Report Overview
Submitted URL
cdn.discordapp.com/attachments/1231766517461291011/1231771741798268948/Book_PDF_5435435435.zip?ex=66382bd4&is=6625b6d4&hm=3cf9dd23b23f6ab33dd0caac27500b36ac658164c186f1d45e333a695946dc47&
IP
162.159.134.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-23 09:02:17
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
5
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
cdn.discordapp.com | 2474 | 2015-02-26 | 2015-08-24 | 2024-04-22 | 641 B | 16 MB | 162.159.133.233 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
Files detected
URL
cdn.discordapp.com/attachments/1231766517461291011/1231771741798268948/Book_PDF_5435435435.zip?ex=66382bd4&is=6625b6d4&hm=3cf9dd23b23f6ab33dd0caac27500b36ac658164c186f1d45e333a695946dc47&
IP
162.159.133.233
ASN
#13335 CLOUDFLARENET
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
16 MB (16532208 bytes)
Hash
6847093e75468cd985c7b8b46749206e
f85d265f2b3165c7fcc0b70fd60b0eac69858f43
Archive (3)
Filename | Md5 | File type | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Book_part3.pdf | 3128f3e562e54087ddb67da4c52bc0c0 | ASCII text, with very long lines (65536), with no line terminators | ||||||||||||
Book_part1.pdf.lnk | 26c700dde4b79c0dedc9a29b208eedf9
| MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=13, Archive, ctime=Sat Jun 5 12:07:00 2021, mtime=Sun Apr 21 03:35:54 2024, atime=Sat Jun 5 12:07:00 2021, length=450560, window=hide | ||||||||||||
Book_part2.pdf | 3128f3e562e54087ddb67da4c52bc0c0 | ASCII text, with very long lines (65536), with no line terminators |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public InfoSec YARA rules | malware | Identifies PowerShell artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies executable artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies download artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies shortcut (LNK) file with a long relative path. Might be used in an attempt to hide the path. |
VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
cdn.discordapp.com/attachments/1231766517461291011/1231771741798268948/Book_PDF_5435435435.zip?ex=66382bd4&is=6625b6d4&hm=3cf9dd23b23f6ab33dd0caac27500b36ac658164c186f1d45e333a695946dc47& | 162.159.133.233 | 200 OK | 16 MB | |||||||
Detections
HTTP Headers
| ||||||||||