Report - download3.omnissa.com/software/CART_OSOT_1_2_2412/OmnissaHorizonOSOptimizationMDTPlugin-x86

Report Overview

Visited public
2025-02-21 05:50:41
Tags
URL
download3.omnissa.com/software/CART_OSOT_1_2_2412/OmnissaHorizonOSOptimizationMDTPlugin-x86_64-1.2.2412.12943850210.zip
Finishing URL
about:privatebrowsing
IP / ASN
23.36.79.168
#20940 Akamai International B.V.
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
download3.omnissa.com	unknown	2018-09-15	2024-05-09	2025-02-20	585 B	233 kB	95.101.10.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
download3.omnissa.com/software/CART_OSOT_1_2_2412/OmnissaHorizonOSOptimizationMDTPlugin-x86_64-1.2.2412.12943850210.zip
IP
95.101.10.177
ASN
#20940 Akamai International B.V.

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
232 kB (232092 bytes)
Hash
a5a8e2e828616625b0e5468a3bdd4585
ac81dccb47c99460c43f9aa246260f49aa7a02b5
e09a3abd38cd9030605e614cf9849d3213fe36cd7a355cbf101f243381862900

Archive (6)

Filename

Md5

File type

action.horizon.xml

a66613fe7eab472a8ab7aecaa58b058b

ASCII text, with CRLF line terminators

action.osot.xml

acc816570dfca75d1a0537c7cb25f8c4

ASCII text, with CRLF line terminators

Microsoft.Deployment.WindowsInstaller.dll

5f2912bb589d8c861d51087f84224816

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Deployment.WindowsInstaller.Linq.dll

a588e680c7c881e8d6965a00c9aa8965

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Omnissa.BDD.TaskAction.dll

9fffe76e4cb2aedd50eb7c364f880bdb

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

osot.xml

d36f19707a62ea838758bbc76ea9daf5

XML 1.0 document, ASCII text, with very long lines (477), with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen
VirusTotal	suspicious	VirusTotal - Scan result 1/67

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

download3.omnissa.com/software/CART_OSOT_1_2_2412/OmnissaHorizonOSOptimizationMDTPlugin-x86_64-1.2.2412.12943850210.zip

95.101.10.177

200 OK

232 kB

URL User Request GET HTTP/1.1
download3.omnissa.com/software/CART_OSOT_1_2_2412/OmnissaHorizonOSOptimizationMDTPlugin-x86_64-1.2.2412.12943850210.zip
IP
95.101.10.177:443
ASN
#20940 Akamai International B.V.

Certificate
IssuerDigiCert Inc
Subject*.omnissa.com
Fingerprint13:85:AD:6E:5C:D0:3B:47:9E:35:4E:C8:27:8D:86:69:56:04:A3:E1
ValidityWed, 03 Apr 2024 00:00:00 GMT - Wed, 02 Apr 2025 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
232 kB (232092 bytes)
Hash
a5a8e2e828616625b0e5468a3bdd4585
ac81dccb47c99460c43f9aa246260f49aa7a02b5
e09a3abd38cd9030605e614cf9849d3213fe36cd7a355cbf101f243381862900

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/67

HTTP Headers

GET /software/CART_OSOT_1_2_2412/OmnissaHorizonOSOptimizationMDTPlugin-x86_64-1.2.2412.12943850210.zip HTTP/1.1
Host: download3.omnissa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 3jP+w+QtTLbWAodAGfbBaMaG+F0rxJDeAk4T9Ov8L50qhch/PzOHYf8Z89JqwqoclDrTBuwOO2n7DSAGn3JfGg==
x-amz-request-id: X3G1GP4S90F8W9K3
Last-Modified: Wed, 29 Jan 2025 07:04:49 GMT
ETag: "a5a8e2e828616625b0e5468a3bdd4585"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/zip
Content-Length: 232092
Server: AmazonS3
Expires: Fri, 21 Feb 2025 05:50:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 21 Feb 2025 05:50:11 GMT
Alt-Svc: h3=":443"; ma=93600
Connection: keep-alive

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (6)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers