{"report_id":"9e56794a-96ab-44d3-87f7-3ffd061b459d","version":6,"status":"done","tags":[],"date":"2023-12-25T11:57:04Z","url":{"schema":"http","addr":"cdn.files.community/files/download/Files.Stable.exe","fqdn":"cdn.files.community","domain":"files.community","tld":"community"},"ip":{"addr":"188.114.97.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T06:39:34Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"cdn.files.community","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2021-07-04","domain_rank":0,"first_seen":"2022-09-24 14:55:21","last_seen":"2023-11-18 04:21:04","alert_count":1,"request_count":1,"received_data":19939337,"sent_data":517,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"c58aaf2f62c828604225659e45f2d2cf","sha1":"df38b7ff3963430807597bef32668cef8d0190bc","sha256":"496787d4851f01f12db3bdc8a2995ebf5654bd9fbf20a075c1dc7f1bdb35a584","sha512":"2e43c4fa2b3cce9739ca441f82c5f63d35d425652f19e325e4f6cd2110d5ffcd56dbd2dd5133ac4ccaf7bd7592b51db2474975e59a4c7d110ccb35e8cc3bfeb7","magic":"PE32 executable (GUI) Intel 80386, for MS Windows","size":19938432,"url":{"schema":"https","addr":"cdn.files.community/files/download/Files.Stable.exe","fqdn":"cdn.files.community","domain":"files.community","tld":"community"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-12-22","alert":"Scan result 1/68","trigger":"496787d4851f01f12db3bdc8a2995ebf5654bd9fbf20a075c1dc7f1bdb35a584","verdict":"suspicious","severity":"","comment":"suspicious - 1/68","link":"https://www.virustotal.com/gui/file/496787d4851f01f12db3bdc8a2995ebf5654bd9fbf20a075c1dc7f1bdb35a584","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdn.files.community/files/download/Files.Stable.exe","fqdn":"cdn.files.community","domain":"files.community","tld":"community"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-25T11:52:10.813Z","timestamp":1703505130813,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"files.community","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Tue, 21 Nov 2023 19:32:37 GMT","end":"Mon, 19 Feb 2024 19:32:36 GMT"},"fingerprint":{"sha1":"AF:10:9D:81:69:AB:3F:52:FA:2B:05:B3:F8:A1:91:31:92:B7:28:5B","sha256":"3B:03:9D:C4:BA:51:E3:CB:AB:AF:53:B1:BD:5E:F3:E6:B2:51:5E:C6:5D:C5:69:80:8B:FB:E0:11:F5:CC:C8:63"}}},"request":{"raw":"GET /files/download/Files.Stable.exe HTTP/1.1\r\nHost: cdn.files.community\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 Dec 2023 11:56:36 GMT\r\ncontent-type: application/x-msdownload\r\ncontent-length: 19938432\r\ncache-control: max-age=259200\r\ncontent-md5: xYqvL2LIKGBCJWWeRfLSzw==\r\nlast-modified: Mon, 28 Aug 2023 22:26:06 GMT\r\netag: 0x8DBA815C5A0C513\r\nx-ms-request-id: 9b29bec8-301e-0011-43f9-31d1b3000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\ncf-cache-status: HIT\r\nage: 523608\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=JVroEJNEkZp5UZCaXyhiolUorVIPnu5ZpYBgxVhriLHitrosfecKf1%2Bycx8jDhUy6yyhVHst4Yz0MGFD%2FnJt8T8Z4O3ttFnei904di%2FobBowzB22zE3TcQj7L%2BhE8hs6lnXUayY2\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 83b0e6d7ce7a56a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19938432,"size_decoded":19938432,"mime_type":"application/x-msdownload","magic":"PE32 executable (GUI) Intel 80386, for MS Windows","md5":"c58aaf2f62c828604225659e45f2d2cf","sha1":"df38b7ff3963430807597bef32668cef8d0190bc","sha256":"496787d4851f01f12db3bdc8a2995ebf5654bd9fbf20a075c1dc7f1bdb35a584","sha512":"2e43c4fa2b3cce9739ca441f82c5f63d35d425652f19e325e4f6cd2110d5ffcd56dbd2dd5133ac4ccaf7bd7592b51db2474975e59a4c7d110ccb35e8cc3bfeb7","ssdeep":"393216:NOcphIuEvhw1sZhViEcSu2aqVnZYb0quxiyuQ8aDm63EJGlQsfUKjwUcItm2a:NnyvhwEhVm2aqpZe0quI3Qlm6MGlzfB+","tlshash":"e517339257ecafbdd28147321a84cc2d697f87420ed6c52773a14d637eba08bc617b12","first_seen":"2023-11-30T22:56:44Z","last_seen":"2024-08-21T06:42:30.027808Z","times_seen":12,"resource_available":false,"data":null}},"time_used":1653,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":9,"receive":1608,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-12-22","alert":"Scan result 1/68","trigger":"496787d4851f01f12db3bdc8a2995ebf5654bd9fbf20a075c1dc7f1bdb35a584","verdict":"suspicious","severity":"","comment":"suspicious - 1/68","link":"https://www.virustotal.com/gui/file/496787d4851f01f12db3bdc8a2995ebf5654bd9fbf20a075c1dc7f1bdb35a584","meta":null}],"urlquery":null}}]}