Report - github.com/acalcutt/Vistumbler/releases/download/v10.8.1/Vistumbler_v10-8-1

Report Overview

Visited public
2025-03-04 18:23:40
Tags
URL
github.com/acalcutt/Vistumbler/releases/download/v10.8.1/Vistumbler_v10-8-1_Portable.zip
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.4
#36459 GITHUB
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2025-02-26	556 B	6.2 MB	140.82.121.4
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2025-02-26	986 B	6.2 MB	185.199.111.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/8640355/ff848f7c-bb43-4691-8e57-855b1ac8728d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250304%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250304T182318Z&X-Amz-Expires=300&X-Amz-Signature=eca825e1104952b98cbe836ed2713793892b06217571a3e4c2ccee3792882350&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DVistumbler_v10-8-1_Portable.zip&response-content-type=application%2Foctet-stream
IP
185.199.111.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
6.2 MB (6200466 bytes)
Hash
bd625418102ff3b24d83ba5154bbd288
17775e83ad473cd0bd275ba83e90627622960ea0
1eb83e0c07edb3557583913632552807c6c4bb781216629a2a4acfaebca50a1c

Archive (122)

Filename

Md5

File type

commg.dll

8f24f14bad0ecaceaf9585da81aa3762

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

Export.au3

61131d5dfdadedf86d5964ceedcc276a

C source, ASCII text, with very long lines (954), with CRLF line terminators

Export.exe

6841b47268c1073087f2cd7a93f5bc80

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

icon.ico

b0981809c624f578211668f77f5106d1

Targa image data - Map 32 x 1452 x 1 +1

open-green.ico

b8489ed6750551561b8fa573f5e82ce0

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

open-grey.ico

fb6e40ca249735fca85d7770bc4bb87b

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

open-light-green.ico

f60b6ba3adbfc856849d70e99902a88b

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

open-orange.ico

0fce6c8c9032a017ee67802117839eeb

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

open-red.ico

001444ad05afb8d97c3194dff3221cf3

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

open-yellow.ico

9fa4520922d07e660f23b90af5169d26

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

sec-green.ico

e8756ac73c7f40d3e8a42cb8bebc5532

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

sec-grey.ico

0a10c3603aa05818210430d3fbe58c3e

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

sec-light-green.ico

6b57a8746286c48144040e64f6f78b91

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

sec-orange.ico

d1adb07e2f7f8a18392aa8bd023f06b8

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

sec-red.ico

788cc367409564b3aa26f188aa648a38

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

sec-yellow.ico

60c81392d24f37fc0383fc5c7b9f324c

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

SignalIcons.psd

c779d31e40276cf8f5434a72e60047c3

Adobe Photoshop Image, 72 x 72, RGB, 3x 8-bit channels

vsfile_icon.ico

9327928221c44fd06bf51b674e54bfa1

MS Windows icon resource - 5 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48, 32 bits/pixel

bar_graph.jpg

6d02d78110940cfde6ce988511ca28eb

JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2020:09:13 09:05:09], baseline, precision 8, 20x20, components 3

bar_graph.PSD

52425f2160227e1e5362d1aa2d9022fa

Adobe Photoshop Image, 20 x 20, RGBA, 4x 8-bit channels

bar_graph_disabled.jpg

62bc9fd0c63c09192787838c27c391fe

JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2020:09:13 12:14:04], baseline, precision 8, 20x20, components 3

gpspos.png

e8baa11c64ced6bb4c60e71ad619ddcf

PNG image data, 41 x 43, 8-bit/color RGBA, non-interlaced

line_graph.jpg

5d3f38d260d76bb25f1cd1cf5644f9f7

line_graph.psd

fce7ad48140e17bfad8900d070703f0b

Adobe Photoshop Image, 20 x 20, RGBA, 4x 8-bit channels

line_graph_disabled.jpg

2f06f948b5bed70b269d3b8fc3b72635

JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2020:09:13 12:13:20], baseline, precision 8, 20x20, components 3

list-view.jpg

530c8ea7fd1b95a8d0ba57ab6793b209

JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2020:09:13 10:44:05], baseline, precision 8, 20x20, components 3

open.png

6f301f32e8d23e8a955f1c3e16f7e543

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

open_dead.png

ff2901dae81fba46b0d313e47e943e36

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

secure-wep.png

b8c3d4156f4fe9f71a50573cb4612db2

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

secure-wep_dead.png

63faffbee8ebcf290853f4e473df9f18

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

secure.png

67dc33984fc49e54ed9b594be5748ff4

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

secure_dead.png

b248a9ded9b02a670ea154d8d75d8c08

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

Brazilian_Portuguese.ini

2fe4cc2f3ac6b7536582627eecccd24a

Generic INItialization configuration [SearchWords]

Bulgarian.ini

a812577cd89bb5c32d6d13b887da5de5

Generic INItialization configuration [SearchWords]

Chinese_Traditional.ini

63af4939bff9f70d7b4809369055c639

Generic INItialization configuration [SearchWords]

Czech.ini

1d29771390573fa68b30db6a00fa6b4c

Generic INItialization configuration [SearchWords]

Danish.ini

5456254d61404009808d03a084c10803

Generic INItialization configuration [SearchWords]

Deutsch.ini

9a02857478ab4e1c8f4f5582d72a9be7

Generic INItialization configuration [SearchWords]

Dutch.ini

f13efd24e015fc2f842d19c62fed11fa

Generic INItialization configuration [SearchWords]

English.ini

76773d2d4d673cc7dd57bc47f11866bd

Generic INItialization configuration [SearchWords]

French.ini

de6e07902c93533db38c119ee135e103

Generic INItialization configuration [SearchWords]

Greek.ini

f494d1e57970423ef533d22738029b1e

Generic INItialization configuration [SearchWords]

Italiano.ini

0d5db66f5a92af857714f5b107e47bf1

Generic INItialization configuration [SearchWords]

Japanese.ini

d7a0685614de8dfd25f17389619cfaf2

Non-ISO extended-ASCII text, with CRLF, NEL line terminators

Norwegian.ini

8781a1bcaf591834cd9bad2c1cffa3ba

Generic INItialization configuration [SearchWords]

Polish.ini

9ea829e2b5c8933765120b31d3b77bba

Generic INItialization configuration [SearchWords]

Russian.ini

1de1654068262c8b112e92801ba9d50e

Generic INItialization configuration [SearchWords]

Spanish.ini

6e447f4616033e2086648c5d9fab75f1

Generic INItialization configuration [SearchWords]

Spanish2.ini

7276ab679d5f71b7a7ad8c24e6f36505

Generic INItialization configuration [SearchWords]

Swedish.ini

458a2488636cf2dfc9ce1727e31711f9

Generic INItialization configuration [SearchWords]

Turkish.ini

cbfd59aa6d7a3ebfda4e4cdbef18b053

Generic INItialization configuration [SearchWords]

License.txt

bb3c7b8508b4a7014706ba8385c25108

ASCII text, with CRLF line terminators

macmanuf.exe

8d44b706f88990faba3e45ba208a0047

PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

say.au3

2a5adc0eb795a01a783d4e1588c12444

C source, ASCII text, with CRLF line terminators

say.exe

fc70f1e8a15259656ed0bf5a7696e93b

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

Filters.mdb

20e2713a51339876085d24d6b2803e70

Microsoft Access Database

Instruments.mdb

d80de9f0752eac0a18126de87c14ab4b

Microsoft Access Database

Labels.mdb

99f84276d412db7d4d662b2637ff8c4f

Microsoft Access Database

Manufacturers.mdb

70c5bcbc00b986cb3a541b266d13dca3

Microsoft Access Database

vistumbler_settings.ini

8315e742dd5f2f977e2531546fbaa1bf

Generic INItialization configuration [WindowPositions]

autosave.wav

6f0f880fb2df0355c2fbb967da3d584c

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 48000 Hz

eight.wav

d1570ac2e73695069093cdb5b7e87b11

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

eightteen.wav

0a4d19a25664db98395c1815fd0e97dc

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

eighty.wav

1687a3b3a1e9d16908b57227c69a790b

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

eleven.wav

e087095ebb943183c5cf877cb7f6d38a

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

error.wav

2b914b2ba7fc047c75f31ffd9909da0c

RIFF (little-endian) data, WAVE audio, MPEG Layer 3, mono 16000 Hz

fifteen.wav

05ec000493145e96a10e934aa5403de0

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

fifty.wav

0d8467eb443fbbaddc4aa1be3e58ac48

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

five.wav

0d3a3f167d7cb6afa337a01a9ab85368

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

four.wav

f97318dc57f5ee170317f658fed6b4b6

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

fourteen.wav

67ac1dbb316db0c617bd7b2526e9426e

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

fourty.wav

a228acf05d34fdf6cd6bf2d5b012182d

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

hundred.wav

eae824193cc6616e0d7fe77bdd405cec

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

new_ap.wav

2cc77f1ad1320601f0b8305839817e0c

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 11025 Hz

new_gps.wav

7ce71a70f59f705daa06fd9ed565ad96

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 24 bit, stereo 44100 Hz

nine.wav

58f1b206733cbba03338961cfbd541f8

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

nineteen.wav

14538469332a0b9c8f408ca4616d8654

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

ninety.wav

68411148c7b3ed671dfc91fcae781732

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

one.wav

05855683adc2779eb7d0047e6c0bad0e

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

percent.wav

757aa148817bcbaaa70b2e7f08a11933

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

seven.wav

bbf27e60b5907e10a43b65cba94c6915

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

seventeen.wav

f2a6b8129c217c1458b8d37f3694d3d1

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

seventy.wav

c8713685646c63ac934d7da2e66e75ec

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

six.wav

ba836a8fe8e82c1fb53f9e29c5730fd9

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

sixteen.wav

2a38d852cce2c1f84418f8bbe340fb84

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

sixty.wav

e5b75115e769002f82ab173d49e2c3c5

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

ten.wav

0724b3af645f3db93557566af9e54c8e

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

thirteen.wav

f38e008d81b4e70c16b4f9616fe2da92

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

thirty.wav

76c8dada90da14f7b5e02e5c3f5909ff

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

three.wav

431a5af900279aa5850805cc374a4e12

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

twelve.wav

d4b9ec017b972ac97c4f1eb8a9fa7c87

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

twenty.wav

208e09f21f46fb003c34f45c4489c1f5

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

two.wav

a5c1937923672b4130462126404e5790

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

zero.wav

f0df248cc62fb73700b5e3b01a8db805

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 22050 Hz

sqlite3.dll

47a89aaed60e9f7daa7206e6d09fe8ce

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 19 sections

AccessCom.au3

4ae25dc0a71fd3e4ae0c8c53f1cd74aa

C source, ASCII text, with CRLF line terminators

AutoItObject.au3

34cc114ea9844f8e96c8b9195a1cd07b

C source, ASCII text, with very long lines (1225), with CRLF line terminators

cfxUDF.au3

9d40ac00959dbe12c399960070ac234b

C source, ASCII text, with CRLF line terminators

CommMG.au3

7e5ce321c7ba81e2414c4b4e47f699c0

C source, ASCII text, with CRLF line terminators

CompareFileTimeEx.au3

e7a6c8d72f5680cda5d7688774cc829f

ASCII text, with CRLF line terminators

FileInUse.au3

24c0766df0508fa03baa69174f9e7fc2

ASCII text, with CRLF line terminators

GoogleEarth.au3

e60fdfa4c462bded91f3aad505cc155a

ASCII text, with CRLF line terminators

HTTP.au3

650d6e156b26e22ad96d436314e23959

ASCII text, with CRLF line terminators

JSON.au3

a5f28ca4cfc8e835a664cef5775b2d80

C source, Non-ISO extended-ASCII text, with very long lines (326), with CRLF line terminators

MD5.au3

812a88cbcee2321fa6f4f6eed05d804b

ASCII text, with very long lines (2067), with CRLF line terminators

MIDIConstants.au3

c42f695a1400df5ab16e2df8b772bc1a

ASCII text, with CRLF line terminators

MIDIFunctions.au3

d87af17197828177d2ae117aab16e4f9

ASCII text, with CRLF line terminators

NativeWifi.au3

4bf2b0afe3bb631907bb61581dcd4fc9

ASCII text, with CRLF line terminators

oLinkedList.au3

76fffaa41522a487b7395b35d108f1e3

C source, ASCII text, with CRLF line terminators

ParseCSV.au3

21d42b411ac3cd9d46b5df77dd95d81e

ASCII text, with CRLF line terminators

rijndael.au3

2cb7daf069c557dbb9a12c49611438e5

ASCII text, with CRLF line terminators

UnixTime.au3

63262f3bcba76dfbcae926ae8000bb92

C source, ASCII text, with CRLF line terminators

Zip.au3

754378e8c3389e17a6d4770d7a450b82

C source, ASCII text, with CRLF line terminators

update.au3

8c202a721682dacff725f832f1e5a242

C source, ASCII text, with CRLF line terminators

update.exe

6109054f8703d3623652231346333bf2

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

UpdateManufactures.au3

577dc8c4447f6c46005904167d6eb008

C source, ASCII text, with CRLF line terminators

UpdateManufactures.exe

7814d57f6fc87a3cee370fab4e70f4bb

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

versions.ini

b839d697c0f76588229b7dfe077a9dbe

Generic INItialization configuration [RemovedFiles]

Vistumbler.au3

1e117693d7824d42c05fd6a3d04cc404

C source, ASCII text, with very long lines (535), with CRLF line terminators

Vistumbler.exe

d0c40952f69197c192be55606626914f

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

vistumbler_updater.au3

39378b604e6ba9a2ef571a8670e55f8a

ASCII text, with CRLF line terminators

vistumbler_updater.exe

e4d9639a8f33ae87bb70b786672f208b

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
Public InfoSec YARA rules	malware	Identifies compiled AutoIT script (as EXE).
Public InfoSec YARA rules	malware	Identifies compiled AutoIT script (as EXE).
Public InfoSec YARA rules	malware	Identifies compiled AutoIT script (as EXE).
Public InfoSec YARA rules	malware	Identifies compiled AutoIT script (as EXE).
Public InfoSec YARA rules	malware	Identifies compiled AutoIT script (as EXE).
Public InfoSec YARA rules	malware	Identifies compiled AutoIT script (as EXE).
VirusTotal	suspicious	VirusTotal - Scan result 10/63

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

github.com/acalcutt/Vistumbler/releases/download/v10.8.1/Vistumbler_v10-8-1_Portable.zip

140.82.121.4

302 Found

6.2 MB

URL User Request GET
github.com/acalcutt/Vistumbler/releases/download/v10.8.1/Vistumbler_v10-8-1_Portable.zip
IP
140.82.121.4:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE4:33:71:DD:D6:91:4A:75:B6:1F:9E:4F:74:6D:9B:F0:DD:26:FC:3A
ValidityWed, 05 Feb 2025 00:00:00 GMT - Thu, 05 Feb 2026 23:59:59 GMT

File type

Size
6.2 MB (6200466 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /acalcutt/Vistumbler/releases/download/v10.8.1/Vistumbler_v10-8-1_Portable.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Tue, 04 Mar 2025 18:23:18 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/8640355/ff848f7c-bb43-4691-8e57-855b1ac8728d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250304%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250304T182318Z&X-Amz-Expires=300&X-Amz-Signature=eca825e1104952b98cbe836ed2713793892b06217571a3e4c2ccee3792882350&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DVistumbler_v10-8-1_Portable.zip&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 5B20:2D021E:26B7EE5:278F152:67C74516
X-Firefox-Spdy: h2

objects.githubusercontent.com/github-production-release-asset-2e65be/8640355/ff848f7c-bb43-4691-8e57-855b1ac8728d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250304%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250304T182318Z&X-Amz-Expires=300&X-Amz-Signature=eca825e1104952b98cbe836ed2713793892b06217571a3e4c2ccee3792882350&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DVistumbler_v10-8-1_Portable.zip&response-content-type=application%2Foctet-stream

185.199.111.133

200 OK

6.2 MB

URL User Request GET
objects.githubusercontent.com/github-production-release-asset-2e65be/8640355/ff848f7c-bb43-4691-8e57-855b1ac8728d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250304%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250304T182318Z&X-Amz-Expires=300&X-Amz-Signature=eca825e1104952b98cbe836ed2713793892b06217571a3e4c2ccee3792882350&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DVistumbler_v10-8-1_Portable.zip&response-content-type=application%2Foctet-stream
IP
185.199.111.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
6.2 MB (6200466 bytes)
Hash
bd625418102ff3b24d83ba5154bbd288
17775e83ad473cd0bd275ba83e90627622960ea0
1eb83e0c07edb3557583913632552807c6c4bb781216629a2a4acfaebca50a1c

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 10/63

HTTP Headers

GET /github-production-release-asset-2e65be/8640355/ff848f7c-bb43-4691-8e57-855b1ac8728d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250304%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250304T182318Z&X-Amz-Expires=300&X-Amz-Signature=eca825e1104952b98cbe836ed2713793892b06217571a3e4c2ccee3792882350&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DVistumbler_v10-8-1_Portable.zip&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Wed, 03 May 2023 21:27:02 GMT
etag: "0x8DB4C1D23143080"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d6ab99d2-601e-002c-5a32-8d0dfa000000
x-ms-version: 2025-01-05
x-ms-creation-time: Wed, 03 May 2023 21:27:02 GMT
x-ms-blob-content-md5: vWJUGBAv87JNg7pRVLvSiA==
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=Vistumbler_v10-8-1_Portable.zip
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
fastly-restarts: 1
accept-ranges: bytes
age: 0
date: Tue, 04 Mar 2025 18:23:19 GMT
x-served-by: cache-iad-kiad7000107-IAD, cache-hel1410023-HEL
x-cache: HIT, MISS
x-cache-hits: 3, 0
x-timer: S1741112599.677409,VS0,VE99
content-length: 6200466
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (122)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers