Report - github.com/WarlitoTools2024/Marksman/raw/main/Layla%20Aspirants.zip

Report Overview

Submitted URL
github.com/WarlitoTools2024/Marksman/raw/main/Layla%20Aspirants.zip
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-04-18 10:59:19
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-03-24	521 B	3.5 kB	140.82.121.4
raw.githubusercontent.com	35802	2014-02-06	2014-03-01	2024-04-18	532 B	12 MB	185.199.109.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
raw.githubusercontent.com/WarlitoTools2024/Marksman/main/Layla%20Aspirants.zip
IP
185.199.109.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
12 MB (11804395 bytes)
Hash
e1d77dc1d46d3caa0738d2af0af51987
0b13dbf1e4a7035ee1beb34e3fbf15c73411e792
7fe53e7c1f907e96b5d7aacf9c0e3753f17175085ba2c1230b3251d091a36669

Archive (43)

Filename

Md5

File type

hero_shooter_skin.unity3d

1c6e5c5b1ba9331c18b6187d13939aca

data

hero_shooter_skin_high_add.unity3d

f393cdf5699c664523cac2b75d42b1d3

data

heroshow_ip07_add.unity3d

fda240f66dcf3a353b4946cff777e4f1

data

shooter_skin01_ctl_01_add.unity3d

46e57a5b962418e96b1213c15cd230af

data

shooter_skin01_ctl_02_add.unity3d

e0b889fe9e2a36f8e77fb228e100b1ec

data

shooter_skin_ctl_WeaponProp1_add.unity3d

d9ec2a77334966d17fdc264811eee94d

data

shooter_skin_ctl_heiping_add.unity3d

4f00598b25e2ba9438c363cce5911608

data

shooter_skin_ctl_jiguang_add.unity3d

575438f8c2975416f7f3f8060e4bbf47

data

shooter_skin_ctl_qiang_add.unity3d

6f7c407f8121781bd5b58b25d333caa8

data

shooter_skin_ctl_qiu02Weapon_011_add.unity3d

b0b685d0f7dfb20ba1289c98032e50b5

data

shooter_skin_ctl_qiuDummy002_add.unity3d

bb4303a19d1b5d628e5a8a228679728b

data

shooter_skin_ctl_shandianBone011.unity3d

c586cfcc70eba0c90d150495e3790bc4

data

shooter_skin_ctl_shandianBone012_add.unity3d

03e367e4d157a511b7dbd2d5c71951f1

data

war2shooter_attack01.unity3d

9bfd34a3795b7d4eb66e5d390f557031

data

war2shooter_attack02.unity3d

9660afab9f3890d5e75ae88333063da7

data

war2shooter_attack_fire.unity3d

e8177d06553fba700c929b57be3f1bc5

data

war2shooter_attack_qiangkou.unity3d

a60dca5e79ca20c1aaa8677757b7fbc4

data

war2shooter_attack_qiangkou2.unity3d

70876e0187393241eaa2f6ae9d3cf94b

data

war2shooter_skill01.unity3d

85d1cd63f69c67df698330241e63eac5

data

war2shooter_skill01_hit3.unity3d

503b949462817b1fe59926389291bebe

data

war2shooter_skill01_qiangkou.unity3d

da1337b5ca2b58d9ee90e9dd46355a9f

DIY-Thermocam raw data (Lepton 2.x), scale 75-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 72128269026880261193728.000000

war2shooter_skill02.unity3d

840f95968f4c702d9f1aa9cce5f48c89

data

war2shooter_skill02_beiji.unity3d

b4bf115b548852f13b0a374d5caef51e

data

war2shooter_skill02_beiji3.unity3d

61eb4c532455dccd48237c44f88dd746

data

war2shooter_skill02_biaoji.unity3d

ad21a0588eaee5eadf79eb2c2b41d0a6

data

war2shooter_skill02_biaoji_buff.unity3d

ae9bb4d4ff532c8189c96179195c11de

data

war2shooter_skill02_hit.unity3d

2f25d016d17cc4f6b36f5e8380438225

data

war2shooter_skill02_qiangkou.unity3d

2867a036fd37ba9774b2682059f4e195

data

war2shooter_skill03_biaoqing.unity3d

13b26ca1ef5214bc839279b4e9c33858

data

war2shooter_skill03_hit1.unity3d

6e600bf750abe8ed7b68ace9ddaf5a43

data

war2shooter_skill03_jiguang_1.unity3d

cee5eda5485ad3973e837ac76a193fd6

data

war2shooter_skill03_jiguang_2.unity3d

217f8561b22187ff0e39b0471eedf46e

data

war2shooter_skill03_qiangkou.unity3d

82414bd856381a96afba12273672f25a

data

war2shooter_skill03_yujing.unity3d

4684d9422edaaae0de57ee422f9bbf26

data

sfx_1181.2021.bnk

03001af685f97199c7029d6cbc2943a3

Wwise SoundBank (little-endian), version 140, id F0B37D4A

show_1181.2021.bnk

5cb05e9714ccfad1bc49b57bdef183b6

Wwise SoundBank (little-endian), version 140, id C24A5AC2

show_vo_1181.2021.bnk

fc1326fa351a60d3e69f21d622c71ff3

Wwise SoundBank (little-endian), version 140, id 2810D250

vo_1181.2021.bnk

75a3faec1af937704f2b39228ffc6e3a

Wwise SoundBank (little-endian), version 140, id 0A038468

zzp_sfx_1181.2021.bnk

d5c8583ce27a0e60ad879259a3b2bd5c

Wwise SoundBank (little-endian), version 140, id 52B69541

zzp_vo_1181.2021.bnk

5a706e94f6e87e754a6b9ae3352054f6

Wwise SoundBank (little-endian), version 140, id BC6F9D9D

ResCheckConf.xml

f1b8428f2da3624c2df7fe5d31cda810

XML 1.0 document, ASCII text, with CRLF line terminators

Atlas_OneHeroIcon02.unity3d

c486001f9ee15b898feadde910c963f5

data

Hero181.unity3d

983f45fea9a2d2ea657fac5e380b49ff

data

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	github.com/WarlitoTools2024/Marksman/raw/main/Layla%20Aspirants.zip	140.82.121.4	302 Found	0 B
URL User Request GET HTTP/2 github.com/WarlitoTools2024/Marksman/raw/main/Layla%20Aspirants.zip IP 140.82.121.4:443 ASN #36459 GITHUB Certificate IssuerSectigo Limited Subjectgithub.com FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WarlitoTools2024/Marksman/raw/main/Layla%20Aspirants.zip HTTP/1.1 Host: github.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: GitHub.com date: Thu, 18 Apr 2024 10:58:49 GMT content-type: text/html; charset=utf-8 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With access-control-allow-origin: location: https://raw.githubusercontent.com/WarlitoTools2024/Marksman/main/Layla%20Aspirants.zip cache-control: no-cache strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: no-referrer-when-downgrade content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com .actions.githubusercontent.com wss://.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/ content-length: 0 x-github-request-id: B9F4:1F2D37:D42418B:D601D99:6620FCE9 X-Firefox-Spdy: h2

	raw.githubusercontent.com/WarlitoTools2024/Marksman/main/Layla%20Aspirants.zip	185.199.109.133	200 OK	12 MB
URL User Request GET HTTP/2 raw.githubusercontent.com/WarlitoTools2024/Marksman/main/Layla%20Aspirants.zip IP 185.199.109.133:443 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subject.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 12 MB (11804395 bytes) Hash e1d77dc1d46d3caa0738d2af0af51987 0b13dbf1e4a7035ee1beb34e3fbf15c73411e792 7fe53e7c1f907e96b5d7aacf9c0e3753f17175085ba2c1230b3251d091a36669 HTTP Headers GET /WarlitoTools2024/Marksman/main/Layla%20Aspirants.zip HTTP/1.1 Host: raw.githubusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK cache-control: max-age=300 content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox content-type: application/zip etag: W/"a686a6a9ef647e63da08987d742aac6155abf2afd8c7ce9e997d87b98dafdfc7" strict-transport-security: max-age=31536000 x-content-type-options: nosniff x-frame-options: deny x-xss-protection: 1; mode=block x-github-request-id: 3AE8:29F0E1:24BCEBF:26B80CB:6620FCE9 accept-ranges: bytes date: Thu, 18 Apr 2024 10:58:51 GMT via: 1.1 varnish x-served-by: cache-hel1410024-HEL x-cache: MISS x-cache-hits: 0 x-timer: S1713437930.755434,VS0,VE1314 vary: Authorization,Accept-Encoding,Origin access-control-allow-origin: cross-origin-resource-policy: cross-origin x-fastly-request-id: 95539539d527d42a50263415bb9724de89dd15c0 expires: Thu, 18 Apr 2024 11:03:51 GMT source-age: 1 content-length: 11804395 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (43)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers