Report - github.com/ventoy/Ventoy/releases/download/v1.0.97/ventoy-1.0.97-windows.zip

Report Overview

Submitted URL
github.com/ventoy/Ventoy/releases/download/v1.0.97/ventoy-1.0.97-windows.zip
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-04-18 21:52:09
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
9

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-03-24	530 B	4.0 kB	140.82.121.3
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2024-04-18	1.0 kB	17 MB	185.199.108.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/246335987/a587af9a-7563-4d03-98cf-0b5fa44421d0?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240418%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240418T215140Z&X-Amz-Expires=300&X-Amz-Signature=65a337ec7e8bc63716eca6f7b50b44dc5db5a2541c57d8fe49026554cf63e036&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=246335987&response-content-disposition=attachment%3B%20filename%3Dventoy-1.0.97-windows.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
17 MB (16707752 bytes)
Hash
fcf3b2071eaf825690081d6538500fcd
4f2e544b0d0f7552a25ecb28f4be418673604ca9
44fb53f26872c6304e1cb3d47b65d0613665666100c48deeee4cd87901fb500f

Archive (45)

Filename

Md5

File type

FOR_X64_ARM.txt

94998e1249f884640f91dbdf91fe45c9

Unicode text, UTF-8 text

Ventoy2Disk_ARM.exe

7dbf0eb7a2c5ef088951ddf215eec1c9

PE32 executable (GUI) ARMv7 Thumb, for MS Windows, 6 sections

Ventoy2Disk_X64.exe

a58b82d238c6abac8fe55f14b6011d90

PE32+ executable (GUI) x86-64, for MS Windows, 7 sections

VentoyPlugson_X64.exe

b12066183b66c7238a5cdf916dcbf58e

PE32+ executable (GUI) x86-64, for MS Windows, 7 sections

Ventoy2Disk_ARM64.exe

01b0539efb3f9b097b189b54d21511aa

PE32+ executable (GUI) Aarch64, for MS Windows, 6 sections

VentoyPlugson.exe

38f18ebb5b81b4481b732f68d2b9fe90

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

VentoyVlnk.exe

8e84aa749ac62d5dceb600cec8d86c96

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

core.img.xz

1c4f4d7f6c11b17767dc6d7ce97da02d

XZ compressed data, checksum CRC32

boot.img

95e64c9ef446b211c5060961dee46a6d

DOS/MBR boot sector

ventoy.disk.img.xz

0886b1f95bb7a14cfee6bfc4ba7ecfd3

XZ compressed data, checksum CRC32

plugson.tar.xz

2e2ce5c6bdc65ae670cd3ed6cda363b9

XZ compressed data, checksum CRC32

languages.json

8eca6cef3539251c4ba240c816fa12d6

JSON text data

version

2fe12dcfe16afc9d24ec2063709bf686

ASCII text

ventoy_4k.disk.img.xz

528335631e9a728352498bfbe4d804e4

XZ compressed data, checksum CRC32

terminal_box_s.png

e9d31235fc9a340e011504aa0089e45c

PNG image data, 64 x 16, 8-bit/color RGBA, non-interlaced

terminal_box_sw.png

d3ea83db1f97b7c2925ac1f71fe9d005

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

vtoyiso.png

a59484cd7ac471f710c1516dbde0a069

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

red-hat.png

43bfedc2ba25a0b88afc593f77f9a2cb

PNG image data, 42 x 32, 8-bit/color RGBA, non-interlaced

ubuntu.png

06254c11cd10717004d7e2e11231ba95

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

deepin.png

a3dd1806a6cbf073a8b2b69a7e79264e

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

background.png

8b34b7f3f638f41b371b64bebe1eab12

PNG image data, 1024 x 768, 8-bit/color RGBA, non-interlaced

menu_n.png

30b99aad83160bd8dd454a77d7dce320

PNG image data, 4 x 30, 8-bit/color RGBA, non-interlaced

terminal_box_nw.png

59f35a9c57ae1e07da9c5ed5b4f1541f

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

theme.txt

105fcdf7662f30a65f0b80a0d295c764

ASCII text

slider_s.png

331a0ff0e59b6c07f4c8cce6fe40a4eb

PNG image data, 20 x 8, 8-bit/color RGBA, non-interlaced

slider_c.png

78f3cf1f0a89c23ce77f88bd5766ef8b

PNG image data, 20 x 4, 8-bit/color RGBA, non-interlaced

menu_sw.png

b006d2411337a639cbeac256aa57c946

PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced

menu_e.png

60fd48b0d579f8cb33ce546a1369a3ab

PNG image data, 30 x 4, 8-bit/color RGBA, non-interlaced

terminal_box_c.png

3d8e1449a7635dea68854f0446d5dcbd

PNG image data, 64 x 34, 8-bit/color RGBA, non-interlaced

menu_s.png

2b7e4741bc7acf18181a6ec03a1d8a5f

PNG image data, 4 x 30, 8-bit/color RGBA, non-interlaced

terminal_box_ne.png

89ccc6f15794df7ea4e7fb33e307cd3e

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

menu_se.png

b006d2411337a639cbeac256aa57c946

PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced

terminal_box_e.png

973d079cb276bf0186ad944b1cc49832

PNG image data, 16 x 34, 8-bit/color RGBA, non-interlaced

select_c.png

ccf38080aa59a45a428b87fa118517f2

PNG image data, 638 x 36, 8-bit/color RGBA, non-interlaced

slider_n.png

4c866b14c5797eb57d95979369769324

PNG image data, 20 x 8, 8-bit/color RGBA, non-interlaced

terminal_box_n.png

20df2580f580222fd599f0c0b239c4de

PNG image data, 64 x 16, 8-bit/color RGBA, non-interlaced

menu_nw.png

5f986d2a559c125c7f5ad53cb8ae1ffb

PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced

terminal_box_w.png

949a1c2efa81f796c06980aa5fe57eed

PNG image data, 16 x 34, 8-bit/color RGBA, non-interlaced

terminal_box_se.png

f8ecc6c3f34b5bfd4dcd033e20d11f8a

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

menu_ne.png

5f986d2a559c125c7f5ad53cb8ae1ffb

PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced

menu_c.png

254f25b6899730c5e538de43e095073f

PNG image data, 4 x 4, 8-bit/color RGBA, non-interlaced

menu_w.png

60fd48b0d579f8cb33ce546a1369a3ab

PNG image data, 30 x 4, 8-bit/color RGBA, non-interlaced

ventoy_grub.cfg

bec7c7b9bb1e31b7d7d0b43de4dc77b1

ASCII text, with CRLF line terminators

ventoy.json

3484f707a36c7927f0671eb213580ac0

JSON text data

Ventoy2Disk.exe

f8d95eb8c84c6de968a90496256180b1

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	suspicious	VirusTotal - Scan result 1/66

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

github.com/ventoy/Ventoy/releases/download/v1.0.97/ventoy-1.0.97-windows.zip

140.82.121.3

302 Found

0 B

URL User Request GET HTTP/2
github.com/ventoy/Ventoy/releases/download/v1.0.97/ventoy-1.0.97-windows.zip
IP
140.82.121.3:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ventoy/Ventoy/releases/download/v1.0.97/ventoy-1.0.97-windows.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Thu, 18 Apr 2024 21:51:40 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/246335987/a587af9a-7563-4d03-98cf-0b5fa44421d0?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240418%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240418T215140Z&X-Amz-Expires=300&X-Amz-Signature=65a337ec7e8bc63716eca6f7b50b44dc5db5a2541c57d8fe49026554cf63e036&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=246335987&response-content-disposition=attachment%3B%20filename%3Dventoy-1.0.97-windows.zip&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: E554:20F26:2227B90D:226F81D1:662195EC
X-Firefox-Spdy: h2

objects.githubusercontent.com/github-production-release-asset-2e65be/246335987/a587af9a-7563-4d03-98cf-0b5fa44421d0?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240418%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240418T215140Z&X-Amz-Expires=300&X-Amz-Signature=65a337ec7e8bc63716eca6f7b50b44dc5db5a2541c57d8fe49026554cf63e036&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=246335987&response-content-disposition=attachment%3B%20filename%3Dventoy-1.0.97-windows.zip&response-content-type=application%2Foctet-stream

185.199.108.133

200 OK

17 MB

URL User Request GET HTTP/2
objects.githubusercontent.com/github-production-release-asset-2e65be/246335987/a587af9a-7563-4d03-98cf-0b5fa44421d0?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240418%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240418T215140Z&X-Amz-Expires=300&X-Amz-Signature=65a337ec7e8bc63716eca6f7b50b44dc5db5a2541c57d8fe49026554cf63e036&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=246335987&response-content-disposition=attachment%3B%20filename%3Dventoy-1.0.97-windows.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
17 MB (16707752 bytes)
Hash
fcf3b2071eaf825690081d6538500fcd
4f2e544b0d0f7552a25ecb28f4be418673604ca9
44fb53f26872c6304e1cb3d47b65d0613665666100c48deeee4cd87901fb500f

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/66

HTTP Headers

GET /github-production-release-asset-2e65be/246335987/a587af9a-7563-4d03-98cf-0b5fa44421d0?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240418%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240418T215140Z&X-Amz-Expires=300&X-Amz-Signature=65a337ec7e8bc63716eca6f7b50b44dc5db5a2541c57d8fe49026554cf63e036&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=246335987&response-content-disposition=attachment%3B%20filename%3Dventoy-1.0.97-windows.zip&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-md5: /POyBx6vglaQCB1lOFAPzQ==
last-modified: Wed, 24 Jan 2024 07:03:46 GMT
etag: "0x8DC1CAA9BBF1531"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f776ed3f-901e-0028-8073-6880fd000000
x-ms-version: 2020-10-02
x-ms-creation-time: Wed, 24 Jan 2024 07:03:46 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=ventoy-1.0.97-windows.zip
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 0
date: Thu, 18 Apr 2024 21:51:41 GMT
x-served-by: cache-iad-kiad7000046-IAD, cache-hel1410023-HEL
x-cache: HIT, MISS
x-cache-hits: 2990, 0
x-timer: S1713477101.587652,VS0,VE500
content-length: 16707752
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (45)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers