{"report_id":"6fc8f87c-ad48-4ddc-9aec-0a4a56091aa0","version":6,"status":"done","tags":[],"date":"2024-12-29T23:25:15Z","url":{"schema":"http","addr":"dd-prod-us-west.s3.us-west-004.backblazeb2.com/prepared-downloads/eaf3f8-97/6740f804be0ed0affcac7f9a/Order%20files.zip","fqdn":"dd-prod-us-west.s3.us-west-004.backblazeb2.com","domain":"backblazeb2.com","tld":"com"},"ip":{"addr":"149.137.133.254","port":0,"asn":40401,"as":"BACKBLAZE","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-09T23:25:15Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"dd-prod-us-west.s3.us-west-004.backblazeb2.com","ip":{"addr":"149.137.135.254","port":0,"asn":40401,"as":"BACKBLAZE","country":"United States","country_code":"US"},"domain_registered":"2016-07-13","domain_rank":0,"first_seen":"2024-10-20T04:51:06.407665Z","last_seen":"2024-12-23T11:35:03.574012Z","alert_count":1,"request_count":1,"received_data":1803377,"sent_data":572,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"e38fe3391e1e38dc12e1e007122d71d6","sha1":"622e3d42949cc6cb6d30efc84d2d258c8431bacc","sha256":"c13f46d91b58002c204579d3d12936969a6359bde4968d700de2d6bedffdef96","sha512":"eb52b212b2d6e3ebfcac49341eacfeebee1eb3e32f71eee6e97c1b0f8197d2df9f876f53591270c4079e25b7b04cac5711c98cf4217865c1764f15ab385d947b","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":1802873,"url":{"schema":"http","addr":"dd-prod-us-west.s3.us-west-004.backblazeb2.com/prepared-downloads/eaf3f8-97/6740f804be0ed0affcac7f9a/Order%20files.zip","fqdn":"dd-prod-us-west.s3.us-west-004.backblazeb2.com","domain":"backblazeb2.com","tld":"com"},"ip":{"addr":"149.137.135.254","port":0,"asn":40401,"as":"BACKBLAZE","country":"United States","country_code":"US"},"archive":[{"path":"IF PROGRAM DOESNT OPEN READ THIS.txt","filename":"IF PROGRAM DOESNT OPEN READ THIS.txt","modified":"2024-11-25T15:09:22Z","Modified":"","magic":"ASCII text, with CRLF line terminators","size":387,"md5":"5624d1e25601634e3bd1e432ef2553df","sha1":"06932cb1efeacaa01f738c2f4cda62855fd310cd","sha256":"e3abc0a5be35050252ebb72e5297274b964775f27df9af2061d799d8db4b5f3f","sha512":"9f8a5dd003970d9820ab1f62b275ba74e777e07da4719d73616fcc69797b61568a1e167749a2a0a4960c9d14a68193273cb7f4dd064aae299ec3fac107a93d9d","alerts":{"urlquery":null,"analyzer":null}},{"path":"Velocity Tweaking Utility V2.0.zip","filename":"Velocity Tweaking Utility V2.0.zip","modified":"2024-11-25T15:09:24Z","Modified":"","magic":"Zip archive data, at least v2.0 to extract, compression method=store","size":1805545,"md5":"0d8d05c1362fe2af042dbe5fb8aaf01f","sha1":"cf0ce596577d7a42a9eae4aa00e838e55c05a8b5","sha256":"5c0307fdce3321c86ea17b6de7b0d983143778019a1dba4838acfcc5e3587075","sha512":"78227bbf13fcc040ef98473de2889534b76941d325de278a571bc5238b2719986bc9b839d5bab0f8f512c027dfca6a88b19be737f3dc5c9ae885c006938f4320","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-07-28","alert":"Scan result 38/69","trigger":"5c0307fdce3321c86ea17b6de7b0d983143778019a1dba4838acfcc5e3587075","verdict":"malicious","severity":"","comment":"malicious - 38/69","link":"https://www.virustotal.com/gui/file/5c0307fdce3321c86ea17b6de7b0d983143778019a1dba4838acfcc5e3587075","meta":null}]}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-12-01","alert":"Scan result 32/67","trigger":"c13f46d91b58002c204579d3d12936969a6359bde4968d700de2d6bedffdef96","verdict":"malicious","severity":"","comment":"malicious - 32/67","link":"https://www.virustotal.com/gui/file/c13f46d91b58002c204579d3d12936969a6359bde4968d700de2d6bedffdef96","meta":null}]}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"e38fe3391e1e38dc12e1e007122d71d6","sha1":"622e3d42949cc6cb6d30efc84d2d258c8431bacc","sha256":"c13f46d91b58002c204579d3d12936969a6359bde4968d700de2d6bedffdef96","sha512":"eb52b212b2d6e3ebfcac49341eacfeebee1eb3e32f71eee6e97c1b0f8197d2df9f876f53591270c4079e25b7b04cac5711c98cf4217865c1764f15ab385d947b","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":1802873,"url":{"schema":"http","addr":"dd-prod-us-west.s3.us-west-004.backblazeb2.com/prepared-downloads/eaf3f8-97/6740f804be0ed0affcac7f9a/Order%20files.zip","fqdn":"dd-prod-us-west.s3.us-west-004.backblazeb2.com","domain":"backblazeb2.com","tld":"com"},"ip":{"addr":"149.137.135.254","port":0,"asn":40401,"as":"BACKBLAZE","country":"United States","country_code":"US"},"archive":[{"path":"IF PROGRAM DOESNT OPEN READ THIS.txt","filename":"IF PROGRAM DOESNT OPEN READ THIS.txt","modified":"2024-11-25T15:09:22Z","Modified":"","magic":"ASCII text, with CRLF line terminators","size":387,"md5":"5624d1e25601634e3bd1e432ef2553df","sha1":"06932cb1efeacaa01f738c2f4cda62855fd310cd","sha256":"e3abc0a5be35050252ebb72e5297274b964775f27df9af2061d799d8db4b5f3f","sha512":"9f8a5dd003970d9820ab1f62b275ba74e777e07da4719d73616fcc69797b61568a1e167749a2a0a4960c9d14a68193273cb7f4dd064aae299ec3fac107a93d9d","alerts":{"urlquery":null,"analyzer":null}},{"path":"Velocity Tweaking Utility V2.0.zip","filename":"Velocity Tweaking Utility V2.0.zip","modified":"2024-11-25T15:09:24Z","Modified":"","magic":"Zip archive data, at least v2.0 to extract, compression method=store","size":1805545,"md5":"0d8d05c1362fe2af042dbe5fb8aaf01f","sha1":"cf0ce596577d7a42a9eae4aa00e838e55c05a8b5","sha256":"5c0307fdce3321c86ea17b6de7b0d983143778019a1dba4838acfcc5e3587075","sha512":"78227bbf13fcc040ef98473de2889534b76941d325de278a571bc5238b2719986bc9b839d5bab0f8f512c027dfca6a88b19be737f3dc5c9ae885c006938f4320","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-07-28","alert":"Scan result 38/69","trigger":"5c0307fdce3321c86ea17b6de7b0d983143778019a1dba4838acfcc5e3587075","verdict":"malicious","severity":"","comment":"malicious - 38/69","link":"https://www.virustotal.com/gui/file/5c0307fdce3321c86ea17b6de7b0d983143778019a1dba4838acfcc5e3587075","meta":null}]}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-12-01","alert":"Scan result 32/67","trigger":"c13f46d91b58002c204579d3d12936969a6359bde4968d700de2d6bedffdef96","verdict":"malicious","severity":"","comment":"malicious - 32/67","link":"https://www.virustotal.com/gui/file/c13f46d91b58002c204579d3d12936969a6359bde4968d700de2d6bedffdef96","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"dd-prod-us-west.s3.us-west-004.backblazeb2.com/prepared-downloads/eaf3f8-97/6740f804be0ed0affcac7f9a/Order%20files.zip","fqdn":"dd-prod-us-west.s3.us-west-004.backblazeb2.com","domain":"backblazeb2.com","tld":"com"},"ip":{"addr":"149.137.135.254","port":0,"asn":40401,"as":"BACKBLAZE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-12-29T23:24:52.771708602Z","timestamp":1735514692771,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /prepared-downloads/eaf3f8-97/6740f804be0ed0affcac7f9a/Order%20files.zip HTTP/1.1\r\nHost: dd-prod-us-west.s3.us-west-004.backblazeb2.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Sun, 29 Dec 2024 23:24:51 GMT\r\nContent-Type: application/zip\r\nContent-Length: 1802873\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nLast-Modified: Mon, 25 Nov 2024 15:09:25 GMT\r\nETag: \"e38fe3391e1e38dc12e1e007122d71d6\"\r\nx-amz-request-id: cdc99b6085bef315\r\nx-amz-id-2: aZp0zRDkzM383UDnaNC5jxzizMbVkKjBW\r\nx-amz-version-id: 4_zafe32933e789149c98210d10_f10373dd0b24ab5c2_d20241125_m150925_c004_v0402025_t0030_u01732547365628\r\nStrict-Transport-Security: max-age=63072000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1802873,"size_decoded":1802873,"mime_type":"application/zip","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"e38fe3391e1e38dc12e1e007122d71d6","sha1":"622e3d42949cc6cb6d30efc84d2d258c8431bacc","sha256":"c13f46d91b58002c204579d3d12936969a6359bde4968d700de2d6bedffdef96","sha512":"eb52b212b2d6e3ebfcac49341eacfeebee1eb3e32f71eee6e97c1b0f8197d2df9f876f53591270c4079e25b7b04cac5711c98cf4217865c1764f15ab385d947b","ssdeep":"24576:HRTTOOIqYRQNhOaUZHKAwleoKR0fbMKnBdv50zExm8vRAECF8ciBAg+Mugjw1:NOyYONhzUZsUoKCBBdv5kEI0RAECFqE9","tlshash":"f38533e09adf8bbc605b92c1b7d96171fe5a2cf43799d96ddb0708b8086070375d8e82","first_seen":"2024-12-29T23:25:20.953701Z","last_seen":"2024-12-29T23:25:20.953701Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-12-01","alert":"Scan result 32/67","trigger":"c13f46d91b58002c204579d3d12936969a6359bde4968d700de2d6bedffdef96","verdict":"malicious","severity":"","comment":"malicious - 32/67","link":"https://www.virustotal.com/gui/file/c13f46d91b58002c204579d3d12936969a6359bde4968d700de2d6bedffdef96","meta":null}],"urlquery":null}}]}