Report - s3.amazonaws.com/ec2-windows-drivers-downloads/NVMe/Latest/AWSNVMe.zip

Report Overview

Submitted URL
s3.amazonaws.com/ec2-windows-drivers-downloads/NVMe/Latest/AWSNVMe.zip
IP
52.217.95.200
ASN
#16509 AMAZON-02
Submitted
2024-04-23 15:13:16
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s3.amazonaws.com	unknown	2005-08-18	2020-05-13	2024-03-23	524 B	697 kB	52.217.171.136

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

Files detected

URL
s3.amazonaws.com/ec2-windows-drivers-downloads/NVMe/Latest/AWSNVMe.zip
IP
52.217.171.136
ASN
#16509 AMAZON-02

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
697 kB (696936 bytes)
Hash
f3b3215144af5cb89fe51b3e4e97c688
3c935dd1a0eda2e58d930c8eec3fd89c2f43a9f8
09e630948fdb4bc6cbf0116c1b2d0dcfd814cd252371d2c11827cf46428bf009

Archive (10)

Filename

Md5

File type

awsnvme.cat

867471b5bb6d6ed1c1fcc6bebbb63c47

DER Encoded PKCS#7 Signed Data

Readme.txt

f6599e001daa1f02351f3db8fa51c4c4

ASCII text

dpinst.exe

716279b85decc6bdc475765b7d1c9068

PE32+ executable (GUI) x86-64, for MS Windows, 5 sections

install.ps1

8fc45e2c581726c8d314a2a454b0393b

ASCII text, with CRLF, LF line terminators

license.txt

c66e2aafb313b1de4ebddd5b39795abb

Unicode text, UTF-8 text, with very long lines (872)

AWSNVMe.inf

5b78a4dd337947611b61f99c36c56719

Windows setup INFormation

AWSNVMe100.sys

9279f740d19be43eca3ff7f1e355b7ee

PE32+ executable (native) x86-64, for MS Windows, 8 sections

AWSNVMe62.sys

038183ffd163a0297c5148afe4d5f601

PE32+ executable (native) x86-64, for MS Windows, 8 sections

AWSNVMe63.sys

7720bec8962c67178eb318951f2ae514

PE32+ executable (native) x86-64, for MS Windows, 8 sections

ebsnvme-id.exe

9ae46d968f007e12870657548159e313

PE32+ executable (console) x86-64, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	s3.amazonaws.com/ec2-windows-drivers-downloads/NVMe/Latest/AWSNVMe.zip	52.217.171.136	200 OK	697 kB
URL User Request GET HTTP/1.1 s3.amazonaws.com/ec2-windows-drivers-downloads/NVMe/Latest/AWSNVMe.zip IP 52.217.171.136:443 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subjects3.amazonaws.com Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 697 kB (696936 bytes) Hash f3b3215144af5cb89fe51b3e4e97c688 3c935dd1a0eda2e58d930c8eec3fd89c2f43a9f8 09e630948fdb4bc6cbf0116c1b2d0dcfd814cd252371d2c11827cf46428bf009 HTTP Headers GET /ec2-windows-drivers-downloads/NVMe/Latest/AWSNVMe.zip HTTP/1.1 Host: s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK x-amz-id-2: 5bbxHcvxesQrLPQvji75pwzSbTAZoPYr5vMCrWAQ/PuffvTi6C/Rfv5fQLfK8Lr41HgOjODu49o= x-amz-request-id: 46VNCHF3SGJ6V8AE Date: Tue, 23 Apr 2024 15:12:51 GMT Last-Modified: Fri, 29 Dec 2023 17:08:27 GMT ETag: "f3b3215144af5cb89fe51b3e4e97c688" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: binary/octet-stream Server: AmazonS3 Content-Length: 696936`

s3.amazonaws.com/ec2-windows-drivers-downloads/NVMe/Latest/AWSNVMe.zip

52.217.171.136

200 OK

697 kB

URL User Request GET HTTP/1.1
s3.amazonaws.com/ec2-windows-drivers-downloads/NVMe/Latest/AWSNVMe.zip
IP
52.217.171.136:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
697 kB (696936 bytes)
Hash
f3b3215144af5cb89fe51b3e4e97c688
3c935dd1a0eda2e58d930c8eec3fd89c2f43a9f8
09e630948fdb4bc6cbf0116c1b2d0dcfd814cd252371d2c11827cf46428bf009

HTTP Headers

GET /ec2-windows-drivers-downloads/NVMe/Latest/AWSNVMe.zip HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 5bbxHcvxesQrLPQvji75pwzSbTAZoPYr5vMCrWAQ/PuffvTi6C/Rfv5fQLfK8Lr41HgOjODu49o=
x-amz-request-id: 46VNCHF3SGJ6V8AE
Date: Tue, 23 Apr 2024 15:12:51 GMT
Last-Modified: Fri, 29 Dec 2023 17:08:27 GMT
ETag: "f3b3215144af5cb89fe51b3e4e97c688"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Server: AmazonS3
Content-Length: 696936

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (10)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers