{"report_id":"dc680672-4dec-4cd6-973e-97ff9c101d65","version":6,"status":"done","tags":[],"date":"2025-05-11T15:20:16Z","url":{"schema":"http","addr":"updates.frazer.com/FrazerClient/Install_Frazer_Client.exe","fqdn":"updates.frazer.com","domain":"frazer.com","tld":"com"},"ip":{"addr":"3.167.2.67","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-20T15:20:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"updates.frazer.com","ip":{"addr":"3.167.2.122","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"1995-07-27","domain_rank":0,"first_seen":"2020-11-03T10:01:56Z","last_seen":"2025-04-27T16:16:20.448338Z","alert_count":1,"request_count":1,"received_data":625041,"sent_data":525,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"e4797d9f18528c8e27f172b1aa0410a5","sha1":"2bff525d283733914ce2fdab05e6b557ad6693fe","sha256":"76b564224855cd7a58037013b3e0d1cc139f9c479d2fc6ef79b1b077720bf2b1","sha512":"58a422e4e61fb04ce272b666f9e77d84a51a71a16c4d90989310fe3d3e951d122697e31c5fb43d675d9d4a2bc470cf2b47197cf0cb3cff3540bb94ae0aee41a8","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections","size":624512,"url":{"schema":"https","addr":"updates.frazer.com/FrazerClient/Install_Frazer_Client.exe","fqdn":"updates.frazer.com","domain":"frazer.com","tld":"com"},"ip":{"addr":"3.167.2.122","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2019-12-22","alert":"Scan result 1/72","trigger":"76b564224855cd7a58037013b3e0d1cc139f9c479d2fc6ef79b1b077720bf2b1","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/76b564224855cd7a58037013b3e0d1cc139f9c479d2fc6ef79b1b077720bf2b1","meta":null}]}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"e4797d9f18528c8e27f172b1aa0410a5","sha1":"2bff525d283733914ce2fdab05e6b557ad6693fe","sha256":"76b564224855cd7a58037013b3e0d1cc139f9c479d2fc6ef79b1b077720bf2b1","sha512":"58a422e4e61fb04ce272b666f9e77d84a51a71a16c4d90989310fe3d3e951d122697e31c5fb43d675d9d4a2bc470cf2b47197cf0cb3cff3540bb94ae0aee41a8","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections","size":624512,"url":{"schema":"https","addr":"updates.frazer.com/FrazerClient/Install_Frazer_Client.exe","fqdn":"updates.frazer.com","domain":"frazer.com","tld":"com"},"ip":{"addr":"3.167.2.122","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2019-12-22","alert":"Scan result 1/72","trigger":"76b564224855cd7a58037013b3e0d1cc139f9c479d2fc6ef79b1b077720bf2b1","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/76b564224855cd7a58037013b3e0d1cc139f9c479d2fc6ef79b1b077720bf2b1","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"updates.frazer.com/FrazerClient/Install_Frazer_Client.exe","fqdn":"updates.frazer.com","domain":"frazer.com","tld":"com"},"ip":{"addr":"3.167.2.122","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-11T15:19:44.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"updates.frazer.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Mon, 01 Jul 2024 00:00:00 GMT","end":"Tue, 29 Jul 2025 23:59:59 GMT"},"fingerprint":{"sha1":"9C:D8:71:D2:01:60:EC:29:57:EA:F8:FC:9E:3B:71:37:88:53:2C:A9","sha256":"1D:88:31:8B:0C:FE:F8:A1:F8:D2:57:1F:E0:AC:2D:2B:3D:99:1E:59:7A:DF:82:B4:09:D8:B0:0D:C7:6D:61:9E"}}},"request":{"raw":"GET /FrazerClient/Install_Frazer_Client.exe HTTP/1.1\r\nHost: updates.frazer.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/octet-stream\r\nContent-Length: 624512\r\nConnection: keep-alive\r\nDate: Sun, 11 May 2025 15:19:32 GMT\r\nLast-Modified: Thu, 14 Apr 2022 16:47:12 GMT\r\nETag: \"e4797d9f18528c8e27f172b1aa0410a5\"\r\nx-amz-version-id: qMOEv3cpnPQCQap8cLH9OZrJbZWWGp7i\r\nAccept-Ranges: bytes\r\nServer: AmazonS3\r\nX-Cache: Hit from cloudfront\r\nVia: 1.1 0bc6ea800eda1e813056323cb53f8c70.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-P2\r\nX-Amz-Cf-Id: O_8t6GAXRZVtwcy__kKKHhiBXXT_6tGEn0fgThmwrvbx1L6hMQTY0w==\r\nAge: 14\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":624512,"size_decoded":0,"mime_type":"application/octet-stream","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections","md5":"e4797d9f18528c8e27f172b1aa0410a5","sha1":"2bff525d283733914ce2fdab05e6b557ad6693fe","sha256":"76b564224855cd7a58037013b3e0d1cc139f9c479d2fc6ef79b1b077720bf2b1","sha512":"58a422e4e61fb04ce272b666f9e77d84a51a71a16c4d90989310fe3d3e951d122697e31c5fb43d675d9d4a2bc470cf2b47197cf0cb3cff3540bb94ae0aee41a8","ssdeep":"12288:tHPHwWc2mIeDebF85I99zkfilNr3nCryDnM5GomB11SHioIbjucgjj0VbC:tHoaeS8ILgfq9XCroM5tQ1MvoycgHgbC","tlshash":"03d423aacd096e58e717ca719ba99d91c42670c781b509dd3eec4d231f33ad28c4b0ec","first_seen":"2023-09-07T06:12:49Z","last_seen":"2025-05-11T15:20:18.355199Z","times_seen":23,"resource_available":false,"data":null}},"time_used":902,"timings":{"blocked":426,"dns":72,"connect":1,"send":0,"wait":24,"receive":38,"ssl":336},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2019-12-22","alert":"Scan result 1/72","trigger":"76b564224855cd7a58037013b3e0d1cc139f9c479d2fc6ef79b1b077720bf2b1","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/76b564224855cd7a58037013b3e0d1cc139f9c479d2fc6ef79b1b077720bf2b1","meta":null}],"urlquery":null}}]}