{"report_id":"de98b44f-dea5-412e-908a-6c4074e367cb","version":6,"status":"done","tags":[],"date":"2024-09-25T03:15:48Z","url":{"schema":"http","addr":"github.com/TeraTermProject/teraterm/releases/download/v5.3/teraterm-5.3.zip","fqdn":"github.com","domain":"github.com","tld":"com"},"ip":{"addr":"140.82.121.4","port":0,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-07T07:53:18Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"github.com","ip":{"addr":"140.82.121.4","port":443,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"domain_registered":"2007-10-09","domain_rank":1423,"first_seen":"2016-07-13 12:28:22","last_seen":"2024-09-24 03:29:21","alert_count":0,"request_count":1,"received_data":4342,"sent_data":529,"comment":"","tags":null,"fingerprints":null},{"fqdn":"objects.githubusercontent.com","ip":{"addr":"185.199.111.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2014-02-06","domain_rank":134060,"first_seen":"2021-11-01 22:34:29","last_seen":"2024-09-25 01:45:37","alert_count":1,"request_count":1,"received_data":14050573,"sent_data":959,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-09-25 01:59:40","alert_count":0,"request_count":1,"received_data":887,"sent_data":327,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"0a962a8007ef8d96abf5fcc6e037c444","sha1":"f49c341936880cccd126469392e5cc3d5c92b52b","sha256":"edda2af5f0f5f4bddfd75eceaf77c0f2252da70b8ba3b4fdfde9a67b2cc5e95a","sha512":"1f2838888465d391ff71d54908061e6db77734fb2e26bbf994bde0d9c5c185fef4c14e024f2976772341d8fad3c9795b7be966770abf637230916d35aec78fa7","magic":"Zip archive data, at least v2.0 to extract, compression method=store","size":14049776,"url":{"schema":"https","addr":"objects.githubusercontent.com/github-production-release-asset-2e65be/710363878/8f237aff-d9ae-4d6e-827c-ca693f797c86?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Credential=releaseassetproduction%2F20240925%2Fus-east-1%2Fs3%2Faws4_request\u0026X-Amz-Date=20240925T031517Z\u0026X-Amz-Expires=300\u0026X-Amz-Signature=819d17bd70bc6ecfc6fb9b8022951ac97ddcc4fd0cd9d4b6e79727b4e1cc62ea\u0026X-Amz-SignedHeaders=host\u0026response-content-disposition=attachment%3B%20filename%3Dteraterm-5.3.zip\u0026response-content-type=application%2Foctet-stream","fqdn":"objects.githubusercontent.com","domain":"objects.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.111.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"archive":[{"path":"teraterm-5.3/cyglaunch.exe","filename":"cyglaunch.exe","modified":"","Modified":"2024-09-08T15:58:20+09:00","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections","size":237568,"md5":"8397b6f35b155fc05ae93f29696fe069","sha1":"79daf5fd243f453022b98a95f6dbf395f02de6f4","sha256":"d7c2320a06cd017ee05ff0053a92e1b6c3c167c5c393b81d944a9f5e6dc37d40","sha512":"6a668ea1fbb1b4ff2dd200242665411d1ad3495affa91770ecba67b83815bc22bba38ef7dbf693c581bb5848352d4dbd3ff247f04999a87e56f304951d97a141","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/cyglaunch.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 2/73","trigger":"d7c2320a06cd017ee05ff0053a92e1b6c3c167c5c393b81d944a9f5e6dc37d40","verdict":"suspicious","severity":"","comment":"suspicious - 2/73","link":"https://www.virustotal.com/gui/file/d7c2320a06cd017ee05ff0053a92e1b6c3c167c5c393b81d944a9f5e6dc37d40","meta":null}]}},{"path":"teraterm-5.3/cygterm+.tar.gz","filename":"cygterm+.tar.gz","modified":"","Modified":"2024-09-08T16:00:28+09:00","magic":"gzip compressed data, was \"cygterm+.tar\", last modified: Sun Sep  8 07:00:28 2024, from Unix","size":37976,"md5":"1b5e7ccbe82e5b866e1d0cf38d16beee","sha1":"4bbce7170ff2ceb6449d62ddb85511483445ac4f","sha256":"12961f9affb6701ac6961f1a99bc556f41a657c184dd3c29efb5b6967f668401","sha512":"5bfdf97aab819990db9084a6833d1398c58475ba1ceaf67153caa80547585b9e2372359327943f83afd0388de5e06788e58503ce4de4f90d97188cdd2e4e02e0","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/cygterm.cfg","filename":"cygterm.cfg","modified":"","Modified":"2024-09-08T15:41:01+09:00","magic":"ASCII text","size":335,"md5":"f1a1ced522b95aeeeb8f9962e8b2dafe","sha1":"ed569a79c0aea23cad2c4c534ada0aedd959ba19","sha256":"e8a33b670256b16e045a6942d16b6972828de0c86c68bdf349e82a8913b344e5","sha512":"92d1be119b3f01d7305e6a6d1f920a1a5ded267985fa152a2a3d71f0852bb0037b00f6fcfc47b3a7b1b9b62e48da6f7436d866d074520ed9f670142447f89994","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/cygterm.exe","filename":"cygterm.exe","modified":"","Modified":"2024-09-08T16:00:28+09:00","magic":"PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, 10 sections","size":52224,"md5":"9daa47ebd7470ce22f93350714c899eb","sha1":"2662ae1482696603ad1a6f900769da69e6cd0cc6","sha256":"ea47d6b048b523c12c2f192c94fbe60c8c7722873ec81e3299391b2a99757e73","sha512":"61d66ddf46487ecd29f49ec5d4e2c266c7928a789375683cf9338d611b6f36f8dcc6e04df639b4b0b41366b524e55ac54b0a2773abf3da540010b8192d264780","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/delpassw.ttl","filename":"delpassw.ttl","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":258,"md5":"87471bc3a40de7b659373e18250a829f","sha1":"4b58b525a132490cb44db156b8cdb73685c017ae","sha256":"91995d06f0baafde0db504b600584894f1aea93266a247bd6a7ba6083107c43a","sha512":"c83aacdcf807976e300a62fe7ac7f46ed5f211242e3e1a7a461d7d9f1968825117f17cad9e4fd15483b67c0f950aeb652aa69df3700c2121d3b518d3a7407105","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/dialup.ttl","filename":"dialup.ttl","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":1117,"md5":"986331ca7fe43ecbb01411835ca77063","sha1":"61d34475431c880101a4daefa6232597f8267291","sha256":"3383363d7dcc2f0dc62ec89e32833ccc945bafcf9f8c43502b3ca850ebbe8ed6","sha512":"bef9386e2dc55eadb2c56c8ce29769125d962c55e9c8cb1a1189c0fec898bfe542a6f2fe146479a2030fb5021f39b1659597d354ef262e215bf0c3c67098e169","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/IBMKEYB.CNF","filename":"IBMKEYB.CNF","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"Generic INItialization configuration [VT numeric keypad]","size":2906,"md5":"061b38195173e8145d57d4d50b97c4a0","sha1":"49ce25328d44a97ae51067ae3a1c929e8ae4ce9f","sha256":"da84a7069e2427581508728fbf2be1220e45f4c8141faabef37f39c8f500fdb6","sha512":"2cfcf49a9d1370b85c5732a87601e8fd2afdec973477f774768a27106afb2f018e177cb035c579b20f1a10e9a762d1c69ea30a97ec8766051cb2582491420b86","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/KEYBOARD.CNF","filename":"KEYBOARD.CNF","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"Generic INItialization configuration [VT numeric keypad]","size":2906,"md5":"061b38195173e8145d57d4d50b97c4a0","sha1":"49ce25328d44a97ae51067ae3a1c929e8ae4ce9f","sha256":"da84a7069e2427581508728fbf2be1220e45f4c8141faabef37f39c8f500fdb6","sha512":"2cfcf49a9d1370b85c5732a87601e8fd2afdec973477f774768a27106afb2f018e177cb035c579b20f1a10e9a762d1c69ea30a97ec8766051cb2582491420b86","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/keycode.exe","filename":"keycode.exe","modified":"","Modified":"2024-09-08T15:48:20+09:00","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections","size":621056,"md5":"7f772303606a127d2d3ff3023323aa62","sha1":"8a16f196feed5e7e1fa37a5173ca2e4598435560","sha256":"8aaebc9bff307b68050d99530c20600e1c4527f1b73a5b99f9e02a0d605d63c3","sha512":"d8ab48656783d287e5b187e37255a0858b0d9f869c0b74ac1341440c4b50f0767763ceb4108473cd4c00c3c1978b417f6471350ffdcf21981d57e8c1f891ab08","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/keycode.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 2/73","trigger":"8aaebc9bff307b68050d99530c20600e1c4527f1b73a5b99f9e02a0d605d63c3","verdict":"suspicious","severity":"","comment":"suspicious - 2/73","link":"https://www.virustotal.com/gui/file/8aaebc9bff307b68050d99530c20600e1c4527f1b73a5b99f9e02a0d605d63c3","meta":null}]}},{"path":"teraterm-5.3/lang/Default.lng","filename":"Default.lng","modified":"","Modified":"2024-09-08T16:00:30+09:00","magic":"Generic INItialization configuration [Tera Term]","size":353,"md5":"b3258a4f0a9cf72b837e849e63e5ffed","sha1":"5cff5257c57802ed13ab63ee2729f33e7b41123a","sha256":"d2ff0c23ad8afcecc5e9cf745234bf615ec1dfbf0c72565c2e68bfc4f912a0fd","sha512":"88dda13dc3be5b00688473edd30a48775fb48a35a2d06599d50567f061d63255422034ff0394c2cedcf4f26047471756981864f14de316b97a81a695490d4605","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang/French.lng","filename":"French.lng","modified":"","Modified":"2024-09-08T16:00:30+09:00","magic":"Generic INItialization configuration [Tera Term]","size":59479,"md5":"a33530674e76ed0f1df6e25a50a56cca","sha1":"013160dec5b2096f2b283e512d073c77d609de09","sha256":"885a02bef2aa33881a09da62c22f97546cedeaa6af9dbd75017edbe29ae2aaed","sha512":"4e0219380bf8ac3ce37038b23f95317ba6f9d2d182f4308591aab6a52103bcc4274f8453b8ae9231669808f42dce9f25242ba3c57d980377114c914cf8492e30","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang/German.lng","filename":"German.lng","modified":"","Modified":"2024-09-08T16:00:30+09:00","magic":"Generic INItialization configuration [Tera Term]","size":56880,"md5":"f7ec296fa39a7206d6eaaf080b0135d9","sha1":"477a5d344c6466aee98ce1e266f64073f31fbbf5","sha256":"f3ebe6299a2ee08273a628e7d237fdc2409a9a5b2b0e629cd14043003ab2d105","sha512":"0e2f8831331bb3853799957d1f8dfccd814e2a45fb70838ae032677be3d63780cd7a371eb625343df70e139b1af98db64b16590e944aca269ab5e8429480cd01","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang/Japanese.lng","filename":"Japanese.lng","modified":"","Modified":"2024-09-08T16:00:30+09:00","magic":"Generic INItialization configuration [Tera Term]","size":56234,"md5":"db9a2f9fc0aa251a260e6730cf66ceb3","sha1":"ff5fe9c4d5b904cbe304461a17e873f1c9cfa574","sha256":"d16ec06fd836289cc78b317124748c6fe989c23b24fac1bfcc3ede5a36bfec0d","sha512":"b6fb8f748796869054cfb96cbe34edf6e0a051652b623987a9b6eaf07becd8b94d4fd8d921e6ab9041198f370e9a401bf2bfc4d30cbdfd7c66e0bfdd6fdc5e9b","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang/Korean.lng","filename":"Korean.lng","modified":"","Modified":"2024-09-08T16:00:30+09:00","magic":"Generic INItialization configuration [Tera Term]","size":53929,"md5":"d3ac460d6d0027d9d75db46892c3e007","sha1":"3e4084c66f754d8bf544440164944579eff5398a","sha256":"76742a8555b68a551ef447bba398619c3fd1271ed875e3dd739a0592a8cbfabd","sha512":"96d9132674ff3ead7575936771447f20d69b872d66ec63126629f4c5aca94d7c7148a9ad57fae27ad53208ff2b5119eb7abb1dee2c6b60aae6cf1b8b3fa7cbcc","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang/Russian.lng","filename":"Russian.lng","modified":"","Modified":"2024-09-08T16:00:30+09:00","magic":"Generic INItialization configuration [Tera Term]","size":56513,"md5":"6784597c98e8957a53ab7e89c54ec69a","sha1":"3f0cf8773a6d3fb6ac504720ae7da0eb0c080aba","sha256":"afe856e6af469b1cacc8fcd7590acdf5da5dfd2054c90b2b8e756ea0316390ca","sha512":"678787a14ceea8c7cbd16fbd33603ae2a2e221455d8ede4f6a93abf157a0091ecb0ce2fbb28a7a4b41cb454b2cc5612ec22cecf8df0a0e5ea08f361fdd9ac57e","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang/Simplified Chinese.lng","filename":"Simplified Chinese.lng","modified":"","Modified":"2024-09-08T16:00:30+09:00","magic":"Generic INItialization configuration [Tera Term]","size":48711,"md5":"607a5ff9d632aa4e403b92c118cd1fcb","sha1":"32c76b3b206b944733481d0c3b372005a656d5b7","sha256":"a473ce10c8d442da0910db9f97ea1d008faf3633a02cbf97ebbfa319fb45b648","sha512":"7e8305903e3e1e50542824d3e622c22bbdc8829e056c0e296f7da3b7d5b60efcbe60fc6391551f10f0192ececb4abba55204d86fdf79cba03f6dc9343668d6cf","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang/Spanish.lng","filename":"Spanish.lng","modified":"","Modified":"2024-09-08T16:00:30+09:00","magic":"Generic INItialization configuration [Tera Term]","size":56070,"md5":"57727b26b7cb1d240ea3ccf4ffb09ea0","sha1":"72bb61cc28ae061ad5f0d9073cc85b6146346c14","sha256":"0eeed24afe2a14e146048a1729e4acb62a5f8efaa5bcaaaf3fa6e8e2d120f68c","sha512":"d08a1e7ec65645417633cc4e56e0b29c6e90a4aa03fb2608cbd1dcadbf2a7d10d95ae3ca12357570e075db2fb001493463fc454996aeac155492c7bc6b042d0d","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang/Tamil.lng","filename":"Tamil.lng","modified":"","Modified":"2024-09-08T16:00:31+09:00","magic":"Generic INItialization configuration [Tera Term]","size":117375,"md5":"2ae1d5626c1cb5a7670c02aefac70f58","sha1":"835a694b5931507e149d0c466327f5cbfdfcf4c8","sha256":"041c7f631a48fefcb89e167cb670a6b7bb7e052ddd096cffd1847c386a6723d8","sha512":"971f62f703aeba205040d34092b91dd3fa58eca34120b1ee51a6826db46057b91d31be84b165a62cc92d91a458716061118a0f393e58d8a49a0281948edd7c81","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang/Traditional Chinese.lng","filename":"Traditional Chinese.lng","modified":"","Modified":"2024-09-08T16:00:31+09:00","magic":"Generic INItialization configuration [Tera Term]","size":49442,"md5":"67fda1f7603aeb670687a7959e4ce8be","sha1":"93046ff083da0a0190b98a8e5c1b855feef81808","sha256":"78049a7ad377a05525fcfe126359ffcc94c5e30ffdf210a36ee68bd177d119ef","sha512":"a28f5f64c53bad9db4c0e73fb16d54badfe6cc75d9ec945b200656ad962d58a2f087cb6a2adfdacfa68fa996210072fe1fa6ea7eee193d121882c6e8bd1a619c","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/Default.lng","filename":"Default.lng","modified":"","Modified":"2024-09-08T16:00:28+09:00","magic":"Unicode text, UTF-16, little-endian text, with CRLF line terminators","size":708,"md5":"23af1c051d12d08dd0aab57e9e2aba7a","sha1":"edab24ac12cb09b3df9826f276686fda4e0cd198","sha256":"3449a7a9973d80ea8549ea75f79e768ebad5a7d769d324821a10e114aed6fa6b","sha512":"ab0ddb64c93d8f92b7cc24925b9b7a72bea6c4153a638d02ef899f69712b205c3bf6373ceb2137e0492ff9007032d0ba2944ef867ca87944f7129988b8647afc","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/English.lng","filename":"English.lng","modified":"","Modified":"2024-09-08T16:00:28+09:00","magic":"Unicode text, UTF-16, little-endian text, with CRLF line terminators","size":111682,"md5":"fd61209256fb0796939c45718c663361","sha1":"ef0b13cf9356dc5e31ecd9e0ff8bdc86c6674568","sha256":"1326afbd0788af066394229ca205ed4760cec3e14996cab14e7d43b39a15a714","sha512":"a4470d5fc6b67699bc2636ddf1b35afca85eda88f3e880d39189695a67eb83568c4388579c15aa4cc44a0f372b22fd69d563f5f1ec292f7de52e41fdcc0ea33b","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/French.lng","filename":"French.lng","modified":"","Modified":"2024-09-08T16:00:29+09:00","magic":"Unicode text, UTF-16, little-endian text, with very long lines (345), with CRLF line terminators","size":118960,"md5":"4222621162e59d881fd58025ca670e91","sha1":"85a224478174c82b65ecc936326d65581c87615f","sha256":"0e9ca78125726421d4a323db372031817645c62d9bf2c31e3f6adcb9f94ea0c8","sha512":"0e8846dca4b7c63049d3bf1b730cac2ada889b57712c9484158a5a76d167eece13137d131bc6f75aa316c48b583cc636c960963a46ed393314fe3b427ded9616","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/German.lng","filename":"German.lng","modified":"","Modified":"2024-09-08T16:00:29+09:00","magic":"Unicode text, UTF-16, little-endian text, with CRLF line terminators","size":113762,"md5":"7a64504b358e96eb65dbae423e7163ad","sha1":"85d84827ef8d5dd374d3146fa744133f84c87dc2","sha256":"97cbbeddde028c5e3b2c16edc72d5d34ed8500afe4770424d8321e0c426dce30","sha512":"07954625bdb1340644380c178ce4c3f3f4a1b672186c5b02eb10a5f57cc3e260ac8937d34dd57ae45dbf2ca82c54eecca01cc2a0d4d6aed13d71982ca3851681","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/Japanese.lng","filename":"Japanese.lng","modified":"","Modified":"2024-09-08T16:00:29+09:00","magic":"Unicode text, UTF-16, little-endian text, with CRLF line terminators","size":90180,"md5":"1d7faee690891688993bef4a741b7057","sha1":"ecabf845310328f8d7c86534507b14339efef905","sha256":"8ec6f20f2e7e093dfbbede3d46e3312c0bbfab39081bdd65a88e3ae0007085e7","sha512":"31c982801bb331e8d6637013bdf646e9dae00308220c863e4a28ef419b811729792ce83badfbd186ed3ad1078a47d6784a6c7dc6f02f3d838d420e1b3643f1dd","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/Korean.lng","filename":"Korean.lng","modified":"","Modified":"2024-09-08T16:00:29+09:00","magic":"Unicode text, UTF-16, little-endian text, with CRLF line terminators","size":95012,"md5":"ceeda033d93295f5139921ec61d722b9","sha1":"7712b550fd34497c74b3841cc54a9f75ddf3f0cc","sha256":"821406a1bc08e91486a7c996dc38ff74a5c5601cfbf841a319527e0097a95483","sha512":"800741cb3af12169b92ced8e9a4f00322343f913cd3850c991ea0115ab7cd679c2960877c9a0e62b47626229d70592461614ac057060902a3671def212ea367c","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/Russian.lng","filename":"Russian.lng","modified":"","Modified":"2024-09-08T16:00:29+09:00","magic":"Unicode text, UTF-16, little-endian text, with CRLF line terminators","size":113028,"md5":"cdda3dd399883a71ab32c0178f05d464","sha1":"6ae65508211220020d22aaf8b0e6c69f00f12153","sha256":"45fc058d744138451e603eb7ef4b498e80eb3b2d22ee110cb5341195fed92074","sha512":"d95c40f7f2c332ea2cbe09880784754103c978b9fae1dce8758114a4a32f2ab42fa24aaec307a39e0fd327262a41d76f0f405846a8a7d5f7a643f05600db197c","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/Simplified Chinese.lng","filename":"Simplified Chinese.lng","modified":"","Modified":"2024-09-08T16:00:29+09:00","magic":"Unicode text, UTF-16, little-endian text, with CRLF line terminators","size":85156,"md5":"ff68242a02d541138eea60faefd510b2","sha1":"2e17d04619b7c839ce26fd824e271e928ea9f66f","sha256":"0e3b836689e0890ee06311df4cc23f6f1560d1aa15b177e59d577bc022525c7a","sha512":"4418f92c40bf2cca250a7107964c4d57340bf344830054f14b1c9b2628095d71d07814127e1e6ef1e5a95b6c0a4f166276d29d89b022cecf3f1b386e85317226","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/Spanish.lng","filename":"Spanish.lng","modified":"","Modified":"2024-09-08T16:00:29+09:00","magic":"Unicode text, UTF-16, little-endian text, with CRLF line terminators","size":112142,"md5":"d55e003db21649579bf6b794bf0da473","sha1":"0b3732ce7d622474e57a87912fb32f918607f050","sha256":"42b74ce5e503af7b9d17989392adf03beeb4d6837fc0112c612df7f74c1f990a","sha512":"57ba072f696ec0c4a42f7c047189ee57cd296ff4d3ba7f8e58737eac8011c10ca9ed910c61521f7c8895e3b43d8317f58fcf43edead6ae90d4133200180c1f84","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/Tamil.lng","filename":"Tamil.lng","modified":"","Modified":"2024-09-08T16:00:29+09:00","magic":"Unicode text, UTF-16, little-endian text, with very long lines (305), with CRLF, CR line terminators","size":123200,"md5":"fcc631577ad24bda1a6a3a49045289c8","sha1":"82bb5700aa69f63bc44773076b494f6d86e84e05","sha256":"4e831076d500e4cbc66103857de8a4ac62800f9d6e0ed909bc545d215c9a8f5e","sha512":"48c7bd4786f8e618507030f9666382c3c7ada53b77836621ac98b1d5cbb11a887d331fbb215e72957b9c5ed3aa8b3085657a51809f4261ec3db926d6bbfe1ef1","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/lang_utf16le/Traditional Chinese.lng","filename":"Traditional Chinese.lng","modified":"","Modified":"2024-09-08T16:00:29+09:00","magic":"Unicode text, UTF-16, little-endian text, with CRLF line terminators","size":87438,"md5":"d2ead9916ceb489f904ae4bbf85bc932","sha1":"b1540c1af00de5a715dde07e139bfa1109618aff","sha256":"add92e6ccd060268ec0c7c2490da462a41ca98ac1fc6a3bc74ec434a576114e7","sha512":"040f7a70ed4273831d227ad2d38c3eaf09e0af3c80203f50176c67c89632f4970b5b709f8aab62f321a58c984d3e6729b18ed86d74a6ec3bc3358384c20b71cf","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/license.txt","filename":"license.txt","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":8295,"md5":"78b87882b567713c59e48bf68924589d","sha1":"db172b3926da256b8630a1104b7e9cb9aee98152","sha256":"063295358ae3172f7a74af8b7a604f20fcd16e27dea8219382acc2e12b06fbfe","sha512":"d1b06062de92bca9a576c208e56c1329951f279f29a9bc83b6fb50c673ec488d320f85859d5bb0a7d0e5ae6c8ce4480280995b4845ca72d9a50c3266b96ef952","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/login.ttl","filename":"login.ttl","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":448,"md5":"628ef29c985d8bdbf30a468a80405527","sha1":"708bf2aaea0abbac98f6ddc1382f0395fba1a330","sha256":"cba037d79ec9fc636a579e87f67fb073368b82e67157102bbd1a026e363c476d","sha512":"8d7f98ea28fe2022ba23b4bc2e75cc05bdbdbafe4dd1f1603643eca9772014a7e23c9d38171b013fb6e1767df31dca4cdaddf8376a62092d075d447324dea6fe","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/mpause.ttl","filename":"mpause.ttl","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":628,"md5":"5bbd549be9debd1cedcdb7eff6218609","sha1":"7d6538a663c841f3a25f703f45af693d425f2937","sha256":"20ae83688c06d2f0a061db0f55ebcff9dfee6a8e33a12d0d99787cea54fe92e6","sha512":"acc835da80bd444b8dcf9456328984bfc0abdb7b53d5670ac41d0eff97249ad7ee7e2aaa252f4466bbb634db291c29da00c69c80e21fccd2ff409716b85f0f56","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/msys2term.cfg","filename":"msys2term.cfg","modified":"","Modified":"2024-09-08T15:41:01+09:00","magic":"ASCII text, with CRLF line terminators","size":265,"md5":"cc233cd04fbef0f4a8996a1d8f159431","sha1":"a402450efa9058d01bc643ed5e904349060dd660","sha256":"7dbf945a891238aff183bf97fe81f164d59702c9ce2be847e148e5c6cb6877f0","sha512":"d23b65edafc3b5666073808e99d7bb1fe9acb31f67824b3f81bbf82db49c1adae6e57f28d334a35fcd040fb02bcc76d825da495bab289b52337e3696e9a89bbb","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/msys2term.exe","filename":"msys2term.exe","modified":"","Modified":"2024-09-08T15:59:21+09:00","magic":"PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, 10 sections","size":52224,"md5":"7b82b542e1e6198877bc69a2edf04c2f","sha1":"be946d4e0fa3055fdefb272aeb57b5b408978e67","sha256":"fa4aa555db3cde8ea0cff3f8292c0352bbc8249c05f148d910b15d3eadbec3b1","sha512":"1b8e58042cb7287041c9d752b34a9ff2cc9b2acaf2f6c61122d60b760937a69d961824ef44ccc54903433db09b3a51f2965f9996d6796ba455f669274d772f7a","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/plugin/README.md","filename":"README.md","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"Unicode text, UTF-8 (with BOM) text, with CRLF line terminators","size":31,"md5":"45b74925d6719df2b0642d14e30779de","sha1":"cc77a076884b9e6437bb5d249d2438988c103bb0","sha256":"c383665c069c1958ea0434cd7317c083f4c69dc2add39cb6617a3928dae2f86d","sha512":"a05e742d82a7033cfd7cdf667e5399ac773845d0d8f69ccc1978d52ea8bebc03f0245ed2e15a44419e058681a14d7e47c9272cbba6bf9c1f23fd93eccc2cc385","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/portable.ini","filename":"portable.ini","modified":"","Modified":"2024-09-08T16:00:31+09:00","magic":"","size":0,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/random.ttl","filename":"random.ttl","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":405,"md5":"0a39b1e7a8e5c20171610ebe5b0c7cad","sha1":"60bdce1fedadb9fab863415cb649e3a2a7227af8","sha256":"29e1d45ce36ae651fd859adf7c2192dec38fd9912637eacc72932833f9e77e2c","sha512":"b32a176b8c60dc658aad731c668f879b4ce106d4b906a0cc3da0936cff7e579f3e24efa30897afbecf741cf7fa82f10afde21a9f81546e02484c7026f185f11c","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/README-archive-ja.txt","filename":"README-archive-ja.txt","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"Non-ISO extended-ASCII text, with CRLF, NEL line terminators","size":1015,"md5":"5a44df39f42896ba0bef1e8cac1d28ff","sha1":"fd6c9cae7c42f2cc791c43bf128dd826dd231cf8","sha256":"1a3c7c8bd6f03479aa92670d3b60cbddbd4e3725c2086f9f27ac4d2e949321bb","sha512":"b88df65820c8dca748aeec7547147617a05e965f65a273093cc88264ba2d16e201cef4b7eee5185d7a1d53d5204782ec3228f8992e2cf1bcb2c4f2674849a2ba","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/README-archive.txt","filename":"README-archive.txt","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":831,"md5":"e585c28f89fe911f7e931c28071832db","sha1":"e4cbaa715e82fa33ae7a65e5900afa1741ab154b","sha256":"62f77bb5b409eb1d78b229b4d59e1cd0f72b19862a9311a2c6caea4aab2d7db2","sha512":"668897805a620c4df75dd2692b668f74d9556cd15a13309c9d99f5bef0062ff21a935be497f35c8114ca800a64eeba49fd1a55200185933a46ac7895b9e60e6a","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/screencapture.ttl","filename":"screencapture.ttl","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":1772,"md5":"a2c063a333a7dedc65ee67cc45a3013b","sha1":"5d0fca842aaf64d791bc66a5be5c7a8eb39e96ef","sha256":"52b2366d031cd7cbbbc4f0a89628c31e2de73e601a2308968a9efe7633421939","sha512":"de641a77c0bce912832acf3e2739dcb4b395e7783de856badf93536399dbef4c293c189783484ff59c2779def0f2f74bbd05dbcf00af17deacf18cafd3755132","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/ssh2login.ttl","filename":"ssh2login.ttl","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":511,"md5":"e3a77af546e995b547ad08ca9a5971b4","sha1":"7c05ae98fa0d53ad6533d3ac0da22995a06c9b6f","sha256":"0641a0467dea4fee52f0197d77060b32074884927d3ee3efd720ea7ff82f615e","sha512":"f0fb6c1723bf870f927218c2cf2b4ef1ba667fea1984968b7c78bf4d4e12d6a6af9f78d6135820f22b8ff146f4cdd4f13eed65dce3068b48256986a120f0899f","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/ssh_known_hosts","filename":"ssh_known_hosts","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":67,"md5":"81ea1e896c33a84eef52f599fe5729d2","sha1":"41b41663b1afab92eb542a2620bcde0d35cff7d8","sha256":"e9b5691e3bc3bfd0adc87e81f3a610f71a5442545e71687615f15ea280631fa6","sha512":"a2cdf358fa2e32e8964714583700d113631a13b4b005394a2d14d26b0dfeb7f5ee8b52aa9e3665fb05151e709c07e93af606ca97153d57ea7b3fe61201fcf23e","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/teraterm.chm","filename":"teraterm.chm","modified":"","Modified":"2024-09-08T15:59:51+09:00","magic":"MS Windows HtmlHelp Data","size":3483495,"md5":"22758738269355dc023503fd8b433229","sha1":"257acc763f4fbabd69440f9459a38d73472de923","sha256":"243d6df3a67ac00be0a344b9dc55a6c180a0329b01302f48f247bab5fc0b83ce","sha512":"d74a68f96585777bb3a08ba49c49c653662306342d6f25e0150a6f90c53d8c002c955e187caa8acfdd2a32c16cff7ac0f1107e5e4316421bbe6480aa2af3e663","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/TERATERM.INI","filename":"TERATERM.INI","modified":"","Modified":"2024-09-08T16:00:31+09:00","magic":"Generic INItialization configuration [Tera Term]","size":25711,"md5":"98c0c01fb5a006ecd689687adef59ed2","sha1":"4599cf51d3d4a2c3038de4a082384b242cbb6972","sha256":"3b8da7250d91415abc38834bdabcf26a60af885c7e39e3a3c4fc71198e6f3956","sha512":"306ffa35745747af4db03d5d76ba9b68f3ac0b9722f32eba9e959fca52512030f7d31bc0a77106a83a88730891ce7a1bc892bbf5ecfa46119d1258b34e4574c9","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/teratermj.chm","filename":"teratermj.chm","modified":"","Modified":"2024-09-08T15:59:48+09:00","magic":"MS Windows HtmlHelp Data","size":3490188,"md5":"f094cdd212274d03de0ecfa122fbf566","sha1":"e35464d108dd11e0dceeaa28c982f7223ecaf67c","sha256":"2202ad0902a7ddcacaeee2064e26a52d9afc59abb96de9058cc2470063768955","sha512":"a127cf1913554019294ba45d17052e8e5648f17c31765e6f686e4fd5278642131a47a1c42c16b98db54f892df3ca49f2feb387742786e6ab60b4222e56c95c7e","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/Advanced.sample","filename":"Advanced.sample","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":839,"md5":"d85af8b1f4ac803b346f397d8f88a53c","sha1":"43a340de0120885846f488bca9c06a686ccacd6e","sha256":"e9427aa033ee702d3e6d0a968cded70890578d9986ddc5c38a88ff5656591b04","sha512":"8f05960a4ff8bb7fc6612acc4e3c272d4a43c1367bd980dd938f0f79ae59121bc47695eaac65db4175594bb128af632aeded0da36201c8ba540b6dd933429d62","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/Color UniversalDesign 4.ini","filename":"Color UniversalDesign 4.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":419,"md5":"21ca9d370278449ac8d7465a0c9b19df","sha1":"04c5c4c1caadba5b338496421f27986f036acd29","sha256":"f568b2d891deeafa156be2f1adb03600849a77315db1043600a39f410d5eceae","sha512":"067f171ada3f60e442f8e7c9e425f96499ecb9924fb6338f599f3d9b42e37222fd82d0e8cab850a35d94c1e91be073a7472a6f371bb71805106c7e80aea29894","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/Dracula.ini","filename":"Dracula.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":440,"md5":"b25149ec65bb269de7385e7e1ac288cc","sha1":"c5270fc14132e4293147837fcce397fcc89c7180","sha256":"dd2f68e799db76ca1d91217d7ec7230eff67c7da6eae1cd2554a42d358cc41da","sha512":"a7e32e20879f32d28288f45e50dade018d4e659bce5d33de2e42bcf0f4c43bacb55abb13555d6df955865e644cc46f5e5c0633a0322c1c760e87a91b6216507a","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/Putty.ini","filename":"Putty.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":361,"md5":"0e67e28f67e557799edaa237fe3af835","sha1":"7823d3123f5a216c5a5a3d9c87190640c8cac9f8","sha256":"27cbe7bec2d2759123e8b72dd735f3dc5fb03554026cb1520dc37e87b458d98c","sha512":"c5fbaf96e575a6468fd50eba37c4a159120e841b334040e167c3bc2c1742289b0c228d365cf1e88f2049894f1dddffe9355198bc92da1d0654d39402757d72f8","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/README.md","filename":"README.md","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"Unicode text, UTF-8 (with BOM) text, with CRLF line terminators","size":744,"md5":"a560a1204f980988706c5d7b075db4c0","sha1":"1ee0e12592d2fe59bbdda9174b7b900f3b25623f","sha256":"e1b5ca8132b7e6e0b36f7f479eb97923a64352103480c87c08284b252f446aa1","sha512":"a9b37cde488c10d51474e059ec5caeef702daad92b49f1f36f9834fe70628c9b5d1cf6ed101c3fa7ceb022b4ccd588187735561901c66383ed9d93818697970c","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/Solarized Dark.ini","filename":"Solarized Dark.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":468,"md5":"fa07314ecc01a0f5e6fe4f9181d6bac7","sha1":"8a38101748417bd223328ebd587777db55c0a678","sha256":"ce575ed1f192a6f31613f8591a4ce15bc84465e78e876de100d98bfd28f25b7b","sha512":"5ce2c6612d3db326ed4572c99bf976ec064e3aa86f8f110a0251c764988d03735d784a6863820678fdad0146ab32eb0684c66b230da7d0058f2fe87c5f8c7fb2","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/Solarized Light.ini","filename":"Solarized Light.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":519,"md5":"07ab4057f65f05ea74c955a8112a2495","sha1":"013efaa2cffbb2a6c409e6ea8f3fbe39f8f61fd7","sha256":"d0818211e516af227f2bcec591189556fa7822266ebc9d8651f0be7a870d32b3","sha512":"4a0bfcecf763f06d5cfbe46c291c8a5fa7612274c9930e33ae429773794bcead279845baf20308b68cdb5e6765f2c96e2e0d4c310bf5d011f24b9307be307719","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/Tera Term Pro 2.3.ini","filename":"Tera Term Pro 2.3.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":375,"md5":"b96827cb60b89c8eb099694be7517ae2","sha1":"7fe6a31cf03b58e65bcc6a04f5e402f616011cfc","sha256":"5533c86019c1db0f14ad4096bde43115ccf18eb0a291c09847ea58aeb4c1884d","sha512":"34e3ef0895f18b0d749c9a530be5c6c07c7631e160f7ca4050bcfa0980ae023ab6ccf60d307dcef88735215b5a4498086678bcbf856180b06f7fed3410f72ef4","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/Tronesque.ini","filename":"Tronesque.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":321,"md5":"875f694665309e500629d248763792d9","sha1":"056dc0f286d908e0dbbd69bb5aeeea1530979c4f","sha256":"0197be480b3cfcb64c64b0dace6c9e5c1a98be8ecabc4abee1f4ff9f2a4dde1f","sha512":"39d55e36fcada1a807b76af8cd58b3bdb8d131407711f29bf41242d7adacccdd560a6fef4674a9e0534b63ec04da4f96d9a5d5f73a5b5a1f74e672ec2e426f72","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/Windows 10 Console.ini","filename":"Windows 10 Console.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":457,"md5":"bc39828471cfc8043241a2b32c4df640","sha1":"91a06ce1ffb245a64880e1e88413f477b90a0136","sha256":"238cc2246450be5216c8089ef226bc4f8b6498d61e85158fefd94c1032cf041a","sha512":"4073f7f90aaafda5a6b7ee7cf8dd73f2ae5860fa1f4b495ee7de58cb202e30019b6b7305d5b3582b07edbef32ed3db1a82fece93fe9cbc7baa84a5c68bcf76be","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/Windows XP Console.ini","filename":"Windows XP Console.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":429,"md5":"7345e4dfd6b0fc530156bb313f160653","sha1":"72f1bae3b40e0c631dd3e3d3ecc92897525fffe7","sha256":"f2b9ffdd40854d0e37faf61df3be6e64a7d3621e773528fb909d4179098e93ea","sha512":"1a0a1793d353e91eb23e0f08ddf4ccde33f5a3dc7ad957a5f5cdfd5a8604ecaf213c792304689d0f92416e5326c122bc72fb23de1c0d4cf79170fd989f59c7b6","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/color/xterm.ini","filename":"xterm.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":321,"md5":"8828a0ff424adf10bbfb18e9aaf701f0","sha1":"737714dbf4a7ab0e1b51fa51869ee3bedcd7d6d5","sha256":"5778a328437db35deee0030237189a2e19da04965de057a126d7fdd7f8f6fb9e","sha512":"4c0d3f154b07975650e7e286cc28d685bc4693db25f93b1cde8516c6e543b4fdca70bd720c911c27e953c577a73d7bbd4f0b03cfc30c649ea16ea716562b0381","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/ImageFile.INI","filename":"ImageFile.INI","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":867,"md5":"e91eb319caf1445abd2804d43b36436d","sha1":"066eac2b41e583cf79694887224412fa43e22b67","sha256":"6b1acbda9d3865dd6900c5647e2c92e8405de88cfed1a8822700aa3bf29d296e","sha512":"b8d423b8626632a9152d6714b266d5d97674976fb8743923e048263d5f5edf07659a67a75b59cee164647563067451985d6725b1b5ac6ca0c7fe8a0a2eb56e3c","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/sample_bg.ini","filename":"sample_bg.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":335,"md5":"5b4e3a91b4c3de1b14ca3ca45b9621f3","sha1":"7a519ac6f65ac951f71b197a630ff16a03f764eb","sha256":"b93e177782c3ddd33aef49497a4ec2c53041c06c5eac243fced88ca60e82a208","sha512":"0d79a8329a166d8772eec225d617ab835d86c6f412291cb5bc5b3c11fd4896021351bd26b7d5bf1e4a7f0e6edad12703233f92a116dc2111e3d63ad261a96f14","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/sample_wallpaper.ini","filename":"sample_wallpaper.ini","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":318,"md5":"96bed8e63e155b7c4fade2498cd33959","sha1":"7a099ea964102b0d6a000d8c390a5dba2b241907","sha256":"bc6b67912b6bb6d329f10fd9d55ad82f310a37b6428f5567ca463c1c26e345b5","sha512":"cf3184a1c6c1f2695d468a40c957d0303280c8d4dddae1ad8321b60d60db502f4f11eee682ed4885fdb091dddec1ee4b35fbfb264fdf54d04c7307e451b7d26d","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/scale/23.jpg","filename":"23.jpg","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x534, components 3","size":20156,"md5":"75cdd6652dc57c236a83424784293304","sha1":"3722e9ce8e9c76f00f100405b53544659a40dc9b","sha256":"00d29683a10b13c917077b275977c56dbb18ead5bb1c38ccef344c2170ee4f0b","sha512":"61a399e9d508949eeaa6b615155224b2830ab150830b3717331400b2055b684cd9baa8a98f195a115bb5cf4d2a71cdf6b498f30fc7ea4e69459abb417f5699b7","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/scale/43.jpg","filename":"43.jpg","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x534, components 3","size":56874,"md5":"910f3572b4d9024d6ae6e2ec45a99ba1","sha1":"0c5d36e2beb53ad5dda9344c686cda2be38802b7","sha256":"7c0972abd42ccee58305c69c1aa54363b66886e9dc0d1fd222272ff7bd697c0a","sha512":"abf848cb67125febcacd28f4e214857e261c3402109c8c77ead641722c81028cd46a9ed313fa14bc2d53935791bf907b9dc6bac1b771084c2e6414aaad7adcce","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/Scale.INI","filename":"Scale.INI","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":1177,"md5":"5d1a0bec8e4d3a9a450c8951e701efef","sha1":"b1b43d06b6abd25b37be863d8be28b632b3668b7","sha256":"76e41ff63203f34de671cb45f98ae09008c5236d8d318093c2a1942f6f461aef","sha512":"bc728404893b1aca0d94b3592ada0756b629684ea1de4d4b35bc6a83fa8e4738e3cbdc9b601846a66ff6b5a2e282720981c7b4a2391e269e2b2aa89cc0594698","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/tile/03.jpg","filename":"03.jpg","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x227, components 3","size":7626,"md5":"a95bcaef33252956c930e0b13ef82d6f","sha1":"be162c7ce0cf96bb8e43ea9ac0dab37bff954253","sha256":"03bb7a4dcdc12cf605799271c435174e0269e6ab70ab404235f7ed3bbf5756d3","sha512":"13554a24204e11b0a7f9e90506df04c353a769de28b8a50342f006744f977a16f12845f6c50ce09e14824bcbbd5cf68209224f820785130b1af2ba5e0e4f4b9e","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/tile/44.jpg","filename":"44.jpg","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x313, components 3","size":11173,"md5":"2e1c5a16472ea435777e49e117401be1","sha1":"9db52b732cc0d333cbfe31d0c42bd9828eeb9ad6","sha256":"9c57bfab56b86ed38c0b2a8c93953a5b91bd5b5778580c97ec0ed1aa945cc0e4","sha512":"86b809f3d3f62b16224ef2715ab1b32208264ef1e459b826b939891ce75c75dba0b4d552e659a99ee88951f485e8ebf8eab39ab2f57705839edd135c34fbdc1e","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/theme/Tile.INI","filename":"Tile.INI","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":1173,"md5":"cbd925ac50c5d6a637947e3a7059c467","sha1":"5039c04e4a9fe8a7f9404817cea9ee72fe8752b6","sha256":"7ddf83012946a43a3513999e510a0630fa04f0a1c0d601f3bc9e992d19447d1e","sha512":"0a2a87c442fc663a02224b64a3b7e58bb4735ed625db88172639ccc36dd81b9754e1aa8496d7d504a3df8c3757e43bdbe56ebcba808249697e835a8808c4eeb4","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/TSPECIAL1.TTF","filename":"TSPECIAL1.TTF","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"TrueType Font data, 15 tables, 1st \"OS/2\", 17 names, Macintosh, Tera SpecialRegularDTP-Tera SpecialTera SpecialVersion 1.00TeraSpecialCreated by Type-Designer 3","size":7276,"md5":"2e743cd2b882ca1c1b25922792a2b122","sha1":"6c58d91666583e73882775c031cf14b7dec2f11c","sha256":"f60767ceae6383a9cb5a3eb50329440bca99a27b3be29d39ab959e8e41b926e8","sha512":"390ac081359ee49ced4a3b09089fc4d3f8760438b9682f6a8ba41c713effa094cbf0288919b3037aa955fe5f6006534e67367c2de867e7a12a838a9ec08f18ad","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/ttermpro.exe","filename":"ttermpro.exe","modified":"","Modified":"2024-09-08T15:49:42+09:00","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections","size":1502208,"md5":"1a853f2435857bb5fdf85af2fea4256b","sha1":"c1b6b3fce54eadf3507b17c6fa4c77746c8979c5","sha256":"b617f61acf2b25adcda589c1dce38b428383d2df8a59e9d00a93db02df518fe0","sha512":"a9a337b54cb6da5139b10a397d0690f6ec0b386d08860340fbe725ab46aa554b14e7d4017066ea8e9ed49bf713389089249324ab088d043fbf6d027088ec2589","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 2/73","trigger":"b617f61acf2b25adcda589c1dce38b428383d2df8a59e9d00a93db02df518fe0","verdict":"suspicious","severity":"","comment":"suspicious - 2/73","link":"https://www.virustotal.com/gui/file/b617f61acf2b25adcda589c1dce38b428383d2df8a59e9d00a93db02df518fe0","meta":null}]}},{"path":"teraterm-5.3/ttmenu_readme-j.txt","filename":"ttmenu_readme-j.txt","modified":"","Modified":"2024-09-08T15:41:03+09:00","magic":"Non-ISO extended-ASCII text, with CRLF, NEL line terminators","size":15247,"md5":"b8b39d6f26f30fb6671533fd22fbe879","sha1":"43745882da0a4c05166ce2ca84104b0eda6f34bc","sha256":"e5b3e8546870a03d9622465ef4656faa9682de2b8fba46b46d1d8d43d67b91c9","sha512":"130ab8237f0d1cfc0a231644b244a51e909d5d67c3b7cd9c9b6a861201a5922449579db8267072def933c198c935a52d9e7aba00725e69f635a2cd4bf18e22bb","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/ttpcmn.dll","filename":"ttpcmn.dll","modified":"","Modified":"2024-09-08T15:47:50+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":690688,"md5":"178163e6782914ebfc0421bd71c7ba3e","sha1":"eb1440b707ad057664215a664dcc237e7d23bbf8","sha256":"ba023a15c2c4c828a8b4a13e21eda63500f0a33dab45acd9c82b8915db0c63c8","sha512":"200f6548c7810669503b1b69ac95135d4828eb161b59ddd930eff6dffb19cdc774e480873cf7329ddca913f80988dee38fca33ff6d36964862fc2fce6bc7211e","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/ttpcmn.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-19","alert":"Scan result 1/72","trigger":"ba023a15c2c4c828a8b4a13e21eda63500f0a33dab45acd9c82b8915db0c63c8","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/ba023a15c2c4c828a8b4a13e21eda63500f0a33dab45acd9c82b8915db0c63c8","meta":null}]}},{"path":"teraterm-5.3/ttpmacro.exe","filename":"ttpmacro.exe","modified":"","Modified":"2024-09-08T15:48:21+09:00","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections","size":2447360,"md5":"7ddd7a1dd62fd19c6577ccaaa50225ee","sha1":"f0f85c529d315fe979a156219a4dbee3479968ab","sha256":"0034e5443a3bd50df136bfed1a03d6b4840995bd9c97cbd4c420c91052822f3d","sha512":"133765525568129dc124f4268b79445f3f50e87799d358a3c239743cfc165818d366ff214fb229b73907c9ca315fa19d4941b76a8daf635941ec59f7333677c6","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 2/73","trigger":"0034e5443a3bd50df136bfed1a03d6b4840995bd9c97cbd4c420c91052822f3d","verdict":"suspicious","severity":"","comment":"suspicious - 2/73","link":"https://www.virustotal.com/gui/file/0034e5443a3bd50df136bfed1a03d6b4840995bd9c97cbd4c420c91052822f3d","meta":null}]}},{"path":"teraterm-5.3/ttpmenu.exe","filename":"ttpmenu.exe","modified":"","Modified":"2024-09-08T15:52:10+09:00","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections","size":1729536,"md5":"5cec6ddbdccdecb7bf471adceafa4a79","sha1":"44942853944743989f0227ca7f80fa7d986e4cec","sha256":"06f71060397340ab46d62dd1b4c93dfa7882607cec591efdb52866d8ef337ece","sha512":"9134717aa30a6044d84bd7539dec7ad7bed5e08ac117f5ee9eb42f85e7916965948038783fdd80516b5ea150542e60efe90902365f871ed11a3d04c8129f6c27","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-24","alert":"Scan result 4/73","trigger":"06f71060397340ab46d62dd1b4c93dfa7882607cec591efdb52866d8ef337ece","verdict":"suspicious","severity":"","comment":"suspicious - 4/73","link":"https://www.virustotal.com/gui/file/06f71060397340ab46d62dd1b4c93dfa7882607cec591efdb52866d8ef337ece","meta":null}]}},{"path":"teraterm-5.3/ttpmenu.ini","filename":"ttpmenu.ini","modified":"","Modified":"2024-09-08T16:00:31+09:00","magic":"","size":0,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/TTXAdditionalTitle.dll","filename":"TTXAdditionalTitle.dll","modified":"","Modified":"2024-09-08T15:54:37+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":186880,"md5":"fbbf788a9a9d586a53dbcd1d108bcc71","sha1":"7d5f077a659577fe5dd98cd492a390ef6fe8114b","sha256":"27c7df889e46c321fe9e38c189537a5459cd98c935db28dff7d487caed958707","sha512":"14380d5feab4cb58f734882ac2a533634899cdc9abf77c9a0b017a805d822676ddf542fded9da7b704488aaf65a8a73e6d9dda1e9e287f47c1c241b589721f14","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXAdditionalTitle.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 2/73","trigger":"27c7df889e46c321fe9e38c189537a5459cd98c935db28dff7d487caed958707","verdict":"suspicious","severity":"","comment":"suspicious - 2/73","link":"https://www.virustotal.com/gui/file/27c7df889e46c321fe9e38c189537a5459cd98c935db28dff7d487caed958707","meta":null}]}},{"path":"teraterm-5.3/TTXAlwaysOnTop.dll","filename":"TTXAlwaysOnTop.dll","modified":"","Modified":"2024-09-08T15:57:51+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":156160,"md5":"1c06d307908b6bcc25a7414eb480de0f","sha1":"652729228c839f14ce97b2c0040ff434e79b3130","sha256":"0f605d010f65eec527bc177ed0ff238666699f6783a18170253effb9a96224fc","sha512":"dfc31538b6e71513fb4c87f02b1e3d685a4005a264e60fa80c76e5e62f5748a9ec8011cc8a6855284122b24c4e547e0997d95f14fcee159563d89152c4400c03","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXAlwaysOnTop.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 4/73","trigger":"0f605d010f65eec527bc177ed0ff238666699f6783a18170253effb9a96224fc","verdict":"suspicious","severity":"","comment":"suspicious - 4/73","link":"https://www.virustotal.com/gui/file/0f605d010f65eec527bc177ed0ff238666699f6783a18170253effb9a96224fc","meta":null}]}},{"path":"teraterm-5.3/TTXCallSysMenu.dll","filename":"TTXCallSysMenu.dll","modified":"","Modified":"2024-09-08T15:53:57+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":84480,"md5":"79465b8b6d04713e756f855e1336a5b9","sha1":"cdff9c9c124ffe6b291bb3ad2bb6cd34f766b379","sha256":"d0cc004089c004a5db29eb2d4ded2e6cf4111aaf525e3d287e681d40480049f0","sha512":"8d9bb3e83f0490db157fa24a9238299c009a3cf95ee962cf9fe81601d79893acaed5a396c521fee66c43c62bb60c1bc869dcc193a4cb14bcefaff887aac670fc","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXCallSysMenu.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 4/72","trigger":"d0cc004089c004a5db29eb2d4ded2e6cf4111aaf525e3d287e681d40480049f0","verdict":"suspicious","severity":"","comment":"suspicious - 4/72","link":"https://www.virustotal.com/gui/file/d0cc004089c004a5db29eb2d4ded2e6cf4111aaf525e3d287e681d40480049f0","meta":null}]}},{"path":"teraterm-5.3/TTXCheckUpdate.dll","filename":"TTXCheckUpdate.dll","modified":"","Modified":"2024-09-08T15:52:39+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":208896,"md5":"11bc0b6ae751a76b7ca8ef814bb6f7e0","sha1":"840795630cf9aa2c722d58f488afcd2302194570","sha256":"c647d3fa6c41365302366958ae0358f6574247db16421ac4fdcef3ef04c2a80f","sha512":"e51901c9d3384ec11e298efb204ef79a56443005ca942dfa5cd9ed7d35ddb83e853dc72e9a6589829d00eb738a510764bb52e33ad8eb75f9c04416a87b3264f4","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXCheckUpdate.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 3/73","trigger":"c647d3fa6c41365302366958ae0358f6574247db16421ac4fdcef3ef04c2a80f","verdict":"suspicious","severity":"","comment":"suspicious - 3/73","link":"https://www.virustotal.com/gui/file/c647d3fa6c41365302366958ae0358f6574247db16421ac4fdcef3ef04c2a80f","meta":null}]}},{"path":"teraterm-5.3/TTXCommandLineOpt.dll","filename":"TTXCommandLineOpt.dll","modified":"","Modified":"2024-09-08T15:53:57+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":115712,"md5":"96fd74756b7cd07f40543378ed547f65","sha1":"31938d3efcdcf0fafe8295bd284a15f1487ae8d2","sha256":"c665b2b72fd912698f324d2383791850f7dbacf1d6f4fe50cd5be5fc9bfcf3ee","sha512":"ef8c004c9d755e321b5faf2f4ff1e9b1aa163ff55f6504461fd38d5dc4373625ebb89e3fc6f18dff7b52dd076271fdd7fe7aaed52c1693c4834fcf6064a09b4e","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXCommandLineOpt.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 4/73","trigger":"c665b2b72fd912698f324d2383791850f7dbacf1d6f4fe50cd5be5fc9bfcf3ee","verdict":"suspicious","severity":"","comment":"suspicious - 4/73","link":"https://www.virustotal.com/gui/file/c665b2b72fd912698f324d2383791850f7dbacf1d6f4fe50cd5be5fc9bfcf3ee","meta":null}]}},{"path":"teraterm-5.3/TTXCopyIniFile.dll","filename":"TTXCopyIniFile.dll","modified":"","Modified":"2024-09-08T15:54:37+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":84992,"md5":"9b15680187923ed5508b665fa9a131e7","sha1":"73446c990c30ff3346ca7f28ef3b546a483488b1","sha256":"27ab21be9162b155905bbb3231f7d43fb079752267c0d2b5b2149413a2a25adf","sha512":"aba37a977ec4d07140635bb2d6d2234eb0e9a4b460dc8aa0168c03b78371715564dfc157130b281738a0b214d09ba8c2369804796d1ad073b34c2bde55ee9f31","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXCopyIniFile.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-24","alert":"Scan result 4/69","trigger":"27ab21be9162b155905bbb3231f7d43fb079752267c0d2b5b2149413a2a25adf","verdict":"suspicious","severity":"","comment":"suspicious - 4/69","link":"https://www.virustotal.com/gui/file/27ab21be9162b155905bbb3231f7d43fb079752267c0d2b5b2149413a2a25adf","meta":null}]}},{"path":"teraterm-5.3/ttxkanjimenu.dll","filename":"ttxkanjimenu.dll","modified":"","Modified":"2024-09-08T15:51:43+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":160256,"md5":"e5d4516bad280b074acde8621eb391eb","sha1":"b1aa7e1f68289427c71cecd0f6e7f893f71c1ed0","sha256":"fd1c4bbf7918716dade889fe7a243ee126180007e50ac750d0e5044b63f7e7c3","sha512":"0d9d6f669654b96078b2ea7ba5eb170b1ede2950b6d0e645b3047ae475dd5a0439ab6522cce4986e37b0ab4fb9eb30968666739d401fcc8d1db36a620adc841f","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/ttxkanjimenu.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 2/73","trigger":"fd1c4bbf7918716dade889fe7a243ee126180007e50ac750d0e5044b63f7e7c3","verdict":"suspicious","severity":"","comment":"suspicious - 2/73","link":"https://www.virustotal.com/gui/file/fd1c4bbf7918716dade889fe7a243ee126180007e50ac750d0e5044b63f7e7c3","meta":null}]}},{"path":"teraterm-5.3/TTXKcodeChange.dll","filename":"TTXKcodeChange.dll","modified":"","Modified":"2024-09-08T15:55:16+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":89088,"md5":"2b7dd72fdf59bedad8491d730346772d","sha1":"c541da64daf244a441f79e326f6a85a798c1a479","sha256":"1ce687e10faf1a9550c8590824f620c1a31cad5ee74bd7bd18ec3d4ef9e66494","sha512":"8c17941ab2b26af7be16163d230e50832e1a6d62541f5c7c53080b7f45c336521d5d5afd4e0fdf616d953dcfcae1e30af59cc6dc4acd87ba214eb39c7bfac536","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXKcodeChange.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 4/73","trigger":"1ce687e10faf1a9550c8590824f620c1a31cad5ee74bd7bd18ec3d4ef9e66494","verdict":"suspicious","severity":"","comment":"suspicious - 4/73","link":"https://www.virustotal.com/gui/file/1ce687e10faf1a9550c8590824f620c1a31cad5ee74bd7bd18ec3d4ef9e66494","meta":null}]}},{"path":"teraterm-5.3/TTXProxy.dll","filename":"TTXProxy.dll","modified":"","Modified":"2024-09-08T15:51:19+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":669184,"md5":"c5b827f1e14f6d161cfe85af9dea4c53","sha1":"60775bee7af168959c8d9d87eba83ad7fa965efd","sha256":"3413b1d2f375bf1ee4ddc2eb8a773b5161bef4cd01a0cdf9c863f07a4da61025","sha512":"900f7904b71bffe12115b91cd28c39d66b1036c347bc9fb5147d6267790eedb9cf7335765c9faf9d82b6b5a3d32c0bf3cd36831b0b156948ed1031689d4e94f4","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXProxy.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 3/73","trigger":"3413b1d2f375bf1ee4ddc2eb8a773b5161bef4cd01a0cdf9c863f07a4da61025","verdict":"suspicious","severity":"","comment":"suspicious - 3/73","link":"https://www.virustotal.com/gui/file/3413b1d2f375bf1ee4ddc2eb8a773b5161bef4cd01a0cdf9c863f07a4da61025","meta":null}]}},{"path":"teraterm-5.3/TTXRecurringCommand.dll","filename":"TTXRecurringCommand.dll","modified":"","Modified":"2024-09-08T15:53:18+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":196096,"md5":"891d1e341bf5674da5e0658cdcac035d","sha1":"cd9d696a6d4a211103e7245a90be9fdc24c6e39f","sha256":"96f59a9e5d7fa954536e90da1f315ec1a50d8ea1f225c4b1a421654002f028b5","sha512":"c6942dbfce9fa0c2120b6645693d4776758c91ef490e8fed041f7f204abaadfde805f4c85d368f653bd15c3b3a3a4b350efe62e415610b133d669cb966b35500","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXRecurringCommand.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 1/72","trigger":"96f59a9e5d7fa954536e90da1f315ec1a50d8ea1f225c4b1a421654002f028b5","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/96f59a9e5d7fa954536e90da1f315ec1a50d8ea1f225c4b1a421654002f028b5","meta":null}]}},{"path":"teraterm-5.3/TTXResizeMenu.dll","filename":"TTXResizeMenu.dll","modified":"","Modified":"2024-09-08T15:57:13+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":195584,"md5":"fed27a3873c5deab3b79c564790b9471","sha1":"3094231fa3b5847575b52489d96bfa46323b16e2","sha256":"9ed6f5a18329520643b560edd83eaa374433d61c4e9830dc02c145e70d325abe","sha512":"5c08e5c20a8ca93982828f67825716008a0a51b6d0d92942a8124a0e444271175e04aa35ebf249eb56ba1092ca0cf7956a3d36a95955898766f81725a60350f2","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXResizeMenu.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-19","alert":"Scan result 1/73","trigger":"9ed6f5a18329520643b560edd83eaa374433d61c4e9830dc02c145e70d325abe","verdict":"suspicious","severity":"","comment":"suspicious - 1/73","link":"https://www.virustotal.com/gui/file/9ed6f5a18329520643b560edd83eaa374433d61c4e9830dc02c145e70d325abe","meta":null}]}},{"path":"teraterm-5.3/ttxssh.dll","filename":"ttxssh.dll","modified":"","Modified":"2024-09-08T15:50:51+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":2537472,"md5":"b9c67ed742ae1f03ad5e2db3fe484660","sha1":"82cc2fbec2955ecfbf0f411dffad91adeecd1d8b","sha256":"3a649d5fb8c99fd3c08c0ddf58c76acdae44347a3fcd125384c0795bea26e605","sha512":"bd801b3d063041b4e5e21a6c9a54fe3be34a0b41f10044af04ab7cca5f07dc09bb5e6136d1bc87355192ae11ec1d0bf701e465c9ea35f44d6b98410f72a28cdf","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"win_amadey_bytecodes_oct_2023","trigger":"teraterm-5.3/ttxssh.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"Matthew @ Embee_Research","date":"2023-10-15","desc":"Detects bytecodes present in Amadey Bot Samples","malpedia_family":"win.amadey","rule":"win_amadey_bytecodes_oct_2023","sha_256":"4165190e60ad5abd437c7768174b12748d391b8b97c874b5bdf8d025c5e17f43","yarahub_author_twitter":"@embee_research","yarahub_license":"CC BY-NC 4.0","yarahub_reference_md5":"2ba1411c46d529f2ae6a7c154d13f029","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"19e955f9-d125-41af-981b-09957a8abbc8"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-22","alert":"Scan result 1/73","trigger":"3a649d5fb8c99fd3c08c0ddf58c76acdae44347a3fcd125384c0795bea26e605","verdict":"suspicious","severity":"","comment":"suspicious - 1/73","link":"https://www.virustotal.com/gui/file/3a649d5fb8c99fd3c08c0ddf58c76acdae44347a3fcd125384c0795bea26e605","meta":null}]}},{"path":"teraterm-5.3/TTXttyplay.dll","filename":"TTXttyplay.dll","modified":"","Modified":"2024-09-08T15:55:56+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":198144,"md5":"8360a2de9c9cf8223a472fad705e1d5f","sha1":"571bf716e29f1cc9172f905ad3187350448c7706","sha256":"079a06019e708cb9b2f958ba8ef277157862237e26213c228bdb0d91bfb1ee78","sha512":"c2019487224ed8c251fbd9bf533cb418189597227dd4d3e53f9b6cefa0b5ec6929c04aed25e624e570d76ef4eaa75beb583f3cc803bd52ce25b83cc46f2de5fb","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXttyplay.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 3/73","trigger":"079a06019e708cb9b2f958ba8ef277157862237e26213c228bdb0d91bfb1ee78","verdict":"suspicious","severity":"","comment":"suspicious - 3/73","link":"https://www.virustotal.com/gui/file/079a06019e708cb9b2f958ba8ef277157862237e26213c228bdb0d91bfb1ee78","meta":null}]}},{"path":"teraterm-5.3/TTXttyrec.dll","filename":"TTXttyrec.dll","modified":"","Modified":"2024-09-08T15:56:34+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":186880,"md5":"21f694cf476669de86185ca26178d09f","sha1":"4d790b25d7fdd438b312978442387820c425f44b","sha256":"12bde482a8efa2fbb101da8656404990cb51da12ba4f93b31c7cab4294d4c90f","sha512":"3fd6aba29b79e4b95d4ba5bbe8231c02059fb1c1897f0d1a67380a94f8d3e3160a2a81161f5c9cfdb93fda948d2f89427e78c35bd4abebc8886217f9eaafe85d","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXttyrec.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 3/73","trigger":"12bde482a8efa2fbb101da8656404990cb51da12ba4f93b31c7cab4294d4c90f","verdict":"suspicious","severity":"","comment":"suspicious - 3/73","link":"https://www.virustotal.com/gui/file/12bde482a8efa2fbb101da8656404990cb51da12ba4f93b31c7cab4294d4c90f","meta":null}]}},{"path":"teraterm-5.3/TTXViewMode.dll","filename":"TTXViewMode.dll","modified":"","Modified":"2024-09-08T15:55:16+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":193024,"md5":"979cc8b38bddb49e37d7ea7c0c33ae70","sha1":"e57d41b2d9f26b5381d7aa5dc597c50027ffa075","sha256":"2038d985f4eb4221396028b8105a74119f0dd9303df0442ce920d7033da60f40","sha512":"bbb2cee64cdfe9c5672a303f381d313a9b87de9fc5677609d3e109ea5eeeb7433bceb2e1616b3ef626c9b00e9c72c937451d25341983be2c4edd9f3f511a1924","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXViewMode.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-24","alert":"Scan result 1/73","trigger":"2038d985f4eb4221396028b8105a74119f0dd9303df0442ce920d7033da60f40","verdict":"suspicious","severity":"","comment":"suspicious - 1/73","link":"https://www.virustotal.com/gui/file/2038d985f4eb4221396028b8105a74119f0dd9303df0442ce920d7033da60f40","meta":null}]}},{"path":"teraterm-5.3/VT200.CNF","filename":"VT200.CNF","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"Generic INItialization configuration [VT numeric keypad]","size":2844,"md5":"fa63a351499c6b58e4f1a2008a9c43b8","sha1":"f8d8f7c57ffb275c7bac8203d3404dafc3c0976c","sha256":"35ac7aca21b8e8af919034019ebea66a46c001d53db3d7e653e0bfa7a5a9da29","sha512":"91776b2404b190c3697ef38bd6c42c0dd03c82f1abe31a4ed06377e4d44e83b67067ccdda7bdade3177bbd6442e576e12fcf35b932dcb9a4d90aec623d79cd58","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/wait_regex.ttl","filename":"wait_regex.ttl","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"ASCII text, with CRLF line terminators","size":734,"md5":"6dfd654ceeada220a0fea3611725a015","sha1":"03d9e864c7aeb1fe7eaee9749a5686288a0dc30c","sha256":"64d40d7a28710bd0866b757abc5487bd2f291513f21fd7895e789315a1872c8b","sha512":"d967d4b2fb52cfb3e573e6ba24f68c36c8288735db61c37bd91005b4505da23023ba33073b2f7e9074c367ea3dd700fa853718586727d79af9c423ecae64d5c7","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/winscp.ttl","filename":"winscp.ttl","modified":"","Modified":"2024-09-08T15:41:02+09:00","magic":"Generic INItialization configuration [2]","size":262,"md5":"d3a22fd35d2bac52727a6d06ea757d31","sha1":"34b437e09f47ca1ee801165a4946d04cc1cd3b7a","sha256":"7893cc57995339d6ffc16d1673a70eda2b816275919d9aa3a176ab5685b4e367","sha512":"ca52765560b99063dc9463b6311fce934b4342c3b8d990445798327fbc2984c18b828096e19f9fbe5ece94326500b8e6058c89bd493b701ead70b4d8da3ddb09","alerts":{"urlquery":null,"analyzer":null}},{"path":"teraterm-5.3/_TTXFixedWinSize.dll","filename":"_TTXFixedWinSize.dll","modified":"","Modified":"2024-09-08T15:56:35+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":84992,"md5":"841e3c2cfcb3f290f186dc1275aa70d1","sha1":"c3c8fba1b03bae542f45b73d384601f72d1d6bc0","sha256":"726dc4d467d76a3cf677579726d99922f14312ae27744a9264b014b5cd9dbb07","sha512":"17eb2f8850c861e0269b16c34db660f29fd3e2701d59643fec3149e60d036ddbd47028a736e45a65f4a6f4c34f0c8ae122221325297ffc9ed03faf91ee2da575","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/_TTXFixedWinSize.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 4/73","trigger":"726dc4d467d76a3cf677579726d99922f14312ae27744a9264b014b5cd9dbb07","verdict":"suspicious","severity":"","comment":"suspicious - 4/73","link":"https://www.virustotal.com/gui/file/726dc4d467d76a3cf677579726d99922f14312ae27744a9264b014b5cd9dbb07","meta":null}]}},{"path":"teraterm-5.3/_TTXOutputBuffering.dll","filename":"_TTXOutputBuffering.dll","modified":"","Modified":"2024-09-08T15:52:38+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":85504,"md5":"c823f98189a9e856027b2123068cbfe8","sha1":"be712387a7a26947357cc4e7c1687a1c6848c7e9","sha256":"ba14e140858619f5e4b198a49f4a247c2a64816035d7add3cdbe1afa0dd4a330","sha512":"14e10fc4023cd96d348e5a571df90c42107195e06f19957095f505fb3f2f62c60a3e981ed65b1f2e2251bf573deb9b7978691b7a03c5a99731235fe3a0af6554","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/_TTXOutputBuffering.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 4/73","trigger":"ba14e140858619f5e4b198a49f4a247c2a64816035d7add3cdbe1afa0dd4a330","verdict":"suspicious","severity":"","comment":"suspicious - 4/73","link":"https://www.virustotal.com/gui/file/ba14e140858619f5e4b198a49f4a247c2a64816035d7add3cdbe1afa0dd4a330","meta":null}]}},{"path":"teraterm-5.3/_TTXResizeWin.dll","filename":"_TTXResizeWin.dll","modified":"","Modified":"2024-09-08T15:57:14+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":84992,"md5":"c9e87e665b7fb2f2c3f5db8de25a9c75","sha1":"1e23db62cf9270c91727646b588fe07b8227f98e","sha256":"befe1fb40ba632f473d5991feb9c1a6fd4859cbebb364b23e24587128b87380c","sha512":"489b56c0c5639a653074e1c45db5245fb0b9270079c6910801a4316cf8ac7e6251f3528bd3bc31713c6d6b2a76850c86e7c8b163dbc0c594ca968bbb8c1c72b8","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/_TTXResizeWin.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 4/73","trigger":"befe1fb40ba632f473d5991feb9c1a6fd4859cbebb364b23e24587128b87380c","verdict":"suspicious","severity":"","comment":"suspicious - 4/73","link":"https://www.virustotal.com/gui/file/befe1fb40ba632f473d5991feb9c1a6fd4859cbebb364b23e24587128b87380c","meta":null}]}},{"path":"teraterm-5.3/_TTXShowCommandLine.dll","filename":"_TTXShowCommandLine.dll","modified":"","Modified":"2024-09-08T15:53:17+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":84480,"md5":"dccd0e4df5fa3c993d411eb2cbe9e33b","sha1":"f9b635beb86a082e17261255372bae8b63edf9c3","sha256":"94d3dca6dace3f6ad53e5703a3fe95cda5da9c06a9d5942083e61e6eb054dcf4","sha512":"30a3f68b64a5ccd1fac835f5afb5a2296f820879d5475caa25d645663cf4f1028f2facafa493418e7838eebdc1ed9af705e3cc7aabefcb06068788073cc651b5","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/_TTXShowCommandLine.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-23","alert":"Scan result 4/73","trigger":"94d3dca6dace3f6ad53e5703a3fe95cda5da9c06a9d5942083e61e6eb054dcf4","verdict":"suspicious","severity":"","comment":"suspicious - 4/73","link":"https://www.virustotal.com/gui/file/94d3dca6dace3f6ad53e5703a3fe95cda5da9c06a9d5942083e61e6eb054dcf4","meta":null}]}},{"path":"teraterm-5.3/_TTXtest.dll","filename":"_TTXtest.dll","modified":"","Modified":"2024-09-08T15:55:55+09:00","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections","size":113664,"md5":"82eacaf0a6e15eeaaa7e3f01ecd9eb3a","sha1":"52b3e4c100f75475d9e0d53483afe84560da872f","sha256":"236c8b454b85a203ff00ed22ea2d77f7bef21ed4ab3dcb162c257d5c9ca5f598","sha512":"ffe9b7e2370379f3aba9e05c84bddae78a1b5972e400294ab134f287dd9ae0e98ff5ff3f6314a78a8ae9e387f3ee8f553d37e628750dac7b7bcf6ea63d401429","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/_TTXtest.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-22","alert":"Scan result 5/72","trigger":"236c8b454b85a203ff00ed22ea2d77f7bef21ed4ab3dcb162c257d5c9ca5f598","verdict":"suspicious","severity":"","comment":"suspicious - 5/72","link":"https://www.virustotal.com/gui/file/236c8b454b85a203ff00ed22ea2d77f7bef21ed4ab3dcb162c257d5c9ca5f598","meta":null}]}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/cyglaunch.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/keycode.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/ttpcmn.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXAdditionalTitle.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXAlwaysOnTop.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXCallSysMenu.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXCheckUpdate.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXCommandLineOpt.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXCopyIniFile.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/ttxkanjimenu.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXKcodeChange.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXProxy.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXRecurringCommand.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXResizeMenu.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"win_amadey_bytecodes_oct_2023","trigger":"teraterm-5.3/ttxssh.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"Matthew @ Embee_Research","date":"2023-10-15","desc":"Detects bytecodes present in Amadey Bot Samples","malpedia_family":"win.amadey","rule":"win_amadey_bytecodes_oct_2023","sha_256":"4165190e60ad5abd437c7768174b12748d391b8b97c874b5bdf8d025c5e17f43","yarahub_author_twitter":"@embee_research","yarahub_license":"CC BY-NC 4.0","yarahub_reference_md5":"2ba1411c46d529f2ae6a7c154d13f029","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"19e955f9-d125-41af-981b-09957a8abbc8"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXttyplay.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXttyrec.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/TTXViewMode.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/_TTXFixedWinSize.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/_TTXOutputBuffering.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/_TTXResizeWin.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/_TTXShowCommandLine.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-09-25","alert":"files - file ~tmp01925d3f.exe","trigger":"teraterm-5.3/_TTXtest.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"The DFIR Report","date":"2021-02-22","description":"files - file ~tmp01925d3f.exe","hash1":"10ff83629d727df428af1f57c524e1eaddeefd608c5a317a5bfc13e2df87fb63","reference":"https://thedfirreport.com","rule":"cobalt_strike_tmp01925d3f","score":"80","yarahub_license":"CC0 1.0","yarahub_reference_md5":"1c6ba04dc9808084846ac1005deb9c85","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58ae3b15-154e-47e9-a24c-c8b885a4cd55"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-24","alert":"Scan result 2/65","trigger":"edda2af5f0f5f4bddfd75eceaf77c0f2252da70b8ba3b4fdfde9a67b2cc5e95a","verdict":"suspicious","severity":"","comment":"suspicious - 2/65","link":"https://www.virustotal.com/gui/file/edda2af5f0f5f4bddfd75eceaf77c0f2252da70b8ba3b4fdfde9a67b2cc5e95a","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-09-25T03:15:17.214377771Z","timestamp":1727234117214,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"D498F9EFC3307515C07F69FE4E630319E60C13D37700B7F35297C9B8D442B690\"\r\nLast-Modified: Sun, 22 Sep 2024 14:37:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=2815\r\nExpires: Wed, 25 Sep 2024 04:02:12 GMT\r\nDate: Wed, 25 Sep 2024 03:15:17 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"c6c7d535128f9eb2ec6dcd3d7d62919a","sha1":"5aaa50926b462ccfc32d84db180a9af68e4d6b46","sha256":"d498f9efc3307515c07f69fe4e630319e60c13d37700b7f35297c9b8d442b690","sha512":"ae7374193c5acf0b2a5b862d3cea928aae55867b0a1361bb1cb0217d4f2206a94fe0021a2b6729e1cf6bd4e831445518efc31f876cfe254e304efb1f6a2f7011","ssdeep":"","tlshash":"04f005f416dab904efe40e173bb0d5341d1329fc393594e792a4c0dd251439503e404d","first_seen":"2024-09-22T20:47:43Z","last_seen":"2024-09-28T08:29:23.83778Z","times_seen":20173,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"github.com/TeraTermProject/teraterm/releases/download/v5.3/teraterm-5.3.zip","fqdn":"github.com","domain":"github.com","tld":"com"},"ip":{"addr":"140.82.121.4","port":443,"asn":36459,"as":"GITHUB","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-25T03:15:17.386Z","timestamp":1727234117386,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"github.com","organization":""},"issuer":{"commonName":"Sectigo ECC Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Thu, 07 Mar 2024 00:00:00 GMT","end":"Fri, 07 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"E7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0","sha256":"FD:6E:9B:0E:F3:98:BC:D9:04:C3:B2:EC:16:7A:7B:0F:DA:72:01:C9:03:C5:3A:6A:6A:E5:D0:41:43:63:EF:65"}}},"request":{"raw":"GET /TeraTermProject/teraterm/releases/download/v5.3/teraterm-5.3.zip HTTP/1.1\r\nHost: github.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: GitHub.com\r\ndate: Wed, 25 Sep 2024 03:15:17 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With\r\nlocation: https://objects.githubusercontent.com/github-production-release-asset-2e65be/710363878/8f237aff-d9ae-4d6e-827c-ca693f797c86?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Credential=releaseassetproduction%2F20240925%2Fus-east-1%2Fs3%2Faws4_request\u0026X-Amz-Date=20240925T031517Z\u0026X-Amz-Expires=300\u0026X-Amz-Signature=819d17bd70bc6ecfc6fb9b8022951ac97ddcc4fd0cd9d4b6e79727b4e1cc62ea\u0026X-Amz-SignedHeaders=host\u0026response-content-disposition=attachment%3B%20filename%3Dteraterm-5.3.zip\u0026response-content-type=application%2Foctet-stream\r\ncache-control: no-cache\r\nstrict-transport-security: max-age=31536000; includeSubdomains; preload\r\nx-frame-options: deny\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/\r\ncontent-length: 0\r\nx-github-request-id: D1E1:10D32D:2ABAFE1:2B9506D:66F38045\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T21:31:01.969645Z","times_seen":13304312,"resource_available":true,"data":null}},"time_used":253,"timings":{"blocked":39,"dns":0,"connect":19,"send":0,"wait":149,"receive":1,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"objects.githubusercontent.com/github-production-release-asset-2e65be/710363878/8f237aff-d9ae-4d6e-827c-ca693f797c86?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Credential=releaseassetproduction%2F20240925%2Fus-east-1%2Fs3%2Faws4_request\u0026X-Amz-Date=20240925T031517Z\u0026X-Amz-Expires=300\u0026X-Amz-Signature=819d17bd70bc6ecfc6fb9b8022951ac97ddcc4fd0cd9d4b6e79727b4e1cc62ea\u0026X-Amz-SignedHeaders=host\u0026response-content-disposition=attachment%3B%20filename%3Dteraterm-5.3.zip\u0026response-content-type=application%2Foctet-stream","fqdn":"objects.githubusercontent.com","domain":"objects.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.111.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-09-25T03:15:17.587Z","timestamp":1727234117587,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":"GitHub, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 Mar 2024 00:00:00 GMT","end":"Fri, 14 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28","sha256":"09:01:0C:CE:9B:72:21:55:C7:E6:86:B0:77:39:D3:D2:DC:06:05:DE:A1:A4:98:4A:0B:96:5E:18:77:77:26:B5"}}},"request":{"raw":"GET /github-production-release-asset-2e65be/710363878/8f237aff-d9ae-4d6e-827c-ca693f797c86?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Credential=releaseassetproduction%2F20240925%2Fus-east-1%2Fs3%2Faws4_request\u0026X-Amz-Date=20240925T031517Z\u0026X-Amz-Expires=300\u0026X-Amz-Signature=819d17bd70bc6ecfc6fb9b8022951ac97ddcc4fd0cd9d4b6e79727b4e1cc62ea\u0026X-Amz-SignedHeaders=host\u0026response-content-disposition=attachment%3B%20filename%3Dteraterm-5.3.zip\u0026response-content-type=application%2Foctet-stream HTTP/1.1\r\nHost: objects.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/octet-stream\r\nlast-modified: Sun, 08 Sep 2024 07:05:55 GMT\r\netag: \"0x8DCCFD4AEC7297B\"\r\nserver: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0\r\nx-ms-request-id: ec4bef7f-b01e-0072-32bd-01e61a000000\r\nx-ms-version: 2020-10-02\r\nx-ms-creation-time: Sun, 08 Sep 2024 07:05:55 GMT\r\nx-ms-lease-status: unlocked\r\nx-ms-lease-state: available\r\nx-ms-blob-type: BlockBlob\r\ncontent-disposition: attachment; filename=teraterm-5.3.zip\r\nx-ms-server-encrypted: true\r\nvia: 1.1 varnish, 1.1 varnish\r\nfastly-restarts: 1\r\naccept-ranges: bytes\r\nage: 3671\r\ndate: Wed, 25 Sep 2024 03:15:18 GMT\r\nx-served-by: cache-iad-kcgs7200166-IAD, cache-hel1410025-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 2271, 0\r\nx-timer: S1727234118.672533,VS0,VE97\r\ncontent-length: 14049776\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14049776,"size_decoded":14049776,"mime_type":"application/octet-stream","magic":"Zip archive data, at least v2.0 to extract, compression method=store","md5":"0a962a8007ef8d96abf5fcc6e037c444","sha1":"f49c341936880cccd126469392e5cc3d5c92b52b","sha256":"edda2af5f0f5f4bddfd75eceaf77c0f2252da70b8ba3b4fdfde9a67b2cc5e95a","sha512":"1f2838888465d391ff71d54908061e6db77734fb2e26bbf994bde0d9c5c185fef4c14e024f2976772341d8fad3c9795b7be966770abf637230916d35aec78fa7","ssdeep":"393216:S0A3qBmYcUBaRv5Olgtbv3RM/3y8dlcrJEWmCn3gGCebc7:STDRElqRM/3y8HcrQrebc7","tlshash":"12e633795cfd09e6e3af6b304b5aee01678dd355714268d16f04cb296e7af0090bac23","first_seen":"2024-09-16T18:33:11Z","last_seen":"2024-11-08T15:26:21.620462Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3753,"timings":{"blocked":66,"dns":0,"connect":26,"send":0,"wait":523,"receive":3098,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-24","alert":"Scan result 2/65","trigger":"edda2af5f0f5f4bddfd75eceaf77c0f2252da70b8ba3b4fdfde9a67b2cc5e95a","verdict":"suspicious","severity":"","comment":"suspicious - 2/65","link":"https://www.virustotal.com/gui/file/edda2af5f0f5f4bddfd75eceaf77c0f2252da70b8ba3b4fdfde9a67b2cc5e95a","meta":null}],"urlquery":null}}]}