Report Overview
Submitted URL
github.com/Ken5998/OpenCore-VMware-Workstation-AMD/releases/download/0.6.9/EFI.zip
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-03-29 09:02:13
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
github.com | 1423 | 2007-10-09 | 2016-07-13 | 2024-03-24 | 536 B | 3.9 kB | 140.82.121.3 |
objects.githubusercontent.com | 134060 | 2014-02-06 | 2021-11-01 | 2024-03-29 | 986 B | 1.2 MB | 185.199.108.133 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
objects.githubusercontent.com/github-production-release-asset-2e65be/319084287/ac75ee00-b989-11eb-8151-29db6e34d831?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240329%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240329T090146Z&X-Amz-Expires=300&X-Amz-Signature=13844d08f59cbe598de11cffb5af0bac7e445ded3cd7973085f06d191721e971&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=319084287&response-content-disposition=attachment%3B%20filename%3DEFI.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133
ASN
#54113 FASTLY
File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
1.2 MB (1193489 bytes)
Hash
f5cf9aae966ae140f439c3ade87df0ac
f8cc871904a7ef6f70605dd87bd073bc0669d834
Archive (67)
Filename | Md5 | File type | |||
---|---|---|---|---|---|
._BOOT | d056a1a7ba65ec26bbcd0e85b142cd70 | AppleDouble encoded Macintosh file | |||
BOOTx64.efi | 681157df6c58bafdc592acab79406de0 | PE32+ executable (EFI application) x86-64 (stripped to external PDB), for MS Windows, 4 sections | |||
._BOOTx64.efi | 372face0f486117fb794b3252e372691 | AppleDouble encoded Macintosh file | |||
._OC | 92baa108222c0dc2a300466209d4bc3e | AppleDouble encoded Macintosh file | |||
._ACPI | d056a1a7ba65ec26bbcd0e85b142cd70 | AppleDouble encoded Macintosh file | |||
._Tools | d056a1a7ba65ec26bbcd0e85b142cd70 | AppleDouble encoded Macintosh file | |||
.DS_Store | be3843a3d7690a447087d98b42ccacfb | Apple Desktop Services Store | |||
._.DS_Store | b9a94cc8f4aac450fb21641eaf065c6d | AppleDouble encoded Macintosh file | |||
._Drivers | d056a1a7ba65ec26bbcd0e85b142cd70 | AppleDouble encoded Macintosh file | |||
._Kexts | d056a1a7ba65ec26bbcd0e85b142cd70 | AppleDouble encoded Macintosh file | |||
._Resources | d056a1a7ba65ec26bbcd0e85b142cd70 | AppleDouble encoded Macintosh file | |||
OpenCore.efi | 5b8545e031bd9341f7bc20fe313cc390 | PE32+ executable (EFI application) x86-64 (stripped to external PDB), for MS Windows, 4 sections | |||
._OpenCore.efi | 372face0f486117fb794b3252e372691 | AppleDouble encoded Macintosh file | |||
config.plist | 92fc50c7229010172b9e016e956ed3fb | XML 1.0 document, ASCII text | |||
._config.plist | 8810fe47dcb29a662ebbef5ef1f7612a | AppleDouble encoded Macintosh file | |||
SSDT-EHCI.aml | eef33dda615e2c6e44c2c72fe8307056 | ACPI Machine Language file 'SSDT' QEMUUSB 0 by KGP, revision 1, 163 bytes, created by INTL 20190509 | |||
._SSDT-EHCI.aml | 73184317b9e9d805641b870763edd0d5 | AppleDouble encoded Macintosh file | |||
SSDT-EC.aml | aa509ca60ef391c9c3685b508c297b77 | ACPI Machine Language file 'SSDT' SsdtEC 1000 by ACDT, revision 2, 267 bytes, created by INTL 20190509 | |||
._SSDT-EC.aml | 73184317b9e9d805641b870763edd0d5 | AppleDouble encoded Macintosh file | |||
.DS_Store | a4428dc5e76ea9c12f66a8899671313a | Apple Desktop Services Store | |||
._.DS_Store | b9a94cc8f4aac450fb21641eaf065c6d | AppleDouble encoded Macintosh file | |||
SSDT-DTGP.aml | 056f08ebab9051f9e90d55e0ccb0ffe6 | ACPI Machine Language file 'SSDT' DTPG 1000 by KGP, revision 2, 100 bytes, created by INTL 20190509 | |||
._SSDT-DTGP.aml | 73184317b9e9d805641b870763edd0d5 | AppleDouble encoded Macintosh file | |||
FixShutdown-USB-SSDT.aml | 1df901c2c7171b71c3d813d0e9ed42e2 | ACPI Machine Language file 'SSDT' ZPTS 0 by Slav, revision 2, 108 bytes, created by INTL 20200925 | |||
._FixShutdown-USB-SSDT.aml | dc9d5501069c97a09d7fbdd65c46c793 | AppleDouble encoded Macintosh file | |||
SSDT-EC-USBX-DESKTOP.aml | d521d6c1c17c77b93ec483d34e13cb8f | ACPI Machine Language file 'SSDT' SsdtEC 1000 by DRTNIA, revision 2, 6561 bytes, created by INTL 20190509 | |||
._SSDT-EC-USBX-DESKTOP.aml | 4de5caef63a16c4e9d662dbec8407524 | AppleDouble encoded Macintosh file | |||
SSDT-PLUG.aml | 6ea191044be70ec60f4a2114da85fde2 | ACPI Machine Language file 'SSDT' CpuPlug 3000 by CpuRef, revision 2, 177 bytes, created by INTL 20190509 | |||
._SSDT-PLUG.aml | 73184317b9e9d805641b870763edd0d5 | AppleDouble encoded Macintosh file | |||
OpenShell.efi | e65ef8f2f723cca533b5781f7c254476 | PE32+ executable (EFI application) x86-64 (stripped to external PDB), for MS Windows, 4 sections | |||
._OpenShell.efi | 372face0f486117fb794b3252e372691 | AppleDouble encoded Macintosh file | |||
ResetSystem.efi | 01b6a596a98aeb0c6ada615af502bd26 | PE32+ executable (EFI application) x86-64 (stripped to external PDB), for MS Windows, 4 sections | |||
._ResetSystem.efi | 372face0f486117fb794b3252e372691 | AppleDouble encoded Macintosh file | |||
OpenRuntime.efi | 071ef024f9d7e72fe2ec2aa24b45274b | PE32+ executable (EFI runtime driver) x86-64 (stripped to external PDB), for MS Windows, 4 sections | |||
._OpenRuntime.efi | 372face0f486117fb794b3252e372691 | AppleDouble encoded Macintosh file | |||
.DS_Store | 3624634960a553c98d901477b10d139f | Apple Desktop Services Store | |||
._.DS_Store | b9a94cc8f4aac450fb21641eaf065c6d | AppleDouble encoded Macintosh file | |||
OpenCanopy.efi | 5f4a2cadf0678baeb3bf090ad713b9f0 | PE32+ executable (EFI boot service driver) x86-64 (stripped to external PDB), for MS Windows, 4 sections | |||
._OpenCanopy.efi | 372face0f486117fb794b3252e372691 | AppleDouble encoded Macintosh file | |||
VBoxHfs.efi | 13529297648997e4dfe04e24b8b4f75c | PE32+ executable (EFI boot service driver) x86-64 (stripped to external PDB), for MS Windows, 3 sections | |||
._VBoxHfs.efi | 73184317b9e9d805641b870763edd0d5 | AppleDouble encoded Macintosh file | |||
OpenHfsPlus.efi | ed8ab33aaccf16d13bcb11233a3cec42 | PE32+ executable (EFI boot service driver) x86-64 (stripped to external PDB), for MS Windows, 4 sections | |||
._OpenHfsPlus.efi | 372face0f486117fb794b3252e372691 | AppleDouble encoded Macintosh file | |||
.DS_Store | b00bbfaefbce2543b8a93be612cdcc2c | Apple Desktop Services Store | |||
._.DS_Store | b9a94cc8f4aac450fb21641eaf065c6d | AppleDouble encoded Macintosh file | |||
._VoodooHDA.kext | 03073565a1cef5ba6133144db20edd5e | AppleDouble encoded Macintosh file | |||
._Label | d056a1a7ba65ec26bbcd0e85b142cd70 | AppleDouble encoded Macintosh file | |||
._Image | d056a1a7ba65ec26bbcd0e85b142cd70 | AppleDouble encoded Macintosh file | |||
._Audio | d056a1a7ba65ec26bbcd0e85b142cd70 | AppleDouble encoded Macintosh file | |||
._Font | d056a1a7ba65ec26bbcd0e85b142cd70 | AppleDouble encoded Macintosh file | |||
._Contents | 994a32df3afab92d75fbc8f8916da673 | AppleDouble encoded Macintosh file | |||
Info.plist | 7ecd48feca25cf3e9dcb201b7db59394 | XML 1.0 document, Unicode text, UTF-8 text | |||
Info.plist | 2ce1f4e51fa77b406e969fbefa433f92 | XML 1.0 document, Unicode text, UTF-8 text | |||
.__CodeSignature | 994a32df3afab92d75fbc8f8916da673 | AppleDouble encoded Macintosh file | |||
._MacOS | 994a32df3afab92d75fbc8f8916da673 | AppleDouble encoded Macintosh file | |||
Info.plist | 0640ba6b4da41815b235c95448dd6e13 | XML 1.0 document, ASCII text | |||
._Info.plist | e32b4d3719bbf768f28f348ccd929089 | AppleDouble encoded Macintosh file | |||
Info.plist | 73e5832d6160e06e630898739cdcc61c | XML 1.0 document, Unicode text, UTF-8 text | |||
Info.plist | 0a1f61cfd449f87ea51a4eef802cd436 | XML 1.0 document, Unicode text, UTF-8 text | |||
Lilu | 477b4ec8e828209eac07e593a22ee9c6 | Mach-O 64-bit x86_64 kext bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL> | |||
HibernationFixup | a3f73f73725b96f78dee539e4a467fe7 | Mach-O 64-bit x86_64 kext bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL> | |||
CodeResources | 1cbab353c7b2834b87e2f87da81f5ce5 | XML 1.0 document, ASCII text | |||
._CodeResources | a081e0e4f637ae771914a0e01da0a39f | AppleDouble encoded Macintosh file | |||
VoodooHDA | 61c90dfe116693b473a6e2e4ed8ec015 | Mach-O 64-bit x86_64 kext bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL> | |||
._VoodooHDA | 994a32df3afab92d75fbc8f8916da673 | AppleDouble encoded Macintosh file | |||
NVMeFix | 2da562cdd72fd00aa49bd878dda470e0
| Mach-O 64-bit x86_64 kext bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL> | |||
VirtualSMC | 28139490b74d1b4f3e2c4de648a5f72a
| Mach-O 64-bit x86_64 kext bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL> |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | meth_get_eip |
YARAhub by abuse.ch | malware | meth_get_eip |
JavaScript (0)
HTTP Transactions (2)
URL | IP | Response | Size | |
---|---|---|---|---|
github.com/Ken5998/OpenCore-VMware-Workstation-AMD/releases/download/0.6.9/EFI.zip | 140.82.121.3 | 302 Found | 0 B | |
HTTP Headers
| ||||
objects.githubusercontent.com/github-production-release-asset-2e65be/319084287/ac75ee00-b989-11eb-8151-29db6e34d831?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240329%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240329T090146Z&X-Amz-Expires=300&X-Amz-Signature=13844d08f59cbe598de11cffb5af0bac7e445ded3cd7973085f06d191721e971&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=319084287&response-content-disposition=attachment%3B%20filename%3DEFI.zip&response-content-type=application%2Foctet-stream | 185.199.108.133 | 200 OK | 1.2 MB | |
HTTP Headers
| ||||