{"report_id":"10e719cb-84fd-4da2-a852-931573d0fa4a","version":6,"status":"done","tags":[],"date":"2024-04-03T01:01:17Z","url":{"schema":"http","addr":"download.ultfone.com/downloads/ultfonefull_6067.exe?t=36\u0026rnclid=2171158400017856850136","fqdn":"download.ultfone.com","domain":"ultfone.com","tld":"com"},"ip":{"addr":"104.18.30.122","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T20:46:03Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"download.ultfone.com","ip":{"addr":"104.18.30.122","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-12-08","domain_rank":0,"first_seen":"2020-07-13 11:55:28","last_seen":"2024-03-28 05:28:26","alert_count":1,"request_count":1,"received_data":1666848,"sent_data":540,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"00a3ee7d580f55bbcf3c28f5fba32214","sha1":"b27b116e14565935eee485d01124cf9b3b0e1b1a","sha256":"18037d38f734d82efcf69b41bcd07cbdca8add2048bb861aefaeda0ae22d0eea","sha512":"97e514ee1693da3d08ad4736a4bafd3d89c6fbf8fb62ef939c1530866af3b4f4db4db670c223edb446d956e7c39db4ae6bff32bf4cd8c572c1719c924b3a4e8f","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections","size":1666320,"url":{"schema":"https","addr":"download.ultfone.com/downloads/ultfonefull_6067.exe?t=36\u0026rnclid=2171158400017856850136","fqdn":"download.ultfone.com","domain":"ultfone.com","tld":"com"},"ip":{"addr":"104.18.30.122","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-03-23","alert":"Scan result 2/70","trigger":"18037d38f734d82efcf69b41bcd07cbdca8add2048bb861aefaeda0ae22d0eea","verdict":"suspicious","severity":"","comment":"suspicious - 2/70","link":"https://www.virustotal.com/gui/file/18037d38f734d82efcf69b41bcd07cbdca8add2048bb861aefaeda0ae22d0eea","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"download.ultfone.com/downloads/ultfonefull_6067.exe?t=36\u0026rnclid=2171158400017856850136","fqdn":"download.ultfone.com","domain":"ultfone.com","tld":"com"},"ip":{"addr":"104.18.30.122","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-04-03T01:00:52.104Z","timestamp":1712106052104,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ultfone.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Mar 2024 14:02:37 GMT","end":"Thu, 13 Jun 2024 09:28:04 GMT"},"fingerprint":{"sha1":"AA:A8:68:5F:81:B0:9F:49:F9:55:BD:EC:A3:01:15:BD:A9:5E:43:84","sha256":"F7:72:C1:BC:5C:75:25:7E:2F:9E:88:10:03:57:CE:35:C2:01:E6:C0:77:D9:4C:82:BF:E5:6B:75:D3:4D:68:EC"}}},"request":{"raw":"GET /downloads/ultfonefull_6067.exe?t=36\u0026rnclid=2171158400017856850136 HTTP/1.1\r\nHost: download.ultfone.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 03 Apr 2024 01:00:52 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 1666320\r\ncf-ray: 86e51fc9ddd47130-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nage: 516944\r\ncache-control: public, max-age=691200\r\ncontent-disposition: attachment;filename=ultfonefull_2171158400017856850136.exe\r\netag: \"6555d194-196d10\"\r\nexpires: Thu, 11 Apr 2024 01:00:52 GMT\r\nlast-modified: Thu, 16 Nov 2023 08:23:48 GMT\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1666320,"size_decoded":1666320,"mime_type":"application/octet-stream","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections","md5":"00a3ee7d580f55bbcf3c28f5fba32214","sha1":"b27b116e14565935eee485d01124cf9b3b0e1b1a","sha256":"18037d38f734d82efcf69b41bcd07cbdca8add2048bb861aefaeda0ae22d0eea","sha512":"97e514ee1693da3d08ad4736a4bafd3d89c6fbf8fb62ef939c1530866af3b4f4db4db670c223edb446d956e7c39db4ae6bff32bf4cd8c572c1719c924b3a4e8f","ssdeep":"49152:kWAhzUG6ibd61Ku5y33kxFFE8xFVMqMh47XHD2BO:kcZiw1N5AyFE8xz5Mh4bqBO","tlshash":"3575ffb3b041c912fad67bb02157a5f15702edc3386ce1edba66f2b947b02835d64722","first_seen":"2023-11-22T10:16:22Z","last_seen":"2025-03-11T19:38:21.443235Z","times_seen":730,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":37,"dns":1,"connect":3,"send":0,"wait":22,"receive":227,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-03-23","alert":"Scan result 2/70","trigger":"18037d38f734d82efcf69b41bcd07cbdca8add2048bb861aefaeda0ae22d0eea","verdict":"suspicious","severity":"","comment":"suspicious - 2/70","link":"https://www.virustotal.com/gui/file/18037d38f734d82efcf69b41bcd07cbdca8add2048bb861aefaeda0ae22d0eea","meta":null}],"urlquery":null}}]}