Report Overview
Submitted URL
github.com/Romanitho/Winget-AutoUpdate/releases/download/v1.20.0/WAU-Configurator.zip
IP
140.82.121.4ASN
#36459 GITHUB
Submitted
2024-04-26 14:11:50
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| github.com | 1423 | 2007-10-09 | 2016-07-13 | 2024-03-24 | 539 B | 3.9 kB | 140.82.121.4 |
| objects.githubusercontent.com | 134060 | 2014-02-06 | 2021-11-01 | 2024-04-26 | 999 B | 136 kB |  185.199.111.133 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
objects.githubusercontent.com/github-production-release-asset-2e65be/448617645/d4e1b38c-de6f-443a-b51c-5be35d8aaf91?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240426%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240426T141124Z&X-Amz-Expires=300&X-Amz-Signature=f7437db447d495e7f77cad1ae291a7af204b1509d35e6d41bf6d71f3c16a5118&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=448617645&response-content-disposition=attachment%3B%20filename%3DWAU-Configurator.zip&response-content-type=application%2Foctet-stream
IP
185.199.111.133ASN
#54113 FASTLY
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
135 kB (134836 bytes)
Hash
975771efbde36f7dfbd2a6ef1648ec0f
43957cd0d82a2c27591635a2e8488a6fc3f3548c
Archive (68)
| Filename | Md5 | File type | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Gui.ps1 | 8763a2e08937d135e3abdbf4579dda27 | C++ source, ASCII text, with very long lines (5761) | |||||||||
| WAU-Policies.ps1 | d7ff1eb2257350badf6692e096d8afea | ASCII text, with very long lines (342) | |||||||||
| Winget-Install.ps1 | 435ae7af62f063ba02b3d8f002eb86d0 | ASCII text | |||||||||
| WAU-Uninstall.ps1 | 40be78a0706d3a20f4cac1ae5526b10b | ASCII text | |||||||||
| _AppID-template.ps1 | 0be5480a4dc69a2d3c1d95e981d56027 | ASCII text | |||||||||
| _WAU-notinstalled-template.ps1 | a499a87f04df9c950b14b444ef26f1d1 | ASCII text | |||||||||
| _Mods-Functions.ps1 | 522c2cf95a59fe286dbc764191281ab1 | ASCII text | |||||||||
| README.md | ad249ac8ae8f2733a28d68a780b79e46 | ASCII text | |||||||||
| _WAU-mods-template.ps1 | a90551361927eb09e0d0585d09b1e9dd | ASCII text | |||||||||
| README.md | 0e323ab5901961412a1198ea5e30c2d7 | ASCII text | |||||||||
| Invisible.vbs | ff464312eaba9085a17c814549565006 | ASCII text | |||||||||
| Winget-Upgrade.ps1 | a4f6830640e62fd4bda818b563f372c6 | ASCII text | |||||||||
| ServiceUI.exe | 8ea4ab0538b882be2caed5845a60d01f | PE32+ executable (console) x86-64, for MS Windows, 6 sections | |||||||||
| error.png | 5e516538a7e5d3a0a718ef9d12df45ff | PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced | |||||||||
| warning.png | d9fd2dbaf88f5f098ecb9ecd09500cbf | PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced | |||||||||
| success.png | c2e1a9b9649e1d92ae488083f375da7c | PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced | |||||||||
| info.png | b3b44437c962fc377d792bc8776ba02d | PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced | |||||||||
| Winget-Notify.ps1 | e60f4daa89b899d238a7330a2ff25d2b | ASCII text | |||||||||
| Version.txt | 22670a5615f0e4326684baf54f2abb56 | ASCII text, with no line terminators | |||||||||
| User-Run.ps1 | c1c532d865420357e25ba3d4d1b6e950 | ASCII text | |||||||||
| Get-WAUConfig.ps1 | 93e311295dff3ca7c69e957d75c78f78 | ASCII text | |||||||||
| Get-WingetOutdatedApps.ps1 | cb6201adb6d65898315ad78e3d5d442a | C++ source, ASCII text | |||||||||
| Update-WAU.ps1 | 324c00f963fd58e0dfd7b4adc23b555c | ASCII text | |||||||||
| Get-WingetCmd.ps1 | 0f74036eefacabc36362a76df30a82ef | ASCII text | |||||||||
| Update-WinGet.ps1 | 18b096448e8e8de54cbef1ce5aa14397 | ASCII text | |||||||||
| Get-IncludedApps.ps1 | 28f24527cb595ddfe63b0ee0d1a0ac29 | ASCII text | |||||||||
| Test-PendingReboot.ps1 | 52cea880eb082c533ecef87734cc5100 | ASCII text | |||||||||
| Confirm-Installation.ps1 | a87d56b98d5e6208b12a7122ee718bca | ASCII text | |||||||||
| Get-WingetSystemApps.ps1 | 3e64c550f955abdf78f58b8679d0b4ce | ASCII text | |||||||||
| Get-AppInfo.ps1 | fc551fef084728bf59067b870936f146 | ASCII text | |||||||||
| Invoke-LogRotation.ps1 | ac1db66b20ad668b1eb6ee1ef784a420 | Unicode text, UTF-8 (with BOM) text | |||||||||
| Update-App.ps1 | 2eb1c15b521638a2e663670852e91d8c | ASCII text | |||||||||
| Test-ModsPath.ps1 | 1258aa38038a09e1105fc580110e3f76 | HTML document, ASCII text | |||||||||
| Invoke-DirProtect.ps1 | 198629c96cdca9176b2d861b641fe156 | ASCII text | |||||||||
| Test-Mods.ps1 | fc078bdb3a10e6bbd32392f5ccf37221 | ASCII text | |||||||||
| Test-ListPath.ps1 | 38b8d122d047dfd537f5892963b5c0f9 | ASCII text | |||||||||
| Test-Network.ps1 | 300d7c3a95bd624e706125619e2b05b5 | ASCII text | |||||||||
| Get-AZCopy.ps1 | d49836b1ae15a638d6a279cb0d2a2143 | ASCII text | |||||||||
| Write-ToLog.ps1 | 37b6124413fef2f327c14dd26fd78c60 | ASCII text | |||||||||
| Get-NotifLocale.ps1 | 7bacdabba3770b62f42984e861b6666f | ASCII text | |||||||||
| Get-WAUAvailableVersion.ps1 | 0006feb5fe08ac6d17e6b44fc575da17 | ASCII text | |||||||||
| Add-Shortcut.ps1 | 6457b8abd9dd8fa42ec57d2f09b706c1 | ASCII text | |||||||||
| Add-ScopeMachine.ps1 | 317f8ee0b56c532884986de92264a65d | ASCII text | |||||||||
| Start-NotifTask.ps1 | 4088036a3759b2a00b085cf241300d8e | ASCII text | |||||||||
| Get-ExcludedApps.ps1 | 90d5680b68afbb03f83dc7901dbef933 | ASCII text | |||||||||
| Invoke-PostUpdateActions.ps1 | 3bdc1e524c9c2d81f5126bbfbd0f4ab6 | ASCII text, with very long lines (345) | |||||||||
| Update-StoreApps.ps1 | efc4332f655b864c1af65884967137ad | ASCII text | |||||||||
| Install-Prerequisites.ps1 | cc9ec83f81e93f27895514f6cf871649 | ASCII text | |||||||||
| pt.xml | 50e96a5cacef10c5fc0cc460fff4ac92 | HTML document, Unicode text, UTF-8 text | |||||||||
| uk.xml | 6e654a272c6691eaf1201c728487735e | HTML document, Unicode text, UTF-8 text | |||||||||
| hu.xml | c6cd3b3aef1f1168e1cc3a8dbad259e7 | HTML document, Unicode text, UTF-8 text | |||||||||
| de.xml | 73e405bc4a077952a594f45eacbf3679 | HTML document, Unicode text, UTF-8 text | |||||||||
| it.xml | e58a4f669f9bb4e65c08938ec14fc0ae | HTML document, Unicode text, UTF-8 text | |||||||||
| ru.xml | 3dbbd4b92cf7a961c4b0d6f6448158d3 | HTML document, Unicode text, UTF-8 text | |||||||||
| zh-CHS.xml | 9c129c757378459e88425b67c294e0a7 | HTML document, Unicode text, UTF-8 text | |||||||||
| sv.xml | 303eef7781a36e2ac4a51d3dd1187dba | HTML document, Unicode text, UTF-8 text | |||||||||
| fi.xml | 5c6b1dfc54c7246b2abdc18ae32e1c99 | HTML document, Unicode text, UTF-8 text | |||||||||
| en.xml | b73cfe6c5228b6dd2f0de031ac24f36b | HTML document, ASCII text | |||||||||
| es.xml | a80a2e65196a1326b584df1acf4005b9 | HTML document, Unicode text, UTF-8 text | |||||||||
| nl.xml | ef876d10611aff202240e352575d5bf3 | HTML document, Unicode text, UTF-8 text | |||||||||
| pl.xml | 62924cce977a9c3f670b2044dc1f4ba2 | HTML document, Unicode text, UTF-8 text | |||||||||
| fr.xml | 68fb32597738c7a5edf89cc1a2cbe5c9 | HTML document, Unicode text, UTF-8 text | |||||||||
| cz.xml | 9929e73a1c6ed99705f41274633868c2 | HTML document, Unicode text, UTF-8 text | |||||||||
| nb.xml | 6498a355e187fd3b5e2836817eed7fee | HTML document, Unicode text, UTF-8 text | |||||||||
| zh-CHT.xml | 8c66e5869bb7aff6ef88181595f6ff7b | HTML document, Unicode text, UTF-8 text | |||||||||
| Winget-AutoUpdate-Install.ps1 | 8df5590d25c19c623904a05dd2273df9 | ASCII text, with very long lines (386) | |||||||||
| excluded_apps.txt | aad7f30be302ddbb48328992a1853131 | ASCII text | |||||||||
| WAU Configurator.lnk | 9b20069911c33dbb8dc65640cf193731
| MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Icon number=238, Archive, ctime=Thu Oct 19 19:38:41 2023, mtime=Fri Oct 20 08:36:22 2023, atime=Thu Oct 19 19:38:41 2023, length=491520, window=hidenormalshowminimized |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public InfoSec YARA rules | malware | Identifies PowerShell artefacts in shortcut (LNK) files. |
| Public InfoSec YARA rules | malware | Identifies executable artefacts in shortcut (LNK) files. |
| Public InfoSec YARA rules | malware | Identifies shortcut (LNK) file with a long relative path. Might be used in an attempt to hide the path. |
| VirusTotal | suspicious |
JavaScript (0)
No Javascripts found
No Javascripts found
No Javascripts found
HTTP Transactions (2)
| URL | IP | Response | Size | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
github.com/Romanitho/Winget-AutoUpdate/releases/download/v1.20.0/WAU-Configurator.zip | 140.82.121.4 | 302 Found | 0 B | |||||||
HTTP Headers
| ||||||||||
objects.githubusercontent.com/github-production-release-asset-2e65be/448617645/d4e1b38c-de6f-443a-b51c-5be35d8aaf91?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240426%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240426T141124Z&X-Amz-Expires=300&X-Amz-Signature=f7437db447d495e7f77cad1ae291a7af204b1509d35e6d41bf6d71f3c16a5118&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=448617645&response-content-disposition=attachment%3B%20filename%3DWAU-Configurator.zip&response-content-type=application%2Foctet-stream | 185.199.111.133 | 200 OK | 135 kB | |||||||
Detections
HTTP Headers
| ||||||||||