Report - dash.ovix.one/gta/OvixBundle.zip

Report Overview

Visited public
2024-04-29 11:55:38
Tags
URL
dash.ovix.one/gta/OvixBundle.zip
Finishing URL
about:privatebrowsing
IP / ASN
172.67.211.45
#13335 CLOUDFLARENET
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dash.ovix.one	unknown	2021-05-29	2022-02-10 19:11:23	2024-03-04 19:46:30	486 B	7.5 MB	104.21.77.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
dash.ovix.one/gta/OvixBundle.zip
IP
104.21.77.191
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
7.5 MB (7521088 bytes)
Hash
7be06b8a4bd08140c4f03e014c0dc506
ee6dfdd34ef7744701ee89339ee2e01465e1f00c
45f25202eaaa8134c13cb2a137a0303ea5e79feb849f0a3fbce9589288671ae6

Archive (7)

Filename

Md5

File type

appdata.lnk

da95cc5a365e3f76d347b40073e55727

MS Windows shortcut, Item id list present, Points to a file or directory, Directory, ctime=Wed Oct 5 10:01:06 2022, mtime=Tue Feb 20 17:14:20 2024, atime=Fri Feb 16 08:00:43 2024, length=32768, window=hide

ovix.png

329fde5ed3b5729426487ae492d92028

PNG image data, 1104 x 368, 8-bit/color RGBA, non-interlaced

Ovix.dll

4f6f933a8e1dffce9ff8077cb41aa270

PE32+ executable (DLL) (console) x86-64, for MS Windows, 12 sections

Chinese.json

d1280306f87ed29eda8258091cbc79ab

JSON text data

English.json

eb12eb684344c0bfbc813c1225aebfef

JSON text data

OvixGTALauncher.exe

a58fac58a3ba52b880e7db6d67f31cd8

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

README.txt

68778fb62e2e3559f23f2ec68978d2b4

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 34/66

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

dash.ovix.one/gta/OvixBundle.zip

104.21.77.191

200 OK

7.5 MB

URL User Request GET HTTP/2
dash.ovix.one/gta/OvixBundle.zip
IP
104.21.77.191:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectovix.one
Fingerprint85:5B:E9:7D:31:1B:D6:58:38:7D:57:08:D4:1B:27:A4:E2:57:A8:F7
ValidityFri, 26 Apr 2024 18:47:34 GMT - Thu, 25 Jul 2024 18:47:33 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
7.5 MB (7521088 bytes)
Hash
7be06b8a4bd08140c4f03e014c0dc506
ee6dfdd34ef7744701ee89339ee2e01465e1f00c
45f25202eaaa8134c13cb2a137a0303ea5e79feb849f0a3fbce9589288671ae6

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 34/66

HTTP Headers

GET /gta/OvixBundle.zip HTTP/1.1
Host: dash.ovix.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 29 Apr 2024 11:55:11 GMT
content-type: application/zip
content-length: 7521088
etag: "72c340-66202126-605356;;;"
last-modified: Wed, 17 Apr 2024 19:21:10 GMT
alt-svc: h3=":443"; ma=86400
cache-control: max-age=300
cf-cache-status: HIT
age: 2628
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0z0JqdEFMJqOtjJFhj4eMK1Paq0V0uWPei2hz3pKZASNoa9Xl7ykXdwIOCKND0SvIkfQ8hkCCYdnGAVw6jcDLAL0%2FBr6t0PU7QWqPy8t5rwxd%2BbV6f9DKJsNXrEwENx2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87bf1a05cacdb4f7-OSL
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (7)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers