Report Overview
Submitted URL
cdn.discordapp.com/attachments/1178042744615211079/1178095448246984785/Pro_Aim_Shot.7z?ex=6636b262&is=663560e2&hm=827953706fdc5b7896713653a2391b7391fa6947262eafc330c16456249234c2&
IP
162.159.133.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-03 23:57:05
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
13
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
cdn.discordapp.com | 2474 | 2015-02-26 | 2015-08-24 | 2024-05-02 | 633 B | 9.4 MB | 162.159.129.233 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
cdn.discordapp.com/attachments/1178042744615211079/1178095448246984785/Pro_Aim_Shot.7z?ex=6636b262&is=663560e2&hm=827953706fdc5b7896713653a2391b7391fa6947262eafc330c16456249234c2&
IP
162.159.129.233
ASN
#13335 CLOUDFLARENET
File type
7-zip archive data, version 0.4
Size
9.4 MB (9414941 bytes)
Hash
878d22f6803a94171e75875a4e8cda9b
3c262eecc6258736d459ea7ad144882555cf3be6
Archive (41)
Filename | Md5 | File type | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
RUN ALL .BATCH FILES AS ADMIN.txt | d41d8cd98f00b204e9800998ecf8427e | ||||||||||
1.All Netrwork.reg | a082bca60f3811897444fe20f27ac053 | ASCII text, with CRLF line terminators | |||||||||
2. network.reg | 68c658101ef77eafc29fa11fe4be9afa | Windows Registry little-endian text (Win2K or above) | |||||||||
2.DeviceCleanup.ini | 994f77456cfdf5c81f32e4cb6af509e1 | ASCII text, with CRLF line terminators | |||||||||
2.Lower Ping.bat | 85f126246b341dcdd0d6914e75f112a7 | DOS batch file, ASCII text, with CRLF line terminators | |||||||||
CubiqqFreeProgram.bat | 376dc73ff560b1c5acf6260c5e7bf4a9
| DOS batch file, ASCII text, with CRLF line terminators | |||||||||
deleteprefetch.bat | 931765a11745e1efcfb06056724755c6 | ASCII text, with no line terminators | |||||||||
deletetemp.bat | 7f77fa362c72f9a4a04953c68fe3b95e | ASCII text, with no line terminators | |||||||||
Disable Excess Network Services.bat | 4d22f49b7eb75b79aff6e26c009faac3 | DOS batch file, ASCII text, with CRLF line terminators | |||||||||
Inject into TCP Optimizer.spg | 3432868b093a35fcf0ab514ace32e384 | ASCII text, with CRLF line terminators | |||||||||
low ping.bat | 4d22f49b7eb75b79aff6e26c009faac3 | DOS batch file, ASCII text, with CRLF line terminators | |||||||||
low ping.spg | 3432868b093a35fcf0ab514ace32e384 | ASCII text, with CRLF line terminators | |||||||||
refresh dns.bat | b01f41d85d8212a7433f805110837be8 | DOS batch file, ASCII text, with CRLF line terminators | |||||||||
AUTO TWEAKING UTILITY 2 EULA.txt | 8b20aeedc680a293eac53eac7cedd8be | ASCII text, with CRLF line terminators | |||||||||
Auto Tweaking Utility 2.exe.config | c16b0746faa39818049fe38709a82c62 | XML 1.0 document, ASCII text, with CRLF line terminators | |||||||||
INTEL SOFTWARE LICENSE AGREEMENT.txt | 894d9a257da6e7a92c8fd510fc401a53 | ASCII text, with CRLF line terminators | |||||||||
NSUDO LICENSE.txt | ef5e2467ce2f9a22b1d9b3e433c99bb4 | ASCII text, with CRLF line terminators | |||||||||
NVIDIA PROFILE INSPECTOR LICENSE.txt | 470241450c7b5d62278fa5c481b0b22b | ASCII text, with CRLF line terminators | |||||||||
Basic.nip | 3884000c99e6833121725fa5765a0f91 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | |||||||||
Low_Latency.nip | cd24e96574fb864c6027b9fa19826e51 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | |||||||||
Reference.xml | 1a8493bff2d17c83e299101954dcb562 | XML 1.0 document, ASCII text, with CRLF line terminators | |||||||||
Disable Network Throttling Index.reg | 0fdafb0a67805077f37e74dbdf6dd399 | ASCII text, with CRLF line terminators | |||||||||
Disable Transparency.reg | 47f70ecd2697c2698372e2fcd674c244 | ASCII text, with CRLF line terminators | |||||||||
Network Tweaks.cmd | 30324657ef2db8e8457b24fd4d316589 | ASCII text, with CRLF line terminators | |||||||||
Network_Tweaks_by_Sviat.bat | 13345f98b9c01558628061ea4cafc3c8 | DOS batch file, ASCII text, with CRLF line terminators | |||||||||
ping_delay.reg | a33a770344437b9a6e7032734f0a2d9d | Windows Registry text (Win2K or above) | |||||||||
potential_network_help.reg | b6e5eb04831b4af49ca5d1f4c8965029 | Windows Registry text (Win2K or above) | |||||||||
shakey FPS.reg | dc3fdc8c318f84b95cf9ee36f0b2c5ee | Windows Registry little-endian text (Win2K or above) | |||||||||
vynla low ping.reg | f6d59ac25994b979eddd553204e489f9 | Windows Registry text (Win2K or above) | |||||||||
[2] Network Optimization.cmd | 8fb341e085dfc1d67bab09add66f723a | DOS batch file, ASCII text, with very long lines (325), with CRLF, CR line terminators | |||||||||
2.DeviceCleanup.exe | df46db7f7b07b3f87b879834df4edbee | PE32+ executable (GUI) x86-64, for MS Windows, 6 sections | |||||||||
3.adwcleaner_8.3.1.exe | 7293259f38f9c37df4b05aacdea047b6 | PE32 executable (console) Intel 80386, for MS Windows, UPX compressed, 3 sections | |||||||||
Cubiqq_PO_v0.3.exe | 352ee4e7509758d948acf0439537b6bc
| PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections | |||||||||
TCPOptimizer.exe | d8292150c8ce862a97a923318df07805
| PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections | |||||||||
Auto Tweaking Utility 2.exe | 11d9ae6b7ac0bad75346bad9cbcb29e4
| PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows, 2 sections | |||||||||
amifldrv64.sys | 785045f8b25cd2e937ddc6b09debe01a
| PE32+ executable (native) x86-64, for MS Windows, 5 sections | |||||||||
ATU_x64.dll | 86ccd06316a15ddd6180eb7987d04298
| PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows, 3 sections | |||||||||
NSudoLC.exe | 0ac3e9d59309f599403ac51615bfe41b
| PE32+ executable (console) x86-64, for MS Windows, 6 sections | |||||||||
nvidia-smi.exe | d07b484b8dba9ffb686d82ff6cec3cb2
| PE32+ executable (console) x86-64, for MS Windows, 7 sections | |||||||||
nvidiaProfileInspector.exe | 9a11825bb9ffaa5317b8f038dae2c078
| PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | |||||||||
SCEWIN_64.exe | d3201407f3a843a47eb888cadb46d0de
| PE32+ executable (console) x86-64, for MS Windows, 5 sections |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen |
YARAhub by abuse.ch | malware | signed_sys_with_vulnerablity |
Elastic Security YARA Rules | malware | Windows.VulnDriver.Amifldrv |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
cdn.discordapp.com/attachments/1178042744615211079/1178095448246984785/Pro_Aim_Shot.7z?ex=6636b262&is=663560e2&hm=827953706fdc5b7896713653a2391b7391fa6947262eafc330c16456249234c2& | 162.159.129.233 | 200 OK | 9.4 MB | |||||||
Detections
HTTP Headers
| ||||||||||