{"report_id":"3e17c018-e5f7-4caa-ac1d-cd59c6dae85c","version":6,"status":"done","tags":[],"date":"2025-02-18T12:01:25Z","url":{"schema":"http","addr":"down10d.zol.com.cn/zoldownload/56/asus_gtx660ti_dc2t_vbios_update1.0_120904@1716_443921.exe","fqdn":"down10d.zol.com.cn","domain":"zol.com.cn","tld":"com.cn"},"ip":{"addr":"122.143.2.98","port":0,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-04-29T12:01:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"down10d.zol.com.cn","ip":{"addr":"122.143.2.98","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"1999-03-01","domain_rank":0,"first_seen":"2016-08-16T16:41:38Z","last_seen":"2025-02-12T19:12:25.643222Z","alert_count":2,"request_count":1,"received_data":668358,"sent_data":557,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"31549917cdc6e3f9d40a48ea5998493f","sha1":"c0f7e826645b1ba2ba1fed866992beb9de7a31df","sha256":"73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","sha512":"709737c36ef4fe96e99dcac210854a760cbbcff7af428620a0a83f16a5db09af4dbe2b52ccd4cff08fe0d5d4e544ddd9474c7c45005938a32705960c3581dad1","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections","size":668064,"url":{"schema":"https","addr":"down10d.zol.com.cn/zoldownload/56/asus_gtx660ti_dc2t_vbios_update1.0_120904@1716_443921.exe","fqdn":"down10d.zol.com.cn","domain":"zol.com.cn","tld":"com.cn"},"ip":{"addr":"122.143.2.98","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2025-02-17","alert":"Scan result 63/72","trigger":"73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","verdict":"malicious","severity":"","comment":"malicious - 63/72","link":"https://www.virustotal.com/gui/file/73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","meta":null},{"sensor_name":"clamav","sensor_type":"antivirus","title":"","description":"ClamAV","scan_date":"2025-02-18","alert":"Win.Adware.Qjwmonkey-9917133-0","trigger":"73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","verdict":"malicious","severity":"medium","comment":"","link":"https://www.clamav.net/","meta":null}]}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"31549917cdc6e3f9d40a48ea5998493f","sha1":"c0f7e826645b1ba2ba1fed866992beb9de7a31df","sha256":"73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","sha512":"709737c36ef4fe96e99dcac210854a760cbbcff7af428620a0a83f16a5db09af4dbe2b52ccd4cff08fe0d5d4e544ddd9474c7c45005938a32705960c3581dad1","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections","size":668064,"url":{"schema":"https","addr":"down10d.zol.com.cn/zoldownload/56/asus_gtx660ti_dc2t_vbios_update1.0_120904@1716_443921.exe","fqdn":"down10d.zol.com.cn","domain":"zol.com.cn","tld":"com.cn"},"ip":{"addr":"122.143.2.98","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2025-02-17","alert":"Scan result 63/72","trigger":"73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","verdict":"malicious","severity":"","comment":"malicious - 63/72","link":"https://www.virustotal.com/gui/file/73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","meta":null},{"sensor_name":"clamav","sensor_type":"antivirus","title":"","description":"ClamAV","scan_date":"2025-02-18","alert":"Win.Adware.Qjwmonkey-9917133-0","trigger":"73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","verdict":"malicious","severity":"medium","comment":"","link":"https://www.clamav.net/","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"down10d.zol.com.cn/zoldownload/56/asus_gtx660ti_dc2t_vbios_update1.0_120904@1716_443921.exe","fqdn":"down10d.zol.com.cn","domain":"zol.com.cn","tld":"com.cn"},"ip":{"addr":"122.143.2.98","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-02-18T12:00:54.684Z","timestamp":1739880054684,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zol.com.cn","organization":"Beijing Zhixing Ruijing Technology Co., Ltd"},"issuer":{"commonName":"GeoTrust G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 03 Jan 2025 00:00:00 GMT","end":"Mon, 26 Jan 2026 23:59:59 GMT"},"fingerprint":{"sha1":"43:D1:06:34:1B:E6:64:87:9A:E3:D2:85:F0:F7:CF:F8:66:05:06:70","sha256":"E3:EF:D4:F7:22:E9:B3:E3:B3:10:3E:B0:27:20:D1:67:BC:59:93:7C:33:A4:3E:11:0E:6F:B0:6B:55:33:4D:71"}}},"request":{"raw":"GET /zoldownload/56/asus_gtx660ti_dc2t_vbios_update1.0_120904@1716_443921.exe HTTP/1.1\r\nHost: down10d.zol.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty/1.9.15.1\r\nDate: Tue, 18 Feb 2025 12:00:56 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 668064\r\nConnection: keep-alive\r\nLast-Modified: Mon, 07 Mar 2022 01:26:09 GMT\r\nETag: \"62255f31-a31a0\"\r\nZ-download: download-jl181:891\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":668064,"size_decoded":668064,"mime_type":"application/octet-stream","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections","md5":"31549917cdc6e3f9d40a48ea5998493f","sha1":"c0f7e826645b1ba2ba1fed866992beb9de7a31df","sha256":"73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","sha512":"709737c36ef4fe96e99dcac210854a760cbbcff7af428620a0a83f16a5db09af4dbe2b52ccd4cff08fe0d5d4e544ddd9474c7c45005938a32705960c3581dad1","ssdeep":"12288:pC6wyk1nvfBP0FQoOd/566f81qjbravk7o3xLWAB8TMfo+aqwFtaif8dHOqPNspj:pC6wp1vfhboOb66Uyavk8hdo+g8BOONu","tlshash":"78e42231eaa94801f21bcd367951c6b22878fc44d3d1920b63dcbf67abba711513876e","first_seen":"2023-04-21T08:02:49Z","last_seen":"2026-04-05T13:22:51.272763Z","times_seen":49992,"resource_available":true,"data":null}},"time_used":5260,"timings":{"blocked":1461,"dns":1,"connect":526,"send":0,"wait":263,"receive":2073,"ssl":933},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2025-02-17","alert":"Scan result 63/72","trigger":"73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","verdict":"malicious","severity":"","comment":"malicious - 63/72","link":"https://www.virustotal.com/gui/file/73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","meta":null},{"sensor_name":"clamav","sensor_type":"antivirus","title":"","description":"ClamAV","scan_date":"2025-02-18","alert":"Win.Adware.Qjwmonkey-9917133-0","trigger":"73f03b369e9df60c2dc97baefcdc4ba920da3a2126c873a4654e1a83510d3b87","verdict":"malicious","severity":"medium","comment":"","link":"https://www.clamav.net/","meta":null}],"urlquery":null}}]}