Report - github.com/VirtualDisplay/Virtual-Display-Driver/releases/download/23.12.2HDR/IddSampleDriver.zip

Report Overview

Visited public
2025-01-17 00:13:29
Tags
Submit Tags
URL
github.com/VirtualDisplay/Virtual-Display-Driver/releases/download/23.12.2HDR/IddSampleDriver.zip
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.4
#36459 GITHUB
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2025-01-15	551 B	4.3 kB	140.82.121.3
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2025-01-15	962 B	70 kB	185.199.109.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/704889202/a3c374bd-e1ad-4f06-acf6-034c0de86782?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250117%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250117T001304Z&X-Amz-Expires=300&X-Amz-Signature=521aaa53a13e343722090654a0460e9b5b9d91a743fb9c45246ee776c215e975&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DIddSampleDriver.zip&response-content-type=application%2Foctet-stream
IP
185.199.109.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
69 kB (69009 bytes)
Hash
74363caeb274840f54b61e07ff6cf3df
85ab38d8bdabb7272a754f2acc2a5f7cbf2de742
682a1bfe2af13d20d7dde64d885aa559627da942f835f8ee2e2e48b895632cf7

Archive (6)

Filename

Md5

File type

iddsampledriver.cat

e1d899b8313b854ccfd79428ddd4a062

DER Encoded PKCS#7 Signed Data

IddSampleDriver.dll

4846f7bb0d17ed01c6e9b12d60ca9451

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

IddSampleDriver.inf

71ebade6b3a5c5bef933cf54ce2d89e6

Windows setup INFormation

installCert.bat

49b60f957d76375a489d1476981cbc28

DOS batch file, ASCII text, with CRLF line terminators

option.txt

2941bb5ca80742d14ef36925d4061093

ASCII text, with CRLF line terminators

Virtual_Display_Driver.cer

a6ba55624262aa61b6ccde7145de65f3

Certificate, Version=3

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	GET github.com/VirtualDisplay/Virtual-Display-Driver/releases/download/23.12.2HDR/IddSampleDriver.zip	140.82.121.3	302 Found	0 B
URL User Request GET HTTP/2 github.com/VirtualDisplay/Virtual-Display-Driver/releases/download/23.12.2HDR/IddSampleDriver.zip IP 140.82.121.3:443 ASN #36459 GITHUB Certificate IssuerSectigo Limited Subjectgithub.com FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /VirtualDisplay/Virtual-Display-Driver/releases/download/23.12.2HDR/IddSampleDriver.zip HTTP/1.1 Host: github.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: GitHub.com date: Fri, 17 Jan 2025 00:13:04 GMT content-type: text/html; charset=utf-8 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/704889202/a3c374bd-e1ad-4f06-acf6-034c0de86782?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250117%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250117T001304Z&X-Amz-Expires=300&X-Amz-Signature=521aaa53a13e343722090654a0460e9b5b9d91a743fb9c45246ee776c215e975&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DIddSampleDriver.zip&response-content-type=application%2Foctet-stream cache-control: no-cache strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: no-referrer-when-downgrade content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com .rel.tunnels.api.visualstudio.com wss://.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com .actions.githubusercontent.com wss://.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/ content-length: 0 x-github-request-id: D7F7:222212:BC4A31:C193A7:6789A090 X-Firefox-Spdy: h2

	GET objects.githubusercontent.com/github-production-release-asset-2e65be/704889202/a3c374bd-e1ad-4f06-acf6-034c0de86782?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250117%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250117T001304Z&X-Amz-Expires=300&X-Amz-Signature=521aaa53a13e343722090654a0460e9b5b9d91a743fb9c45246ee776c215e975&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DIddSampleDriver.zip&response-content-type=application%2Foctet-stream	185.199.109.133	200 OK	69 kB
URL User Request GET HTTP/2 objects.githubusercontent.com/github-production-release-asset-2e65be/704889202/a3c374bd-e1ad-4f06-acf6-034c0de86782?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250117%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250117T001304Z&X-Amz-Expires=300&X-Amz-Signature=521aaa53a13e343722090654a0460e9b5b9d91a743fb9c45246ee776c215e975&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DIddSampleDriver.zip&response-content-type=application%2Foctet-stream IP 185.199.109.133:443 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subject.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 69 kB (69009 bytes) Hash 74363caeb274840f54b61e07ff6cf3df 85ab38d8bdabb7272a754f2acc2a5f7cbf2de742 682a1bfe2af13d20d7dde64d885aa559627da942f835f8ee2e2e48b895632cf7 HTTP Headers GET /github-production-release-asset-2e65be/704889202/a3c374bd-e1ad-4f06-acf6-034c0de86782?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250117%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250117T001304Z&X-Amz-Expires=300&X-Amz-Signature=521aaa53a13e343722090654a0460e9b5b9d91a743fb9c45246ee776c215e975&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DIddSampleDriver.zip&response-content-type=application%2Foctet-stream HTTP/1.1 Host: objects.githubusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/octet-stream last-modified: Sun, 13 Oct 2024 18:37:39 GMT etag: "0x8DCEBB61DD20BA4" server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 2133bebd-e01e-0040-339f-1de66d000000 x-ms-version: 2024-08-04 x-ms-creation-time: Sun, 13 Oct 2024 18:37:39 GMT x-ms-blob-content-md5: dDY8rrJ0hA9Uth4H/2zz3w== x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob content-disposition: attachment; filename=IddSampleDriver.zip x-ms-server-encrypted: true via: 1.1 varnish, 1.1 varnish fastly-restarts: 1 accept-ranges: bytes age: 0 date: Fri, 17 Jan 2025 00:13:05 GMT x-served-by: cache-iad-kjyo7100108-IAD, cache-hel1410027-HEL x-cache: HIT, MISS x-cache-hits: 83, 0 x-timer: S1737072785.047460,VS0,VE108 content-length: 69009 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (6)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers