id: 00-250311203051D038F213B4E5A58A56C5-5360BBA6616E484C-00
x-tt-logid: 20250305005837D9C825836618AA8A7CA4
timing-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
x-check-cacheable: YES
x-akamai-request-id: 18df48c1
server: TLB
x-origin-response-time: 45,23.218.219.14
expires: Tue, 11 Mar 2025 20:30:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 11 Mar 2025 20:30:53 GMT
x-cache: TCP_MISS from a23-36-77-31.deploy.akamaitechnologies.com (AkamaiGHost/22.0.0-e66582636229f729fb9b6b4bbf8842c2) (-)
x-cache-remote: TCP_MISS from a23-218-219-14.deploy.akamaitechnologies.com (AkamaiGHost/11.8.3-eb2b284f4ef4b55b19ca650dad2341c7) (-)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=359, origin; dur=45, inner; dur=38,cdn-cache; desc=HIT, edge; dur=1, origin; dur=0,inner; dur=166
x-parent-response-time: 56,23.192.44.214, 402,23.36.77.31
X-Firefox-Spdy: h2