Report - f.celsoazevedo.com/file/cfiles/gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip

Report Overview

Submitted URL
f.celsoazevedo.com/file/cfiles/gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip
IP
104.26.15.150
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-28 23:58:53
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
temp4-f.celsoazevedo.com	unknown	2009-01-19	2022-07-02	2024-03-28	551 B	2.3 MB	104.26.15.150
f.celsoazevedo.com	unknown	2009-01-19	2018-12-04	2024-03-28	531 B	11 kB	104.26.15.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
temp4-f.celsoazevedo.com/file/cfiles/gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip
IP
104.26.15.150
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.3 MB (2326671 bytes)
Hash
1061e5b79d442bd8d5d4be543bbdb20a
3572586c60901288fc821f344729aa7f0aae635d
7e9e637eb79467c5fa5c3a0e178634492822d60d7879015ea99789d641826be4

Archive (27)

Filename

Md5

File type

update-binary

ef2fb73ff88a52f61a8b155891c73c10

a /sbin/sh script, ASCII text executable

updater-script

b39cd178923d60d67de5c5b81a78c242

ASCII text

.gitattributes

d895175d574b006b21841b259757ed64

ASCII text

.gitignore

6ab734488d63a6d2c0b67796fa3c5f57

ASCII text

LICENSE

b234ee4d69f5fce4486a80fdaf4a4263

ASCII text

README.md

daffa4f6454976589758e00c992f8a7c

ASCII text

placeholder

d41d8cd98f00b204e9800998ecf8427e

post-fs-data.sh

74587b6882552fc6c8b827fe7c5e4a52

ASCII text

sepolicy.sh

da6834832c4eb8b821dfa51100665a93

ASCII text

service.sh

550fc3bd2447fbb2be1f7dc2d9161031

ASCII text

system.prop

e3cf32c5200d001e2c44fa33740301d2

ASCII text

unity_install.sh

d41d8cd98f00b204e9800998ecf8427e

unity_uninstall.sh

d41d8cd98f00b204e9800998ecf8427e

unity_upgrade.sh

7c615b79e033f7443668e684320ffd82

ASCII text

addon.sh

a3e71683b7be0b1ecd5513c757775458

a /sbin/sh script, ASCII text executable

busybox

2aba34ecee3be67e194efed031e8169f

ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV)

busybox

b075607b8020ba97e26f8437634abc90

ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV)

util_functions.sh

4db7bc173b7687446bf8819b5ffaa1d9

Unicode text, UTF-8 text

install.sh

aa1a8960cdfc48b63c8b9791bb9f2423

ASCII text

module.prop

8093ca5a471079d6352f452e64f1ebb3

ASCII text

op3slowmo.sh

7dcaaaefb4633fcba9f7312710c6a36b

ASCII text

android.hardware.camera.provider@2.4-service.oneplus3

13ff7598be7a18a20cf9ae4bf6e2240f

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

camera.msm8996.so

e7219a5196a2e77b99d94567feec9f26

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

libmmcamera_interface.so

3a82945317b048eaccffcb69515a028b

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

libmmjpeg_interface.so

f16ec8439bda9ea119cd504321c23511

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

libqomx_core.so

f60d5bbd31c9847352262ac35b1d8df4

ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV)

uninstall.sh

1cfac24c4102c42d31f44edbcd21dd5b

ASCII text

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	temp4-f.celsoazevedo.com/file/cfiles/gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip	104.26.15.150	200 OK	2.3 MB
URL User Request GET HTTP/2 temp4-f.celsoazevedo.com/file/cfiles/gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip IP 104.26.15.150:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectcelsoazevedo.com Fingerprint35:A0:12:2B:F3:21:76:84:1C:92:F8:49:2B:CA:F8:E6:FF:BA:32:5E ValiditySat, 16 Mar 2024 23:37:29 GMT - Fri, 14 Jun 2024 23:37:28 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 2.3 MB (2326671 bytes) Hash 1061e5b79d442bd8d5d4be543bbdb20a 3572586c60901288fc821f344729aa7f0aae635d 7e9e637eb79467c5fa5c3a0e178634492822d60d7879015ea99789d641826be4 HTTP Headers GET /file/cfiles/gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip HTTP/1.1 Host: temp4-f.celsoazevedo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Thu, 28 Mar 2024 23:58:26 GMT content-type: application/zip content-length: 2326671 x-bz-file-name: gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip x-bz-file-id: 4_z6102a33e2043581c7a23081b_f1095530c61841731_d20200526_m132627_c003_v0312002_t0004 x-bz-content-sha1: 3572586c60901288fc821f344729aa7f0aae635d x-bz-upload-timestamp: 1590499587000 x-bz-info-src_last_modified_millis: 1579758044090 cache-control: public, max-age=31536000 strict-transport-security: max-age=31536000; includeSubDomains; preload last-modified: Thu, 28 Mar 2024 23:36:16 GMT cf-cache-status: HIT age: 1051 expires: Fri, 28 Mar 2025 23:58:26 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDgxBRQfvOcxVkGOJ6vIO0%2BcoE2v7qXSLqDaTXTVIs3bRT4cKWN87zKRW1j55nTdIP9XiETh76Ot9CLyB%2B41WHzb%2F4yHGiQ4ck3b9Xowr6v8UpIS33WZ%2FUknvrrFDiEIpEtQsS99E%2BYw1A%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 86bb91788e8756bf-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	f.celsoazevedo.com/file/cfiles/gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip	104.26.15.150	302 Found	10 kB
URL User Request GET HTTP/2 f.celsoazevedo.com/file/cfiles/gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip IP 104.26.15.150:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectcelsoazevedo.com Fingerprint35:A0:12:2B:F3:21:76:84:1C:92:F8:49:2B:CA:F8:E6:FF:BA:32:5E ValiditySat, 16 Mar 2024 23:37:29 GMT - Fri, 14 Jun 2024 23:37:28 GMT File type data Size 10 kB (10442 bytes) Hash 36a69d959f4c29c17802362d2a99acdc 6f3225b7b046ea7a6aeddb159fc541a86357cf0e 45ae78c697849a821508a96190f24029439b25aa46c0e5db8e13af1037a697e8 HTTP Headers GET /file/cfiles/gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip HTTP/1.1 Host: f.celsoazevedo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Thu, 28 Mar 2024 23:58:26 GMT content-type: text/html location: https://temp4-f.celsoazevedo.com/file/cfiles/gcm1/OnePlus_3_3T_Slow_Motion_Fix-v2.0.1_8.zip cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DmaW%2Fbhmtb67MVCFa31XqnlvVtjnaFuyXVSLNyvJKjG7HHK9EbL0flZdTFvJQQ0Op4W8o70X2ARe2ccPorfAYouHRFSUBvKKcG3GjaashC4Hv0Oeo1pFg3dVlhTGbe3K23Zvwg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 86bb91772dbd56bf-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2