cdn.discordapp.com/attachments/1206968224311410768/1236440550001868840/Peace.lnk?ex=6638047f&is=6636b2ff&hm=7c60404927a04088640eb8d043fdb6848f27acae3d95de489ea4a03faa660952&
162.159.130.233200 OK 1.9 kB URL User Request GET HTTP/2 cdn.discordapp.com/attachments/1206968224311410768/1236440550001868840/Peace.lnk?ex=6638047f&is=6636b2ff&hm=7c60404927a04088640eb8d043fdb6848f27acae3d95de489ea4a03faa660952&
IP 162.159.130.233:443
Certificate IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Sat May 4 12:57:51 2024, mtime=Sat May 4 12:58:20 2024, atime=Mon Dec 25 11:48:24 2023, length=12616520, window=hide
Hash e33fecb3112de662b19a85f697c8a64a
b34100e9000179bbc145e461f40bf24a2e917132
1cfcaa08489c515620c4bc8d6a3b74a482e6a1a192e3460c71bb59191037e71c
Analyzer Verdict Alert Public InfoSec YARA rules malware Identifies executable artefacts in shortcut (LNK) files.
GET /attachments/1206968224311410768/1236440550001868840/Peace.lnk?ex=6638047f&is=6636b2ff&hm=7c60404927a04088640eb8d043fdb6848f27acae3d95de489ea4a03faa660952& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 22:13:59 GMT
content-type: application/octet-stream
content-length: 1882
cf-ray: 87ebd753cec5b529-OSL
cf-cache-status: MISS
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment; filename="Peace.lnk"
etag: "e33fecb3112de662b19a85f697c8a64a"
expires: Sun, 04 May 2025 22:13:59 GMT
last-modified: Sat, 04 May 2024 22:13:19 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1714860799141482
x-goog-hash: crc32c=Qhr+Dw==, md5=4z/ssxEt5mKxmoX2l8imSg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1882
x-guploader-uploadid: ABPtcPolvmAdBS5pSx84WX3txjzq2NXCe22tXUeb-uoMOeLG4ROewbQanDpT5BYAjGL2HDY4Hf4A9DQqhw
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KF5bKEDeQPqYbqmLOnJ4JZGkQDoPHAWOMlyhKA3YVeTd3oWFJA0mPT0p%2FRBkGvM1xMFW6iwVjJ5g7kJGBr53F%2FcwuyrWPqY7SVF2%2Bh0Spql3wa1T7VZtuC%2Bn8fNApXqTfxseTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=Xyv0xN627ag2LmG_q1kdQS6n.m5L8onsIVYZHC3Pi3Q-1714860839-1.0.1.1-mi5tHT.9DbewwuqCn53UGPUHtMxAYoXwkgK83KlN6QL8nyNsg89N1oB3UpcO83LUHe9VXX5Q.bSBPLt7QDPpYA; path=/; expires=Sat, 04-May-24 22:43:59 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=oYUVSVqzhAImpQv7Tf.a99zC1vJDb4ls_hzBW7OY0vw-1714860839186-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2