Report - update.auto9yin.net/vl2/patch.2014.216.10.zip

Report Overview

Submitted URL
update.auto9yin.net/vl2/patch.2014.216.10.zip
IP
103.90.225.172
ASN
#135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Submitted
2024-04-23 10:57:49
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
5

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
update.auto9yin.net	unknown	2017-02-20	2023-08-18	2023-08-20	415 B	18 MB	103.90.225.172

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
update.auto9yin.net/vl2/patch.2014.216.10.zip
IP
103.90.225.172
ASN
#135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
18 MB (17840024 bytes)
Hash
2426841a93a922d4529395cff64fd7fa
1714c3d7c79b774f54dd13c8328903311b43d77e
f5a0f839e33019a24ca112962508ae1a1d97f46d6e6e4411c10f8653731ec5fb

Archive (107)

Filename

Md5

File type

LSB_1.ini

d845b43d0bd8b70efd5b8af87e80aaf5

Generic INItialization configuration [Pos]

LSB_2.ini

3b01c4646d7c38a18477879d7b222fa6

Generic INItialization configuration [Pos]

TNC.ini

4980ba8a680142b4fd4f7a348e7883b4

Generic INItialization configuration [Setting]

Auto9Yin.Net.dll

e5851f998817b37f41e90e72fc51b814

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 8 sections

Auto9YinHook.dll

66c5641be5f5b19f98703f703fdc2cab

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

tele.ini

920fcd69571eda036801cb5bbf113d4c

Generic INItialization configuration [2]

DaoHoaDao.ini

29ef879267e979617d9bccab5d49043c

Generic INItialization configuration [Position]

list_map.ini

014853386fc71cf15f4811cb71577b20

ASCII text, with CRLF line terminators

su_mon.ini

d41d8cd98f00b204e9800998ecf8427e

00000000000.ini

0dfdd8bc1fdbfdbf8930511bdb4d23b5

Generic INItialization configuration [Monster]

BachThuyDong-1.ini

7c69a93a0f14c53e62b92e7c63b2cd1f

Generic INItialization configuration [Monster]

BachThuyDong-2.ini

d36b528caa3c029fed634c6b7339e5b8

Generic INItialization configuration [Monster]

BacPhungTuong.ini

64d54e83071632986de26dac6e15891c

Generic INItialization configuration [Monster]

BangTamDong-1.ini

da1d0604979420604de7fb999c0202d2

Generic INItialization configuration [Monster]

BangTamDong-2.ini

26036e93a5c51c4e1846b8b0e613cd63

Generic INItialization configuration [Monster]

BoLacVuongKy.ini

4423568fccdf4ad5b7deb9ed2ca863b9

Generic INItialization configuration [Monster]

CaiBang.ini

fb67d4167c721d1dc17fec8895ddb075

Generic INItialization configuration [Monster]

ChanNuiVuLang.ini

dbe9867ba6cf2da906548d14e899a13a

Generic INItialization configuration [Monster]

DaiThaoNguyen-1.ini

a1abb3de0871bee8fdc9b451cc80d132

Generic INItialization configuration [Monster]

DaiThaoNguyen-2.ini

03cfef8430c2a9b650f7b7bb81cf3b5d

Generic INItialization configuration [Monster]

DaoHoaDao.ini

9e47f65c4d2da1b742bdbd12e0c19eec

Generic INItialization configuration [Monster]

DaTruLam.ini

b59b856b2b3157cca0558c18cb8f25f9

Generic INItialization configuration [Monster]

DongHaiTan-1.ini

0bcb292e291af9427425d9235c263a4e

Generic INItialization configuration [Monster]

DongHaiTan-2.ini

acaaf064f55062370010ee093d133059

Generic INItialization configuration [Monster]

DuocVuongCoc.ini

23434540e7395ce994db5ae4b5fdc502

Generic INItialization configuration [Monster]

DuongGia.ini

db1cb9eb03542b1c8b1ed30711b2a2e6

Generic INItialization configuration [Monster]

DuongMon.ini

31b1be53bcea547164e16129c0320907

Generic INItialization configuration [Monster]

DuongTrungDong-1.ini

e1928688a51e1399fa584fbade09f83e

Generic INItialization configuration [Monster]

DuongTrungDong-2.ini

890d3ee8cafcf4c8039200471bfe040f

Generic INItialization configuration [Monster]

DuongTrungDong-3.ini

8b301610361ad1984eef4a9548c9a92b

Generic INItialization configuration [Monster]

GiangTanThon.ini

162461619185f97d197915fce9c48006

Generic INItialization configuration [Monster]

HacPhongDong.ini

9099c2a7702e6e69d43029fb223f8cdf

Generic INItialization configuration [Monster]

HanhHoaThon.ini

6d109e2c08ae512530326e95b12c3d65

Generic INItialization configuration [Monster]

KiemCacThucDao.ini

cd7451206c832ef684affc4fee6d4db5

Generic INItialization configuration [Monster]

KiemMonQuan.ini

633fbb6e7f4e9ff02fc2feb13045689d

Generic INItialization configuration [Monster]

KimQuangDong.ini

55683095e7e88c11112e70597751d3fe

Generic INItialization configuration [Monster]

LinhBaoSon.ini

e15b04cb9e2eea0928fc5562a260c9a1

Generic INItialization configuration [Monster]

list_map.ini

8755e16d3104da87bb48b6b9830db45d

ASCII text, with CRLF line terminators

LongHoDong-1.ini

9faa10f797b21a8bd204c0b62b44a2e7

Generic INItialization configuration [Monster]

LongHoDong-2.ini

7a79237db987d5af9ebd178eae64deb8

Generic INItialization configuration [Monster]

LongNhanDong-1.ini

e69250e100e08cfa1b7653a3417117b2

Generic INItialization configuration [Monster]

LongNhanDong-2.ini

6186a23223c19ffa00d9cd3ed8874af2

Generic INItialization configuration [Monster]

LongTuyenThon.ini

b8aa9c2a5821f328dc4e9036ac5c4aa7

Generic INItialization configuration [Monster]

LuongSonBac.ini

5ab7122206c573529d6063d09fc4f33f

Generic INItialization configuration [Monster]

LuongThuyDong-1.ini

43a2a935859e970d654cca67e2577d4a

Generic INItialization configuration [Monster]

LuongThuyDong-2.ini

67ef061049662d364114a76884da3cba

Generic INItialization configuration [Monster]

MieuLinh.ini

eb3374b3de76e2cbc09810712721a592

Generic INItialization configuration [Monster]

MoTuyetSonTrang.ini

cc9f24a6ea77fe9f7000ea6152a6bd3a

Generic INItialization configuration [Monster]

NgaMy.ini

54165ceb41d3475391eab88a87ebe804

Generic INItialization configuration [Monster]

NguDoc.ini

74f6d9c35b6526c4d05efc05e2ab04b6

Generic INItialization configuration [Monster]

NguDocMeCung-2.ini

b1685c08bb3fb44428daf3ab29c215c6

Generic INItialization configuration [Monster]

NguDocMeCung.ini

f6a722c46e6f3b99011d8f9c9815629e

Generic INItialization configuration [Monster]

NhanMonQuan.ini

2cd427c58a3da98f399b028dec3bd15f

Generic INItialization configuration [Monster]

NhiLongSon.ini

40586f10ff09a5598ba54b638b6d80aa

Generic INItialization configuration [Monster]

OMongBo.ini

0e5a9be7f3b792d0832f566816a021ae

Generic INItialization configuration [Monster]

PhongDo.ini

f2b86f8d3b7f5a2fcab91916a0d51257

Generic INItialization configuration [Monster]

PhongMaDong-1.ini

1d66b28bdc17d9510c6697db55e4632f

Generic INItialization configuration [Monster]

PhongMaDong-2.ini

59203acba18635667ab558343eddc29c

Generic INItialization configuration [Monster]

PhucNguuSon.ini

dd483bbcc85880bbc31c918ed73198a1

Generic INItialization configuration [Monster]

PhungNhanDong.ini

3d4e29fe102556520d1781b2eadc9e14

Generic INItialization configuration [Monster]

QuyMonHoiLang.ini

7619fcd434b6d716bf2f86bc5ca71e32

Generic INItialization configuration [Monster]

TaySongBanNap-2.ini

3068af241b6929d95fb2ffd89dcc2073

Generic INItialization configuration [Monster]

TaySongBanNap.ini

c974c2ea853c72c7276aad33ff66f56c

Generic INItialization configuration [Monster]

ThanhAmDong-1.ini

d4b7de3ce342dcf01c02f9d230f4fba5

Generic INItialization configuration [Monster]

ThanhAmDong-2.ini

413a8ee2e030c167646e82a77f285553

Generic INItialization configuration [Monster]

ThanhKheDong.ini

01de2ab5822256307524351c9149a2b3

Generic INItialization configuration [Monster]

ThanhThanhSon.ini

2ae123f10678fdaf0ce27bbbb3dd44a7

Generic INItialization configuration [Monster]

ThatTinhDong-1.ini

f149d8db8a15f6643155c3a166595cef

Generic INItialization configuration [Monster]

ThatTinhDong-2.ini

de6837b1e8e95533291bf6de6cdb08c9

Generic INItialization configuration [Monster]

ThienSuBiCanh.ini

ea2908cdbe53b8af9d16472c3e29b06c

Generic INItialization configuration [Monster]

ThienSuDong-1.ini

bab8ae4db1d0a3da509c6f5a3a25e649

Generic INItialization configuration [Monster]

ThienSuDong-2.ini

85108e02e6962bbb63775fcb779559b2

Generic INItialization configuration [Monster]

ThienTamThap-1.ini

be9f0d63c2aadc0d103cb8b619c1a955

Generic INItialization configuration [Monster]

ThienTamThap-2.ini

7885189e2dba50a0231ae0ea27599cd8

Generic INItialization configuration [Monster]

ThienTamThap-3.ini

457da594726d691bed311413234d841d

Generic INItialization configuration [Monster]

ThieuLam.ini

6be35dca0a375b1b98d8d7937bfc208f

Generic INItialization configuration [Monster]

ThieuLamMatThat-1.ini

afaaf7c4afc360ab6a298a21c0ee8971

Generic INItialization configuration [Monster]

ThieuLamMatThat-2.ini

b372195a168305ee4fbc5460d58d89d7

Generic INItialization configuration [Monster]

TrucTyDong-1.ini

eca54179161d54945dec57210678ee73

Generic INItialization configuration [Monster]

TrucTyDong-2.ini

564e11a3a4802fabfa623d35f262cd6a

Generic INItialization configuration [Monster]

TuongVanDong.ini

437751e71ee06981e1b9476fee238e58

Generic INItialization configuration [Monster]

VanMongTrach.ini

b638467434a5fdc0c290188b3aaaac5c

Generic INItialization configuration [Monster]

VuDiSon.ini

7a7310223e6499c9ba061f6c62d4c4c9

Generic INItialization configuration [Monster]

VuLangSon.ini

a76d2e443015b11b99688706c308c550

Generic INItialization configuration [Monster]

VuongMauDong-1.ini

9c05b51e1235ce0563ca2912a65dae4b

Generic INItialization configuration [Monster]

VuongMauDong-2.ini

1208c3efbebd22192de08d0970ac023e

Generic INItialization configuration [Monster]

VuongMauDong-3.ini

873cb6defc75126759c907cc72e2f1aa

Generic INItialization configuration [Monster]

YenTuDong-1.ini

158a53d4e5ea8280737468d1a3ed26b7

Generic INItialization configuration [Monster]

YenTuDong-2.ini

d12b176363c3de222381ee0ea0b7128b

Generic INItialization configuration [Monster]

english.ini

6883636728f7d9ba1a0e54f1b2f79e0a

Non-ISO extended-ASCII text, with very long lines (302), with CRLF line terminators

vietnamese.ini

c3000951574461ca41b046548a55d987

ISO-8859 text, with very long lines (309), with CRLF line terminators

auto.pak

680765329b268b256103ebc9cec6818a

Hewlett-Packard Graphics Language, starting with "PACK�" with "�U!"

get_book.ini

69ae362d4d271e2be27ce484be847bba

ISO-8859 text, with CRLF line terminators

get_tc.ini

cb7e83939b63ad4ce26feed34e3ac7e2

ISO-8859 text, with CRLF line terminators

script_1.ini

b8d1cd8e8ea8bdb1510f530373827190

ASCII text, with CRLF line terminators

skill_lienchieu.ini

d2fefe56fdc786a6117c5105d7b67a54

ASCII text, with CRLF line terminators

skill_target.ini

3dd7ca6bdc88d7eaa048da6f35e52c54

ASCII text, with CRLF line terminators

UserData.ini

4d0e7a1b5332fac2a4aead2dcb35c673

ISO-8859 text, with CRLF line terminators

kn.ini

9d9a6d9adb96ef5464e59b12f136abbb

Generic INItialization configuration [Cloth]

ngc.ini

b951dd51be0ce043ec6e25a85f1c2507

Generic INItialization configuration [Cloth]

nkn.ini

27d70a75c4e4844900e336ea7824c733

Generic INItialization configuration [Cloth]

ntc.ini

134ea12a9b927a6fc49e692f4794395e

Generic INItialization configuration [Cloth]

skill_icon.ini

807b336fc4f95e3e7eb5713f52b97bb3

Generic INItialization configuration [skill_icon]

chinese.ini

248b6ae2f41e9d5a7666f62740bfa4d6

ISO-8859 text, with CRLF line terminators

ManualUpdate.exe

04942bb0044fc23549ad9d08eb55770b

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

AutoJx2.exe

291ad9ef9e5e7e908d8672a1cd882499

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

config.ini

82c61ea6cca1c8081879f96ff06c3009

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 7/68

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

update.auto9yin.net/vl2/patch.2014.216.10.zip

103.90.225.172

200 OK

18 MB

URL User Request GET HTTP/1.1
update.auto9yin.net/vl2/patch.2014.216.10.zip
IP
103.90.225.172:80
ASN
#135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
18 MB (17840024 bytes)
Hash
2426841a93a922d4529395cff64fd7fa
1714c3d7c79b774f54dd13c8328903311b43d77e
f5a0f839e33019a24ca112962508ae1a1d97f46d6e6e4411c10f8653731ec5fb

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 7/68

HTTP Headers

GET /vl2/patch.2014.216.10.zip HTTP/1.1
Host: update.auto9yin.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Tue, 23 Apr 2024 10:57:22 GMT
Content-Type: application/zip
Content-Length: 17840024
Connection: keep-alive
Last-Modified: Mon, 15 Apr 2024 06:31:27 GMT
ETag: "1103798-6161cc566adc0"
Accept-Ranges: bytes