Report - www.osamsung.com/odin/Odin3-v3.14.4.zip?check=odin3.14.4

Report Overview

Submitted URL
www.osamsung.com/odin/Odin3-v3.14.4.zip?check=odin3.14.4
IP
104.21.15.6
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-23 19:13:04
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.osamsung.com	unknown	2018-02-07	2019-02-17	2024-03-09	510 B	4.4 MB	172.67.160.248

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
www.osamsung.com/odin/Odin3-v3.14.4.zip?check=odin3.14.4
IP
172.67.160.248
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
4.4 MB (4401903 bytes)
Hash
92a923998bd483cd3582f9c5b2bc5e49
d0879ee6c97112a2afe97d7a143440b70fcf3af4
aa0636e1522fd0bafc0db06e3666df84c0c4cd8b9475fbad5b4c7ac7a4a95a2f

Archive (4)

Filename

Md5

File type

cpprest141_2_10.dll

06fb5b325240ce05d4a9b0825d9a886a

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Odin3.ini

78d8a90f30b397829ae6ce6e91217adb

Generic INItialization configuration [APOption]

Odin3_v3.14.4.exe

50860de40988969f3ea3f308c6143e1d

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

SS_DL.dll

28264b046fb1adff61c4372d53e3d633

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 8 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	www.osamsung.com/odin/Odin3-v3.14.4.zip?check=odin3.14.4	172.67.160.248	200 OK	4.4 MB
URL User Request GET HTTP/2 www.osamsung.com/odin/Odin3-v3.14.4.zip?check=odin3.14.4 IP 172.67.160.248:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectosamsung.com FingerprintD7:51:71:65:DF:5D:06:AB:C2:CF:19:3A:6F:70:FC:73:67:A3:D4:60 ValidityMon, 25 Mar 2024 12:52:43 GMT - Sun, 23 Jun 2024 12:52:42 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 4.4 MB (4401903 bytes) Hash 92a923998bd483cd3582f9c5b2bc5e49 d0879ee6c97112a2afe97d7a143440b70fcf3af4 aa0636e1522fd0bafc0db06e3666df84c0c4cd8b9475fbad5b4c7ac7a4a95a2f HTTP Headers `GET /odin/Odin3-v3.14.4.zip?check=odin3.14.4 HTTP/1.1 Host: www.osamsung.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 23 Apr 2024 19:12:37 GMT content-type: application/zip content-length: 4401903 last-modified: Sat, 16 Dec 2023 11:29:13 GMT etag: "432aef-60c9ed3831a75" cache-control: max-age=14400 cf-cache-status: HIT age: 5 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2FwVo053nQa6jWs6Eg08OnEYpn3cH55U12VKUe0C9KgQUSHudV3YI9%2FPgm2IizpMX0xRYOP161QEjem5MoHyzTvVKlbZyNwxlQ7zYfu6fCSM1vgPwP2jS5Eq2fx5HOf6P6%2BH"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 87902a87b9c05695-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

www.osamsung.com/odin/Odin3-v3.14.4.zip?check=odin3.14.4

172.67.160.248

200 OK

4.4 MB

URL User Request GET HTTP/2
www.osamsung.com/odin/Odin3-v3.14.4.zip?check=odin3.14.4
IP
172.67.160.248:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectosamsung.com
FingerprintD7:51:71:65:DF:5D:06:AB:C2:CF:19:3A:6F:70:FC:73:67:A3:D4:60
ValidityMon, 25 Mar 2024 12:52:43 GMT - Sun, 23 Jun 2024 12:52:42 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
4.4 MB (4401903 bytes)
Hash
92a923998bd483cd3582f9c5b2bc5e49
d0879ee6c97112a2afe97d7a143440b70fcf3af4
aa0636e1522fd0bafc0db06e3666df84c0c4cd8b9475fbad5b4c7ac7a4a95a2f

HTTP Headers

GET /odin/Odin3-v3.14.4.zip?check=odin3.14.4 HTTP/1.1
Host: www.osamsung.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 19:12:37 GMT
content-type: application/zip
content-length: 4401903
last-modified: Sat, 16 Dec 2023 11:29:13 GMT
etag: "432aef-60c9ed3831a75"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2FwVo053nQa6jWs6Eg08OnEYpn3cH55U12VKUe0C9KgQUSHudV3YI9%2FPgm2IizpMX0xRYOP161QEjem5MoHyzTvVKlbZyNwxlQ7zYfu6fCSM1vgPwP2jS5Eq2fx5HOf6P6%2BH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87902a87b9c05695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (4)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers