{"report_id":"db6da22e-7f51-4058-b9d0-8fc04ef0304c","version":6,"status":"done","tags":[],"date":"2024-06-12T12:45:55Z","url":{"schema":"http","addr":"dl.luochenzhimu.com/software/Thunder/ThunderVIP/ThunderVIP_3.2.1.498.zip","fqdn":"dl.luochenzhimu.com","domain":"luochenzhimu.com","tld":"com"},"ip":{"addr":"113.194.51.118","port":0,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T13:39:36Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"dl.luochenzhimu.com","ip":{"addr":"111.123.250.55","port":0,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":3,"received_data":30255878,"sent_data":1146,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.trust-provider.cn","ip":{"addr":"150.139.140.74","port":0,"asn":136195,"as":"Qingdao, Shandong Province, P.R.China.","country":"China","country_code":"CN"},"domain_registered":"2015-04-09","domain_rank":0,"first_seen":"2022-02-10 09:18:30","last_seen":"2024-06-11 14:20:55","alert_count":0,"request_count":3,"received_data":4363,"sent_data":1002,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"4f29205cb52a882cc385abd99ba6fd9d","sha1":"86c48de799ed40d8ace7c4d3e90836a675cf56e1","sha256":"62088d26bc2ec85310afe1e422e622fd4213ca4d7ca58fe0159fc9838f94e93a","sha512":"046f43c8165051a3170a08ec861aa8c7f1a5187a0a69dd5dd7d3ea67f3775d9bd0dca9db622eed398bdd5d0d7c03e5bc84c886bc3d754d815cecf3ea3d94f8fb","magic":"Zip archive data, at least v1.0 to extract, compression method=store","size":30253219,"url":{"schema":"https","addr":"dl.luochenzhimu.com/software/Thunder/ThunderVIP/ThunderVIP_3.2.1.498.zip","fqdn":"dl.luochenzhimu.com","domain":"luochenzhimu.com","tld":"com"},"ip":{"addr":"61.170.88.242","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-06-12","alert":"Scan result 35/65","trigger":"62088d26bc2ec85310afe1e422e622fd4213ca4d7ca58fe0159fc9838f94e93a","verdict":"malicious","severity":"","comment":"malicious - 35/65","link":"https://www.virustotal.com/gui/file/62088d26bc2ec85310afe1e422e622fd4213ca4d7ca58fe0159fc9838f94e93a","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"dl.luochenzhimu.com/","fqdn":"dl.luochenzhimu.com","domain":"luochenzhimu.com","tld":"com"},"ip":{"addr":"111.123.250.55","port":0,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-12T12:45:34.249562427Z","timestamp":1718196334249,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: dl.luochenzhimu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 302 Found\r\nLocation: https://dl.luochenzhimu.com/\r\nContent-Length: 0\r\nX-NWS-LOG-UUID: 12049979189534428864\r\nConnection: keep-alive\r\nServer: SLT\r\nDate: Wed, 12 Jun 2024 12:45:34 GMT\r\nX-Cache-Lookup: Return Directly\r\nX-Accel-Limit-Rate: 2000000\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T11:47:06.182466Z","times_seen":13373545,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.trust-provider.cn/","fqdn":"ocsp.trust-provider.cn","domain":"trust-provider.cn","tld":"cn"},"ip":{"addr":"150.139.140.74","port":0,"asn":136195,"as":"Qingdao, Shandong Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-12T12:45:34.420250584Z","timestamp":1718196334420,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.trust-provider.cn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: volc-dcdn\r\nContent-Type: application/ocsp-response\r\nContent-Length: 599\r\nConnection: keep-alive\r\ndate: Wed, 12 Jun 2024 12:45:34 GMT\r\nctl-cache-status: HIT from hk-xianggang4-ca01, HIT from fj-quanzhou7-ca01, MISS from he-handan1-ca03\r\nrequest-id: 50626669986ddb94d54f3bca399c525d\r\netag: \"014a53d834a890f69b9449bee6934d11db918b60\"\r\nage: 2\r\nexpires: Tue, 18 Jun 2024 17:01:25 GMT\r\nlast-modified: Tue, 11 Jun 2024 17:01:26 GMT\r\ncache-control: max-age=3600\r\ncf-ray: 89255b943f95211d-HKG\r\nx-ccacdn-proxy-id: scdpinlb6\r\nx-frame-options: SAMEORIGIN\r\ncf-cache-status: EXPIRED\r\naccept-ranges: bytes\r\nvia: n150-139-140-069.bdcdn-qdct.ToB\r\nx-request-ip: 91.90.42.154\r\nx-tt-trace-tag: id=5\r\nx-dsa-trace-id: 17181963339a0abc29fc905afcf7814a8d367a6a34\r\nX-Dsa-Origin-Status: 200\r\nserver-timing: cdn-cache;desc=MISS, origin;dur=536, edge;dur=0\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":599,"size_decoded":599,"mime_type":"application/octet-stream","magic":"data","md5":"130603084cc3ba41eedb8f0b7a24a74b","sha1":"014a53d834a890f69b9449bee6934d11db918b60","sha256":"dd26d58565ebbbc963c21d26baf27f1bb2ac6e90bb572108a2618131fd3491e0","sha512":"2d619415d6192630a924775863667e718849b6e54e4ecc0066f75c944fe1ef7cdd50f26b8342debe7a4c0aff076e248889475aafbb549524973e92233f043e1b","ssdeep":"","tlshash":"c1f00c8a6aa72008071b8a6082a16f6a38c440f2a86210913d3937cb30d0f2ecb60950","first_seen":"2024-08-19T20:12:38.416223Z","last_seen":"2024-08-19T20:12:38.416223Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.trust-provider.cn/","fqdn":"ocsp.trust-provider.cn","domain":"trust-provider.cn","tld":"cn"},"ip":{"addr":"117.27.246.196","port":0,"asn":133774,"as":"Fuzhou","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-12T12:45:34.467638447Z","timestamp":1718196334467,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.trust-provider.cn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: volc-dcdn\r\nContent-Type: application/ocsp-response\r\nContent-Length: 599\r\nConnection: keep-alive\r\nctl-cache-status: HIT from hk-xianggang4-ca01, HIT from fj-quanzhou7-ca01, MISS from js-nanjing1-ca35\r\naccept-ranges: bytes\r\ncf-ray: 89255b943f95211d-HKG\r\nage: 1\r\ncf-cache-status: EXPIRED\r\ndate: Wed, 12 Jun 2024 12:45:34 GMT\r\nlast-modified: Tue, 11 Jun 2024 17:01:26 GMT\r\nrequest-id: 98e16669986e3da089a5793f4ba9d291\r\ncache-control: max-age=3600\r\nx-ccacdn-proxy-id: scdpinlb6\r\nx-frame-options: SAMEORIGIN\r\nexpires: Tue, 18 Jun 2024 17:01:25 GMT\r\netag: \"014a53d834a890f69b9449bee6934d11db918b60\"\r\nvia: n172-013-215.fzmp.ToB\r\nx-request-ip: 91.90.42.154\r\nx-tt-trace-tag: id=5\r\nx-dsa-trace-id: 1718196334da7c0efb784002128f77562a301a8d36\r\nX-Dsa-Origin-Status: 200\r\nserver-timing: cdn-cache;desc=MISS, origin;dur=93, edge;dur=0\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":599,"size_decoded":599,"mime_type":"application/octet-stream","magic":"data","md5":"130603084cc3ba41eedb8f0b7a24a74b","sha1":"014a53d834a890f69b9449bee6934d11db918b60","sha256":"dd26d58565ebbbc963c21d26baf27f1bb2ac6e90bb572108a2618131fd3491e0","sha512":"2d619415d6192630a924775863667e718849b6e54e4ecc0066f75c944fe1ef7cdd50f26b8342debe7a4c0aff076e248889475aafbb549524973e92233f043e1b","ssdeep":"","tlshash":"c1f00c8a6aa72008071b8a6082a16f6a38c440f2a86210913d3937cb30d0f2ecb60950","first_seen":"2024-08-19T20:12:38.416223Z","last_seen":"2024-08-19T20:12:38.416223Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.trust-provider.cn/","fqdn":"ocsp.trust-provider.cn","domain":"trust-provider.cn","tld":"cn"},"ip":{"addr":"150.139.140.74","port":0,"asn":136195,"as":"Qingdao, Shandong Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-12T12:45:35.683546077Z","timestamp":1718196335683,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.trust-provider.cn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: volc-dcdn\r\nContent-Type: application/ocsp-response\r\nContent-Length: 599\r\nConnection: keep-alive\r\nDate: Wed, 12 Jun 2024 12:45:35 GMT\r\nLast-Modified: Tue, 11 Jun 2024 17:01:26 GMT\r\nExpires: Tue, 18 Jun 2024 17:01:25 GMT\r\nEtag: \"014a53d834a890f69b9449bee6934d11db918b60\"\r\nCache-Control: max-age=3600\r\nX-CCACDN-Proxy-ID: scdpinlb6\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nCF-RAY: 8929f0573b8c860a-HKG\r\nAge: 0\r\nCtl-Cache-Status: MISS from hk-xianggang4-ca01, MISS from fj-quanzhou7-ca52, MISS from zj-shaoxing1-ca15, MISS from zj-shaoxing1-ca16\r\nRequest-Id: 5e026669986fb7833182d18fcf66ee10\r\nvia: n150-139-140-069.bdcdn-qdct.ToB\r\nx-request-ip: 91.90.42.154\r\nx-tt-trace-tag: id=5\r\nx-dsa-trace-id: 171819633551f0dfffcb3fc0d0d41c3309b52cbd10\r\nX-Dsa-Origin-Status: 200\r\nserver-timing: cdn-cache;desc=MISS, origin;dur=356, edge;dur=0\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":599,"size_decoded":599,"mime_type":"application/octet-stream","magic":"data","md5":"130603084cc3ba41eedb8f0b7a24a74b","sha1":"014a53d834a890f69b9449bee6934d11db918b60","sha256":"dd26d58565ebbbc963c21d26baf27f1bb2ac6e90bb572108a2618131fd3491e0","sha512":"2d619415d6192630a924775863667e718849b6e54e4ecc0066f75c944fe1ef7cdd50f26b8342debe7a4c0aff076e248889475aafbb549524973e92233f043e1b","ssdeep":"","tlshash":"c1f00c8a6aa72008071b8a6082a16f6a38c440f2a86210913d3937cb30d0f2ecb60950","first_seen":"2024-08-19T20:12:38.416223Z","last_seen":"2024-08-19T20:12:38.416223Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dl.luochenzhimu.com/","fqdn":"dl.luochenzhimu.com","domain":"luochenzhimu.com","tld":"com"},"ip":{"addr":"42.202.170.9","port":0,"asn":134762,"as":"CHINANET Liaoning province Dalian MAN network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-12T12:45:36.288876301Z","timestamp":1718196336288,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: dl.luochenzhimu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ndate: Wed, 12 Jun 2024 12:45:36 GMT\r\netag: \"3c0dfb87ffdc8b074a93427e189c50e8\"\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 13356948060297308076\r\nx-cos-request-id: NjY2OTk4NmZfNzhjZDMwMGJfMjc3NWRfNDdlYWYxNg==\r\nx-cache-lookup: Cache Miss, Hit From Inner Cluster, Cache Miss\r\nlast-modified: Sat, 26 Nov 2022 22:35:11 GMT\r\ncontent-length: 1424\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10558691675492745934\r\nx-accel-limit-rate: 2000000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1424,"size_decoded":1424,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3c0dfb87ffdc8b074a93427e189c50e8","sha1":"9af20a00420ed4a4a7102c57df0b090ff62d2a1f","sha256":"c0887934cb4589e4214ea77624b783df80a9036b12b7af36a43b2383d625a2d7","sha512":"cbb39f92ac00f606808f0fc8ba0c023be933aeff27260ff490a8cb02bcae86b38c8572120ff4ee505487096b7153b277b53cc23b25a0bbedfd3e1a0ed982397b","ssdeep":"","tlshash":"db21f173b8808d612133a68b13b1b24bc62352099ffba587b19e05373b63761bd870c0","first_seen":"2024-06-04T18:47:55Z","last_seen":"2024-08-19T20:48:05.706493Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dl.luochenzhimu.com/software/Thunder/ThunderVIP/ThunderVIP_3.2.1.498.zip","fqdn":"dl.luochenzhimu.com","domain":"luochenzhimu.com","tld":"com"},"ip":{"addr":"61.170.88.242","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-12T12:45:30.674Z","timestamp":1718196330674,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"dl.luochenzhimu.com","organization":""},"issuer":{"commonName":"TrustAsia RSA DV TLS CA G2","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 23 Jun 2023 00:00:00 GMT","end":"Sat, 22 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"6C:CD:4B:1A:DC:B0:54:A9:F9:81:C6:75:89:21:79:5B:AB:A0:AE:90","sha256":"00:3E:F4:3E:A2:02:55:32:8D:68:E3:3C:6D:3D:EB:F6:A7:CF:61:6B:F3:02:76:B6:3C:2B:A6:68:25:AD:D9:33"}}},"request":{"raw":"GET /software/Thunder/ThunderVIP/ThunderVIP_3.2.1.498.zip HTTP/1.1\r\nHost: dl.luochenzhimu.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"6aee3a56c548b7a5fe33934bc50f7601-4\"\r\ncontent-type: application/zip\r\ndate: Tue, 11 Jun 2024 23:58:03 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 139742596469745012\r\nx-cos-request-id: NjY2OGU0OGFfZDEyNjg0MGFfNDViM18yNGIzMTUz\r\nx-cache-lookup: Cache Hit, Hit From Inner Cluster, Cache Miss\r\nlast-modified: Sat, 29 Dec 2018 23:06:35 GMT\r\ncontent-length: 30253219\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9443359255891486128\r\nx-accel-limit-rate: 2000000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30253219,"size_decoded":30253219,"mime_type":"application/zip","magic":"Zip archive data, at least v1.0 to extract, compression method=store","md5":"4f29205cb52a882cc385abd99ba6fd9d","sha1":"86c48de799ed40d8ace7c4d3e90836a675cf56e1","sha256":"62088d26bc2ec85310afe1e422e622fd4213ca4d7ca58fe0159fc9838f94e93a","sha512":"046f43c8165051a3170a08ec861aa8c7f1a5187a0a69dd5dd7d3ea67f3775d9bd0dca9db622eed398bdd5d0d7c03e5bc84c886bc3d754d815cecf3ea3d94f8fb","ssdeep":"786432:C6QfbA8fBJy3naHOVeAHomC8VyRTMyVaeIgz3eECj4:C6vgU3N/07VYgz3eEm4","tlshash":"856733c6be2323896750731ec4733e9610a3bb08d9d816716c2b32f17162a973677d6b","first_seen":"2024-06-04T18:47:55Z","last_seen":"2024-08-19T20:48:05.707193Z","times_seen":3,"resource_available":false,"data":null}},"time_used":12855,"timings":{"blocked":2951,"dns":1439,"connect":252,"send":0,"wait":272,"receive":6679,"ssl":1259},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-06-12","alert":"Scan result 35/65","trigger":"62088d26bc2ec85310afe1e422e622fd4213ca4d7ca58fe0159fc9838f94e93a","verdict":"malicious","severity":"","comment":"malicious - 35/65","link":"https://www.virustotal.com/gui/file/62088d26bc2ec85310afe1e422e622fd4213ca4d7ca58fe0159fc9838f94e93a","meta":null}],"urlquery":null}}]}