{"report_id":"953ae98e-226a-4182-8b4b-3e648998cead","version":6,"status":"done","tags":[],"date":"2024-08-06T05:30:04Z","url":{"schema":"http","addr":"brakesquirrel.website/pe/output/setup_2950497.exe","fqdn":"brakesquirrel.website","domain":"brakesquirrel.website","tld":"website"},"ip":{"addr":"172.67.170.101","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T06:06:12Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":0,"request_count":6,"received_data":5327,"sent_data":1962,"comment":"","tags":null,"fingerprints":null},{"fqdn":"brakesquirrel.website","ip":{"addr":"104.21.28.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"","domain_rank":0,"first_seen":"","last_seen":"","alert_count":1,"request_count":1,"received_data":11392007,"sent_data":503,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"65c9ba6050e29df5a76611c1415bedc5","sha1":"03674e48bd8f591c75b995ee1702d413cb72adaf","sha256":"b154ea30d3a02ddd7601589f6ed4cad6240a3ee50ee4b6fdca3c63d2c8f90e15","sha512":"e4a46c5e59844339c9c49b51270f28f79cd177696e8eacfa2b147d3b5c4981be4ea276a5533b29f6c12039df25e054e8159058493c1e1ded7d72017e4f984c78","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections","size":11391283,"url":{"schema":"https","addr":"brakesquirrel.website/pe/output/setup_2950497.exe","fqdn":"brakesquirrel.website","domain":"brakesquirrel.website","tld":"website"},"ip":{"addr":"104.21.28.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-08-06","alert":"Detect files is `SliverFox` malware","trigger":"brakesquirrel.website/pe/output/setup_2950497.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"huoji","date":"2023-12-25","description":"Detect files is `SliverFox` malware","rule":"Detect_SliverFox_String","yarahub_license":"CC0 1.0","yarahub_reference_md5":"CDD9564A48975F25E846BD3DD3B958EF","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"e4cc5dd0-c314-41c0-8bcf-abb5b6b228fa"}}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-08-06","alert":"Detect files is `SliverFox` malware","trigger":"brakesquirrel.website/pe/output/setup_2950497.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"huoji","date":"2023-12-25","description":"Detect files is `SliverFox` malware","rule":"Detect_SliverFox_String","yarahub_license":"CC0 1.0","yarahub_reference_md5":"CDD9564A48975F25E846BD3DD3B958EF","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"e4cc5dd0-c314-41c0-8bcf-abb5b6b228fa"}}]},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-06T05:29:37.079537267Z","timestamp":1722922177079,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"CC1E53796EC8C93A6A4CF66399A32249A405BD6EC1BD7399D5926C11657868A9\"\r\nLast-Modified: Sat, 03 Aug 2024 18:56:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13169\r\nExpires: Tue, 06 Aug 2024 09:09:06 GMT\r\nDate: Tue, 06 Aug 2024 05:29:37 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"aadf4023fd478bb51576a5f2358b225e","sha1":"a9d7b5d1e6a9d4f3fd800815a784607563dae142","sha256":"cc1e53796ec8c93a6a4cf66399a32249a405bd6ec1bd7399d5926c11657868a9","sha512":"8dfbc7de239c4e2eef8c691d434ef3a152c88d99df55e74781102c7de2ddeaa334800f2a2d7883e6b05d60eefe6a4fd9b670f7f51e44273aa9e9068f770d726a","ssdeep":"","tlshash":"97f0055d32d63b04ab71551d19e8e6162dadadb93415557032480bf17418ff8115880c","first_seen":"2024-08-04T01:53:29Z","last_seen":"2024-08-21T14:31:29.01118Z","times_seen":25384,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-06T05:29:37.085069057Z","timestamp":1722922177085,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"6D567507B5502A9E553E77B519B679E83B3A8A01896731CEC08BD1DA0699B379\"\r\nLast-Modified: Sat, 03 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6410\r\nExpires: Tue, 06 Aug 2024 07:16:27 GMT\r\nDate: Tue, 06 Aug 2024 05:29:37 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"084406a853d82fa208410ee4bc78b67c","sha1":"1c6276ec2e9a0fa10937dc34d821a64633c7d16a","sha256":"6d567507b5502a9e553e77b519b679e83b3a8a01896731cec08bd1da0699b379","sha512":"ec148540d6f7485ec2c7ee7849c3231a24ade8ff5391eda7f8b6fc229e7db09ff7219b9f10453110959f9422d1ac808ff945fa1f2072d26bc1ff9f88dd9bd7a3","ssdeep":"","tlshash":"8bf0051b266af424575511437decfe162601fafa78b526e13ba402f1145479c19d4c0c","first_seen":"2024-08-04T02:27:20Z","last_seen":"2024-08-21T14:31:29.011788Z","times_seen":24116,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-06T05:29:37.344162407Z","timestamp":1722922177344,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"6C62566757F05A770360606B6260CC4ED7F8F88D45EE495B3091776E11166FD5\"\r\nLast-Modified: Sat, 03 Aug 2024 18:26:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13134\r\nExpires: Tue, 06 Aug 2024 09:08:31 GMT\r\nDate: Tue, 06 Aug 2024 05:29:37 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c303859305dd6c542987eab859bf7ff6","sha1":"d5ad24e8d4d45da1f0ade79f0c059547a6ddc4cb","sha256":"6c62566757f05a770360606b6260cc4ed7f8f88d45ee495b3091776e11166fd5","sha512":"a16b33ffcc9aa32741d63b2287e0ec5e47771c46708147af1ef5fe170444e79355782cfc149ef0dcc7f19dc4d22b0591a66c29fb79200717703885ee39d12a83","ssdeep":"","tlshash":"1df00e360bdab601e37103216bfdea5b6e24fcfa290069f9158046936945be1d4c184c","first_seen":"2024-08-04T11:04:47Z","last_seen":"2024-08-21T14:31:29.013306Z","times_seen":14052,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-06T05:29:37.506684566Z","timestamp":1722922177506,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"D059EEDA67B64DD02259F5A9352DF39CC808E3F9E03068A434E0F6486814893D\"\r\nLast-Modified: Sat, 03 Aug 2024 18:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12439\r\nExpires: Tue, 06 Aug 2024 08:56:56 GMT\r\nDate: Tue, 06 Aug 2024 05:29:37 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"3653abf0951eea060f104ae59d60cf7c","sha1":"75790e8c59cb78c77ab522e7dc7140b62a046bb9","sha256":"d059eeda67b64dd02259f5a9352df39cc808e3f9e03068a434e0f6486814893d","sha512":"606dd92b87628d9b5bffe03d99d23fdb00abdcb0b097d19cff5c40bb8f3bfaf0e3accc6975ca546eb38c992ed1469d6254372fd8745e6e70455ff68b9ee54012","ssdeep":"","tlshash":"99f0053e0676b944636935051de5e0196d00fffe389551d610b8c1d174247eed3f548c","first_seen":"2024-08-04T01:45:18Z","last_seen":"2024-08-21T14:31:29.013823Z","times_seen":29425,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-06T05:29:39.560764023Z","timestamp":1722922179560,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"B8A162CBF6A846CCD9BD65A8744C313D48C66700352346C24777BDC1C2358726\"\r\nLast-Modified: Sat, 03 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13730\r\nExpires: Tue, 06 Aug 2024 09:18:29 GMT\r\nDate: Tue, 06 Aug 2024 05:29:39 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"78be19d93b8add0d8f3c63b67e490038","sha1":"2ed9c5d656a70a78ced84cd8fedbf0dcceb35bd6","sha256":"b8a162cbf6a846ccd9bd65a8744c313d48c66700352346c24777bdc1c2358726","sha512":"4161ae8436e393ed31f7f2da4a4e66d8dd3e537e150fbf814b29737c80616000c69755b6c1e7293c30c900c15f28dd1cee33edc007307161d19e6c5bef6a759b","ssdeep":"","tlshash":"7ff0051f13b3fc52e35540193d6cd15755647dbf781705b036e0c2d22813f9c519850c","first_seen":"2024-08-04T05:41:50Z","last_seen":"2024-08-21T14:31:29.014366Z","times_seen":27770,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-08-06T05:29:39.562077947Z","timestamp":1722922179562,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"B8A162CBF6A846CCD9BD65A8744C313D48C66700352346C24777BDC1C2358726\"\r\nLast-Modified: Sat, 03 Aug 2024 18:58:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=13730\r\nExpires: Tue, 06 Aug 2024 09:18:29 GMT\r\nDate: Tue, 06 Aug 2024 05:29:39 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"78be19d93b8add0d8f3c63b67e490038","sha1":"2ed9c5d656a70a78ced84cd8fedbf0dcceb35bd6","sha256":"b8a162cbf6a846ccd9bd65a8744c313d48c66700352346c24777bdc1c2358726","sha512":"4161ae8436e393ed31f7f2da4a4e66d8dd3e537e150fbf814b29737c80616000c69755b6c1e7293c30c900c15f28dd1cee33edc007307161d19e6c5bef6a759b","ssdeep":"","tlshash":"7ff0051f13b3fc52e35540193d6cd15755647dbf781705b036e0c2d22813f9c519850c","first_seen":"2024-08-04T05:41:50Z","last_seen":"2024-08-21T14:31:29.014366Z","times_seen":27770,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brakesquirrel.website/pe/output/setup_2950497.exe","fqdn":"brakesquirrel.website","domain":"brakesquirrel.website","tld":"website"},"ip":{"addr":"104.21.28.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-08-06T05:29:37.641Z","timestamp":1722922177641,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"brakesquirrel.website","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Aug 2024 05:47:23 GMT","end":"Wed, 30 Oct 2024 05:47:22 GMT"},"fingerprint":{"sha1":"97:83:05:56:22:B0:13:A8:6F:E5:15:6D:D3:F6:14:38:9E:D9:1D:FE","sha256":"D9:E1:FF:E9:DE:EB:1A:BC:DF:68:FA:D6:5E:8A:4F:38:37:9B:8C:F3:7D:5F:E6:B1:DA:68:FB:20:03:72:69:64"}}},"request":{"raw":"GET /pe/output/setup_2950497.exe HTTP/1.1\r\nHost: brakesquirrel.website\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Aug 2024 05:29:38 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 11391283\r\nlast-modified: Tue, 06 Aug 2024 05:11:48 GMT\r\netag: \"d7cad223bfe7da1:0\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=cRc1b%2BC96cKg09nTp%2FQiNp45JOBySWqPyyoKJ2PXbLLWhTHCJ6CgqicuVhswCQTobIzKqETHr1VnPX6mXjlZxshCln86F3gQADzSfdWF%2FB4Iq7%2B1iYhGXWqAvAR6hz605zw9Gdvflx8%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8aeca15a787cb51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11391283,"size_decoded":11391283,"mime_type":"application/octet-stream","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections","md5":"65c9ba6050e29df5a76611c1415bedc5","sha1":"03674e48bd8f591c75b995ee1702d413cb72adaf","sha256":"b154ea30d3a02ddd7601589f6ed4cad6240a3ee50ee4b6fdca3c63d2c8f90e15","sha512":"e4a46c5e59844339c9c49b51270f28f79cd177696e8eacfa2b147d3b5c4981be4ea276a5533b29f6c12039df25e054e8159058493c1e1ded7d72017e4f984c78","ssdeep":"196608:ATfxehbBCVvbTXI9H3GrV30ovtIxdJ/Iujf5ADqtHRfBQXbJ11Xhpb9PhhX:4f4MZ3YlW55YKujRftxfBQXl11X39X","tlshash":"f2b633e8bfc75497e022d3f3d054d70d9de5b180d908ba9b76b87721c2275f4da22688","first_seen":"2024-08-19T14:26:17.10433Z","last_seen":"2024-08-19T14:26:17.10433Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3754,"timings":{"blocked":27,"dns":2,"connect":1,"send":0,"wait":659,"receive":3040,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-08-06","alert":"Detect files is `SliverFox` malware","trigger":"brakesquirrel.website/pe/output/setup_2950497.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"huoji","date":"2023-12-25","description":"Detect files is `SliverFox` malware","rule":"Detect_SliverFox_String","yarahub_license":"CC0 1.0","yarahub_reference_md5":"CDD9564A48975F25E846BD3DD3B958EF","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"e4cc5dd0-c314-41c0-8bcf-abb5b6b228fa"}}],"urlquery":null}}]}