Report - github.com/QuakedK/Oneclick/releases/download/optimizer/Full-Package-OneClick-V4.5.zip

Report Overview

Submitted URL
github.com/QuakedK/Oneclick/releases/download/optimizer/Full-Package-OneClick-V4.5.zip
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-05-05 11:17:23
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-03-24	540 B	4.0 kB	140.82.121.3
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2024-05-05	1.0 kB	1.3 MB	185.199.110.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/794377139/f1916c4b-6df7-4c32-b9cb-30883a3351ae?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240505%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240505T111658Z&X-Amz-Expires=300&X-Amz-Signature=5b36f4ec6ec7d55ad1b3b6100bff2d53b46ec4a30ac4dda4692b657beab1fe75&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=794377139&response-content-disposition=attachment%3B%20filename%3DFull-Package-OneClick-V4.5.zip&response-content-type=application%2Foctet-stream
IP
185.199.110.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.3 MB (1331060 bytes)
Hash
0dbd942049968ae5610909c070184624
97c3b1c47a9f0d0ecd8c25828908a254dc93631c
43ba2e7a3b898c2a47d4156a7996c0c21e6e22c64ba1b04523d7aa816e90f1d8

Archive (19)

Filename

Md5

File type

0- Read Me Important.txt

b74781b71ad67b65015c9ca9b03f9a20

Unicode text, UTF-8 text, with CRLF line terminators

1- What does it do.txt

67162b34ac4f27e251d9379022273642

Unicode text, UTF-8 text, with CRLF line terminators

Oneclick 4.5.bat

10c8e3c49ae8aa38c88e519842fb0169

Unicode text, UTF-8 text, with CRLF line terminators

1- Turn On Wifi.bat

c4e59358e2c650ffaef0331bfa763327

Unicode text, UTF-8 text, with CRLF line terminators

2- Windows Service Control.bat

dcb17ecd18c94f67c09dbf7875ae5229

DOS batch file, ASCII text, with CRLF line terminators

3- Turn On Bluetooth.bat

66a77b5475a1e5b0f0d535b7809c4636

DOS batch file, ASCII text, with CRLF line terminators

4- Help.txt

85adac59f40d4038d479ff450d99fa50

ASCII text, with CRLF line terminators

1- Xbox Service Enabler.bat

3d8f2c3bd3fcec1d73d6179ceae4c2d8

DOS batch file, ASCII text, with CRLF line terminators

2- What to do.txt

f59a6a5d8c954f0b03903b0818ee2cfe

ASCII text, with CRLF line terminators

1- Read me.txt

ec438152add0f36346925180aea94dbe

ASCII text, with CRLF line terminators

2- Enable Clipboard History.bat

05ab20a0f46d02a30d241fbe2d5224c9

DOS batch file, ASCII text, with CRLF line terminators

1- Read me.txt

af84c7817b144d0978914d435a0c99d9

Unicode text, UTF-8 text, with CRLF line terminators

2- Cmd Fix.bat

b0c27ff6cfbdee082d4246d46f11b175

Unicode text, UTF-8 text, with CRLF line terminators

ChromeSetup.exe

6894d217d4162fa5e1d5b6ca7f759c9e

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

CTT App Installer.bat

f313871bfb1db4e19da3bfbefdd71207

DOS batch file, ASCII text, with CRLF line terminators

Instructions.txt

c46d9b1b9ff5c5796ceaf2be3939f5ad

ASCII text, with CRLF line terminators

Nsudo Download.url

92b39e3471f0df79235b2bb01fbf3bd3

Generic INItialization configuration [InternetShortcut]

Defragment.lnk

6c641c68dc0ee3f1f976edf0ee45fb28

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Sat May 7 05:20:04 2022, mtime=Sat Nov 19 11:00:23 2022, atime=Sat May 7 05:20:04 2022, length=139264, window=hide

System Restore.lnk

f15467282144268c3414cbc2c98b999b

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Sat May 7 05:19:12 2022, mtime=Sat Nov 19 10:07:11 2022, atime=Sat May 7 05:19:12 2022, length=102400, window=hide

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
Public InfoSec YARA rules	malware	Identifies executable artefacts in shortcut (LNK) files.
Public InfoSec YARA rules	malware	Identifies shortcut (LNK) file with a long relative path. Might be used in an attempt to hide the path.
Public InfoSec YARA rules	malware	Identifies executable artefacts in shortcut (LNK) files.
Public InfoSec YARA rules	malware	Identifies shortcut (LNK) file with a long relative path. Might be used in an attempt to hide the path.

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	github.com/QuakedK/Oneclick/releases/download/optimizer/Full-Package-OneClick-V4.5.zip	140.82.121.3	302 Found	0 B
URL User Request GET HTTP/2 github.com/QuakedK/Oneclick/releases/download/optimizer/Full-Package-OneClick-V4.5.zip IP 140.82.121.3:443 ASN #36459 GITHUB Certificate IssuerSectigo Limited Subjectgithub.com FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /QuakedK/Oneclick/releases/download/optimizer/Full-Package-OneClick-V4.5.zip HTTP/1.1 Host: github.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: GitHub.com date: Sun, 05 May 2024 11:16:58 GMT content-type: text/html; charset=utf-8 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/794377139/f1916c4b-6df7-4c32-b9cb-30883a3351ae?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240505%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240505T111658Z&X-Amz-Expires=300&X-Amz-Signature=5b36f4ec6ec7d55ad1b3b6100bff2d53b46ec4a30ac4dda4692b657beab1fe75&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=794377139&response-content-disposition=attachment%3B%20filename%3DFull-Package-OneClick-V4.5.zip&response-content-type=application%2Foctet-stream cache-control: no-cache strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: no-referrer-when-downgrade content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com .actions.githubusercontent.com wss://.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/ content-length: 0 x-github-request-id: 0F62:2C709A:1CA66CCF:1D1508D0:66376AAA X-Firefox-Spdy: h2

	objects.githubusercontent.com/github-production-release-asset-2e65be/794377139/f1916c4b-6df7-4c32-b9cb-30883a3351ae?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240505%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240505T111658Z&X-Amz-Expires=300&X-Amz-Signature=5b36f4ec6ec7d55ad1b3b6100bff2d53b46ec4a30ac4dda4692b657beab1fe75&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=794377139&response-content-disposition=attachment%3B%20filename%3DFull-Package-OneClick-V4.5.zip&response-content-type=application%2Foctet-stream	185.199.110.133	200 OK	1.3 MB
URL User Request GET HTTP/2 objects.githubusercontent.com/github-production-release-asset-2e65be/794377139/f1916c4b-6df7-4c32-b9cb-30883a3351ae?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240505%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240505T111658Z&X-Amz-Expires=300&X-Amz-Signature=5b36f4ec6ec7d55ad1b3b6100bff2d53b46ec4a30ac4dda4692b657beab1fe75&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=794377139&response-content-disposition=attachment%3B%20filename%3DFull-Package-OneClick-V4.5.zip&response-content-type=application%2Foctet-stream IP 185.199.110.133:443 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subject.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 1.3 MB (1331060 bytes) Hash 0dbd942049968ae5610909c070184624 97c3b1c47a9f0d0ecd8c25828908a254dc93631c 43ba2e7a3b898c2a47d4156a7996c0c21e6e22c64ba1b04523d7aa816e90f1d8 HTTP Headers GET /github-production-release-asset-2e65be/794377139/f1916c4b-6df7-4c32-b9cb-30883a3351ae?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240505%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240505T111658Z&X-Amz-Expires=300&X-Amz-Signature=5b36f4ec6ec7d55ad1b3b6100bff2d53b46ec4a30ac4dda4692b657beab1fe75&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=794377139&response-content-disposition=attachment%3B%20filename%3DFull-Package-OneClick-V4.5.zip&response-content-type=application%2Foctet-stream HTTP/1.1 Host: objects.githubusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/octet-stream last-modified: Wed, 01 May 2024 06:01:57 GMT etag: "0x8DC69A4355CACEC" server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 423bd025-e01e-0050-3293-9b2305000000 x-ms-version: 2020-10-02 x-ms-creation-time: Wed, 01 May 2024 06:01:57 GMT x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob content-disposition: attachment; filename=Full-Package-OneClick-V4.5.zip x-ms-server-encrypted: true via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sun, 05 May 2024 11:16:59 GMT age: 0 x-served-by: cache-iad-kcgs7200145-IAD, cache-hel1410023-HEL x-cache: HIT, MISS x-cache-hits: 61, 0 x-timer: S1714907819.512088,VS0,VE490 content-length: 1331060 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (19)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers