{"report_id":"271692a5-88ae-497f-8b37-0cb8fe196bec","version":6,"status":"done","tags":[],"date":"2024-04-03T01:06:17Z","url":{"schema":"http","addr":"crossdock.io/Content/client/Techdinamics.CrossDock.Install.exe?hash=db3bfdfe-f405-47ce-8362-6e2aad38ad4b","fqdn":"crossdock.io","domain":"crossdock.io","tld":"io"},"ip":{"addr":"52.44.117.90","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T20:46:02Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"crossdock.io","ip":{"addr":"52.44.117.90","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2016-04-26","domain_rank":0,"first_seen":"2017-03-18 18:03:53","last_seen":"2024-03-28 01:40:28","alert_count":1,"request_count":1,"received_data":5915,"sent_data":558,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"091d6e4f371289f8fbee3af4dbfffc5f","sha1":"04cd4e00d1464592cad28b9bca007e8d74f8c2d8","sha256":"6ecae2eab287ab0f068f4e47e704e13c127afddfd0da41ab65379fbdd046a32d","sha512":"a6450fc93d428ca06c432b9a82505120bbd990aec10dd58bc1ed63af73338aaa9237b97e7bdff244dd6787920ad2531b462f50bdfb57837e5e5c538196c98909","magic":"PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections","size":5632,"url":{"schema":"https","addr":"crossdock.io/Content/client/Techdinamics.CrossDock.Install.exe?hash=db3bfdfe-f405-47ce-8362-6e2aad38ad4b","fqdn":"crossdock.io","domain":"crossdock.io","tld":"io"},"ip":{"addr":"52.44.117.90","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-06-19","alert":"Scan result 1/71","trigger":"6ecae2eab287ab0f068f4e47e704e13c127afddfd0da41ab65379fbdd046a32d","verdict":"suspicious","severity":"","comment":"suspicious - 1/71","link":"https://www.virustotal.com/gui/file/6ecae2eab287ab0f068f4e47e704e13c127afddfd0da41ab65379fbdd046a32d","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"crossdock.io/Content/client/Techdinamics.CrossDock.Install.exe?hash=db3bfdfe-f405-47ce-8362-6e2aad38ad4b","fqdn":"crossdock.io","domain":"crossdock.io","tld":"io"},"ip":{"addr":"52.44.117.90","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-04-03T01:05:52.452Z","timestamp":1712106352452,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"crossdock.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 06 May 2023 00:00:00 GMT","end":"Mon, 03 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CB:B0:9B:F9:57:B8:8D:77:A2:37:99:1A:27:FD:29:E4:1C:12:E9:AB","sha256":"ED:2F:F9:3E:6A:CC:C5:DE:1E:6C:C6:27:2C:A9:9D:39:BD:ED:F4:04:EF:66:81:D3:8F:B5:0E:2E:BB:7D:27:A1"}}},"request":{"raw":"GET /Content/client/Techdinamics.CrossDock.Install.exe?hash=db3bfdfe-f405-47ce-8362-6e2aad38ad4b HTTP/1.1\r\nHost: crossdock.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nContent-Type: application/octet-stream\r\nDate: Wed, 03 Apr 2024 01:05:52 GMT\r\nETag: \"0d417106b2d11:0\"\r\nLast-Modified: Thu, 19 May 2016 19:38:48 GMT\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nContent-Length: 5632\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5632,"size_decoded":5632,"mime_type":"application/octet-stream","magic":"PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections","md5":"091d6e4f371289f8fbee3af4dbfffc5f","sha1":"04cd4e00d1464592cad28b9bca007e8d74f8c2d8","sha256":"6ecae2eab287ab0f068f4e47e704e13c127afddfd0da41ab65379fbdd046a32d","sha512":"a6450fc93d428ca06c432b9a82505120bbd990aec10dd58bc1ed63af73338aaa9237b97e7bdff244dd6787920ad2531b462f50bdfb57837e5e5c538196c98909","ssdeep":"48:6kwYlsMYXcQORDmrailGnyjJ4KUoXfL2LLMVtEFvicZF87WKMEv+TfufVxl67h0G:xvyMIOgInk5qMw7yMBODy84xp","tlshash":"8ac1a64177e40772e9fb6fb9ad6322014e76a8938967cf2e15c3401e4956b54cd30f23","first_seen":"2023-06-21T03:24:10Z","last_seen":"2024-08-21T08:18:56.888768Z","times_seen":712,"resource_available":false,"data":null}},"time_used":1723,"timings":{"blocked":815,"dns":70,"connect":95,"send":0,"wait":93,"receive":0,"ssl":626},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-06-19","alert":"Scan result 1/71","trigger":"6ecae2eab287ab0f068f4e47e704e13c127afddfd0da41ab65379fbdd046a32d","verdict":"suspicious","severity":"","comment":"suspicious - 1/71","link":"https://www.virustotal.com/gui/file/6ecae2eab287ab0f068f4e47e704e13c127afddfd0da41ab65379fbdd046a32d","meta":null}],"urlquery":null}}]}