Report - raw.githubusercontent.com/MovEaxEax/xnyu-debug-approved-mods/main/mods/TouhouScarletCuriosity.zip

Report Overview

Submitted URL
raw.githubusercontent.com/MovEaxEax/xnyu-debug-approved-mods/main/mods/TouhouScarletCuriosity.zip
IP
185.199.111.133
ASN
#54113 FASTLY
Submitted
2024-05-08 02:14:19
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
raw.githubusercontent.com	35802	2014-02-06	2014-03-01	2024-05-06	551 B	140 kB	185.199.108.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
raw.githubusercontent.com/MovEaxEax/xnyu-debug-approved-mods/main/mods/TouhouScarletCuriosity.zip
IP
185.199.108.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
139 kB (138695 bytes)
Hash
cf6ad7e44e2083e6b51b2ceec1228cf2
d67027baf8848f93d2583fa03abbcdec12ffbd55
0ef37f840e7398277c7fb79289b0fd98285e9f6dab359e67a335fb198ee2ffa4

Archive (24)

Filename

Md5

File type

addresses.map

7cf9939d01f9af035899d2de191b6c85

ASCII text, with CRLF line terminators

addresses.map

7cf9939d01f9af035899d2de191b6c85

ASCII text, with CRLF line terminators

hotkeys0.txt

4f24222354f7ee707cdc958a5a347629

ASCII text, with CRLF line terminators

hotkeys1.txt

383210f54547a3d824183e57df30dd21

ASCII text, with CRLF line terminators

hotkeys2.txt

241114b4d48b45d8ac3c4e63da4be5da

ASCII text, with CRLF line terminators

hotkeys3.txt

143dc496bc095b5196695105f01fb228

ASCII text, with CRLF line terminators

hotkeys4.txt

8ed997cd4a290668e66d76efe58b5ef1

ASCII text, with CRLF line terminators

hotkeys5.txt

7610bea2f3b1f203c0cfca81cc0eea70

ASCII text, with CRLF line terminators

hotkeys6.txt

a4ccc844316466fd7e35a02c9427a028

ASCII text, with CRLF line terminators

hotkeys7.txt

d6741871dbfe9321c44c9bd70ad57826

ASCII text, with CRLF line terminators

Demo.nts

7483280fc74e4ea155c9b321655e0426

ASCII text, with CRLF line terminators

actions.map

41c5edf9e9151b0264ee5df93aab486c

ASCII text, with CRLF line terminators

actions.map

6df77142729656a5926b34679aa8f982

ASCII text, with CRLF line terminators

settings.map

2793d426342d107a7f2b4dc85995c0ae

ASCII text, with CRLF line terminators

settings.map

2793d426342d107a7f2b4dc85995c0ae

ASCII text, with CRLF line terminators

functions.map

a7473b6dff3d3c45833ec9a442cb8449

ASCII text, with very long lines (347), with CRLF line terminators

functions.map

a7473b6dff3d3c45833ec9a442cb8449

ASCII text, with very long lines (347), with CRLF line terminators

InputMapping.ini

edd591468b6b3728392f21ed2b992229

ASCII text, with CRLF line terminators

scarlet-mod.dll

3dbb6908341a14b55a430f8eb2e980ab

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 10 sections

save.map

14669d28e096b2fcef2e4c548d606020

ASCII text, with CRLF line terminators

save.map

14669d28e096b2fcef2e4c548d606020

ASCII text, with CRLF line terminators

settings.map

2793d426342d107a7f2b4dc85995c0ae

ASCII text, with CRLF line terminators

settings.map

2793d426342d107a7f2b4dc85995c0ae

ASCII text, with CRLF line terminators

TouhouScarletCuriosity.ntt

830e411a98291ff905617876e1bbeee1

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	raw.githubusercontent.com/MovEaxEax/xnyu-debug-approved-mods/main/mods/TouhouScarletCuriosity.zip	185.199.108.133	200 OK	139 kB
URL User Request GET HTTP/2 raw.githubusercontent.com/MovEaxEax/xnyu-debug-approved-mods/main/mods/TouhouScarletCuriosity.zip IP 185.199.108.133:443 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subject.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 139 kB (138695 bytes) Hash cf6ad7e44e2083e6b51b2ceec1228cf2 d67027baf8848f93d2583fa03abbcdec12ffbd55 0ef37f840e7398277c7fb79289b0fd98285e9f6dab359e67a335fb198ee2ffa4 HTTP Headers GET /MovEaxEax/xnyu-debug-approved-mods/main/mods/TouhouScarletCuriosity.zip HTTP/1.1 Host: raw.githubusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK cache-control: max-age=300 content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox content-type: application/zip etag: W/"4cfe53dc6f36818fd067517ad4b8eb62b741f9c57bce1c8d0c46fdf12242e560" strict-transport-security: max-age=31536000 x-content-type-options: nosniff x-frame-options: deny x-xss-protection: 1; mode=block x-github-request-id: 6F24:2221FD:7CB772:82AEBF:663ADFE1 accept-ranges: bytes date: Wed, 08 May 2024 02:13:54 GMT via: 1.1 varnish x-served-by: cache-hel1410029-HEL x-cache: MISS x-cache-hits: 0 x-timer: S1715134434.864505,VS0,VE177 vary: Authorization,Accept-Encoding,Origin access-control-allow-origin: cross-origin-resource-policy: cross-origin x-fastly-request-id: 597ab8668869d9816a03d93e089f1d8b896a9a4a expires: Wed, 08 May 2024 02:18:54 GMT source-age: 0 content-length: 138695 X-Firefox-Spdy: h2

raw.githubusercontent.com/MovEaxEax/xnyu-debug-approved-mods/main/mods/TouhouScarletCuriosity.zip

185.199.108.133

200 OK

139 kB

URL User Request GET HTTP/2
raw.githubusercontent.com/MovEaxEax/xnyu-debug-approved-mods/main/mods/TouhouScarletCuriosity.zip
IP
185.199.108.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
139 kB (138695 bytes)
Hash
cf6ad7e44e2083e6b51b2ceec1228cf2
d67027baf8848f93d2583fa03abbcdec12ffbd55
0ef37f840e7398277c7fb79289b0fd98285e9f6dab359e67a335fb198ee2ffa4

HTTP Headers

GET /MovEaxEax/xnyu-debug-approved-mods/main/mods/TouhouScarletCuriosity.zip HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
etag: W/"4cfe53dc6f36818fd067517ad4b8eb62b741f9c57bce1c8d0c46fdf12242e560"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 6F24:2221FD:7CB772:82AEBF:663ADFE1
accept-ranges: bytes
date: Wed, 08 May 2024 02:13:54 GMT
via: 1.1 varnish
x-served-by: cache-hel1410029-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715134434.864505,VS0,VE177
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 597ab8668869d9816a03d93e089f1d8b896a9a4a
expires: Wed, 08 May 2024 02:18:54 GMT
source-age: 0
content-length: 138695
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (24)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers