Report Overview
Submitted URL
cdn.discordapp.com/attachments/1238554909020913814/1238554938548686878/SS_EXPOSED_50.zip?ex=663fb5ac&is=663e642c&hm=54ccfbba645e885e0996b2323b3ba6655ae5d652c5d6fada333b662facae543c&
IP
162.159.133.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 18:15:57
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
cdn.discordapp.com | 2474 | 2015-02-26 | 2015-08-24 | 2024-05-09 | 635 B | 6.3 MB | 162.159.135.233 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
cdn.discordapp.com/attachments/1238554909020913814/1238554938548686878/SS_EXPOSED_50.zip?ex=663fb5ac&is=663e642c&hm=54ccfbba645e885e0996b2323b3ba6655ae5d652c5d6fada333b662facae543c&
IP
162.159.135.233
ASN
#13335 CLOUDFLARENET
File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
6.3 MB (6255037 bytes)
Hash
db3d5b6453ebfce33014589f907de85f
a017e689341808fac0d9520c1733a504760903e6
Archive (89)
Filename | Md5 | File type | ||||||
---|---|---|---|---|---|---|---|---|
antibypass 3.txt | 508758486fa19275e2604768791042b6 | ASCII text, with CRLF line terminators | ||||||
eventviewer.txt | 0e356ea57875ff8f912b8dd197fa0fc8 | ASCII text, with CRLF line terminators | ||||||
nunesbypass.txt | e1f56dbfd107b5752d5bb0f025a8cad0 | ASCII text, with CRLF line terminators | ||||||
PROCESS HACKER 2 BYPASS-NERF.url | 0e50a12013035245b0b7c8e0d8c30c84 | MS Windows 95 Internet shortcut text (URL=<https://streamable.com/2tw5j2>), ASCII text, with CRLF line terminators | ||||||
TASK KILL.url | dab7ed09c1c7fc1f3fe729a180f9a59e | MS Windows 95 Internet shortcut text (URL=<https://streamable.com/x4lf8g>), ASCII text, with CRLF line terminators | ||||||
cheat da cercare.txt | 49a9ce758c8e388a1eafc3a7a4a5898c | ASCII text, with CRLF line terminators | ||||||
asgard stringa.txt | 8f7c32852a35c857267f9a37e7b3c264 | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
eulen stringa.txt | ddfd5a9f69a856aa87be4f6a38865cc0 | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
monster stringa.txt | 4bf01a2e6e3d3cc54d98a2d570fb97b7 | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
skript stringa.txt | 26d5fe819ed44600c55bd02f27872097 | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
dir.txt | 7cc0a08cc079af143358735bf8f63c20 | ASCII text, with CRLF line terminators | ||||||
estensioni.txt | a331f5be418810dba5da7fb12b544022 | ASCII text, with no line terminators | ||||||
file cancellati.txt | 901a05d14fa144f6edabab4c401a56b8 | ASCII text, with no line terminators | ||||||
file creati.txt | 73b9324580526c011cddf6422fa7364d | ASCII text, with no line terminators | ||||||
file rinominati (nuovo nome).txt | 50443d0ba99ec0ace4b90733375e1f5c | ASCII text, with no line terminators | ||||||
file rinominati (vecchio nome).txt | cf9511d98b58fbad87192c1bfda228b8 | ASCII text, with CRLF line terminators | ||||||
file rinominati.txt | 623759bd4c2a7bf0968f0f22cca174af | ASCII text, with very long lines (348), with no line terminators | ||||||
list volume.txt | f42caf082ed4cc43d7b3b6c973e597ed | ASCII text, with CRLF line terminators | ||||||
processo riavviato .txt | 16fbc5f121eac85767174e730c8acbf0 | ASCII text, with no line terminators | ||||||
tasklist.txt | 6e0ad8e44cff1b5d2901e1c7d166a2a4 | ASCII text, with no line terminators | ||||||
tree.txt | 77f85b1111b7d5ad892b2e46226a4b28 | ASCII text, with CRLF line terminators | ||||||
usn journal.txt | cbabcf3e6e446dd0bdde8c7e2a0bd883 | ASCII text, with CRLF line terminators | ||||||
vssadmin.txt | 96eb307d14ca341bf5501b95be450a7a | ASCII text, with no line terminators | ||||||
acrivity monitor.txt | 3f0c7c55a63ec52957d8170870ff0832 | Unicode text, UTF-8 text, with no line terminators | ||||||
cestino.txt | 5c8d1b713205e86b87dbcf90441ffdfd | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
finder 2.txt | 6a7da03a5c809b2e84beff966ad33bdd | Unicode text, UTF-8 text, with no line terminators | ||||||
finder.txt | 0ba96427fdb765760de5ea3c3eb5268a | ASCII text, with no line terminators | ||||||
recent.txt | aa7a46ce3f8b4f6666541ab3925aaaba | ASCII text, with CRLF line terminators | ||||||
systeminfo.txt | ec9cb07127898a1cdd8148b543021d44 | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
macro.txt | a32495862fa764d75ebb663831c84dca | ASCII text, with CRLF line terminators | ||||||
childitem.txt | 04ffa44b24e02967c7a7428121f1f75a | ASCII text, with CRLF line terminators | ||||||
getservice.txt | c7eb9f3d97c7c881fea7d06e70525d09 | ASCII text, with CRLF line terminators | ||||||
history.txt | dc743f9e958277fb8f4ab5e04b664581 | ASCII text, with no line terminators | ||||||
programmi.txt | 2e2d7d8668865abbdf5bf58f867231cf | ASCII text, with CRLF line terminators | ||||||
recurse.txt | 72a9b085bde1ea9bfc5498596d414b6c | ASCII text, with CRLF line terminators | ||||||
storico comandi.txt | 04a61ea59da4308fc663f3940bd85ad0 | ASCII text, with CRLF line terminators | ||||||
usb.txt | 06b6ca5ba84b3021982699570c06c501 | ASCII text, with CRLF line terminators | ||||||
usbdeview.txt | 04cca2aafd06f18f84be589852cd0eb8 | ASCII text, with no line terminators | ||||||
processi da analizzare.txt | b06db1ee2594326882af9574272d6cad | ASCII text, with CRLF line terminators | ||||||
cdpu.txt | 986fd8f89effb538232acab8ff6d7d22 | ASCII text, with CRLF line terminators | ||||||
csrss.txt | d4e2e07dfc3ebf3d9299ce9c45454501 | ASCII text, with CRLF line terminators | ||||||
diagtrack.txt | 9aee76a2053b3962064ebd10ab0d1d14 | ASCII text, with CRLF line terminators | ||||||
discord.txt | 73bfae5aa2674b1d0501cb7b1fe86d31 | ASCII text, with CRLF line terminators | ||||||
dps -s dps.txt | d162591f243be20ba9d2a1854bcc3824 | ASCII text, with CRLF line terminators | ||||||
dwm.txt | 75f015545bae5f290479dc2f873967ea | ASCII text, with CRLF line terminators | ||||||
explorer.txt | 358ea2c5181ea6fa997351bebb0a4a8d | ASCII text, with CRLF line terminators | ||||||
msmpeng.txt | 080d158f6a5e7d8db67283b90cd32041 | ASCII text, with CRLF line terminators | ||||||
pcasvc.txt | 6d35de41696222c0fd644b5c39d70522 | ASCII text, with CRLF line terminators | ||||||
sens.txt | 9cf07d0f0f1e586e23eb077cd225e136 | ASCII text, with CRLF line terminators | ||||||
sihost.txt | 38772d24c47c1c67d236491e7e2c74a4 | ASCII text, with CRLF line terminators | ||||||
smartscreen.txt | 97d942f211fc84a60f1709f7d4f03105 | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
stringhe.txt | 52ca2232d3e772ea2d6145cb8757e4fe | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
taskhost.txt | f6b1b9c6d0fa9888ef7d41cebdb4f928 | Hewlett-Packard Graphics Language, starting with "PASSO 1 : .exe" with "PASSO 2 : " | ||||||
CombatV3 3.3.exe | 63b05c89422ddcbd4e77d3ee0147c696
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
Everything-1.4.1.1015.x86-Setup.exe | 95d150503972a8aa8f20dc70c20fa6bb
| PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections | ||||||
LastActivityView.cfg | 9689da8b2277ab84645d0282f05bf6a6 | ASCII text, with CRLF line terminators | ||||||
LastActivityView.exe | a19eb1487622a13402c0d63eede58f59 | PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections | ||||||
passaggi.rtf | 0e48c4d1d98dd21301ccfba91644ebdd | Rich Text Format data, version 1, ANSI, code page 1252 | ||||||
Process Hacker 2.lnk | 4bb24ef23e9233396dd7f82b85ddeea0
| MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Fri Jun 24 12:18:27 2022, mtime=Fri Jun 24 12:18:28 2022, atime=Tue Mar 29 10:35:02 2016, length=1719840, window=hide | ||||||
RecentFilesView.cfg | d0d670007c182cfbab01fb6d7200d709 | ASCII text, with CRLF line terminators | ||||||
RecentFilesView.exe | 4d27a0ef39f71709510662519553b24d | PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
regscanner.cfg | 983325d83f3854117269da5fea232fc5 | Generic INItialization configuration [RecentConfigFiles] | ||||||
RegScanner.exe | 6b319a9e95bd87100a7bf957f118c437
| PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections | ||||||
USBDeview.cfg | 8d4729976471d041868d939c36b47d63 | ASCII text, with very long lines (487), with CRLF line terminators | ||||||
USBDeview.exe | 90c932023af5fc1900e374e66f5e8140
| PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections | ||||||
All regedit strings.txt | dd8909c63182b22ee18e21fc6dd66170
| ASCII text, with CRLF line terminators | ||||||
7 zip.txt | 87f0d619ffde15e2052875aedad7e145 | ASCII text, with no line terminators | ||||||
appswitched.txt | 60ed796be034d4154c4ea40d79ca5bb1 | ASCII text, with CRLF line terminators | ||||||
archistory.txt | b503f4c841d3549e861440041160b23e | ASCII text, with CRLF line terminators | ||||||
cidsizemru.txt | 804ac79fa968252490ec9aa78ac5ebba | ASCII text, with CRLF line terminators | ||||||
lastvisitedpidlmru.txt | 27332fec8f9a8b0255d5f2250fd2fc7f | ASCII text, with CRLF line terminators | ||||||
muicache.txt | a1284bd099ab706f06c3459d28ede416 | ASCII text, with CRLF line terminators | ||||||
muont device.txt | 83556531c9a2ef080c6bd817ccb4fc5d | ASCII text, with CRLF line terminators | ||||||
opensavepidlmru.txt | 85f41ac37b0bba7fae58ecc997749810 | ASCII text, with CRLF line terminators | ||||||
recent docs.txt | ea61eb0f7a72f42b9fa6c01a964a30ab | ASCII text, with CRLF line terminators | ||||||
showjumpview.txt | 09a33a5319e1cc4ed12823f0924f14d4 | ASCII text, with CRLF line terminators | ||||||
store.txt | c0be44b9867f21e8a21d5f2deca4512b | ASCII text, with CRLF line terminators | ||||||
user settings.txt | 98dd880f0ffe4a73e1c4de4e8875b6df | ASCII text, with CRLF line terminators | ||||||
winrar.txt | e6275d50dcc979af4b04f6b61fcc1f72 | ASCII text, with CRLF line terminators | ||||||
Antivirus Detection.url | c60c932bdcbde04c0eca8d7113c2e356 | MS Windows 95 Internet shortcut text (URL=<https://streamable.com/os5z9d>), ASCII text, with CRLF line terminators | ||||||
CPU USAGE, SPOILER PACK ULTRA + BASIC THINGS.url | 518de100352720c6111bbb5ae5414867 | MS Windows 95 Internet shortcut text (URL=<https://streamable.com/dvgp3e>), ASCII text, with CRLF line terminators | ||||||
All win+r.txt | 580d3d7d337489b1c4943b2d7aa6b578 | ASCII text, with CRLF line terminators | ||||||
cestino win + r.txt | 8fc6d747a46c103306b64abf5545249e | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
firewall win + r.txt | 5329b5fe0960bcf916ba247ad2bf836d | ASCII text, with CRLF line terminators | ||||||
netplwiz.txt | 0688833455e9d3ac71a1d197fe2b4fe6 | Unicode text, UTF-8 text, with CRLF line terminators | ||||||
partizioni.txt | 83556531c9a2ef080c6bd817ccb4fc5d | ASCII text, with CRLF line terminators | ||||||
prefetch win + r.txt | e082fb6e006112e9a66abf204ab1f673 | ASCII text, with CRLF line terminators | ||||||
recenti win + r.txt | 8a18453ff17532dcc6efa6d0a11255bd | ASCII text, with CRLF line terminators | ||||||
temp win + r.txt | 41713a0d0367f1e8a1033645dd1266e1 | ASCII text, with CRLF line terminators |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public InfoSec YARA rules | malware | Identifies executable artefacts in shortcut (LNK) files. |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | files - file ~tmp01925d3f.exe |
YARAhub by abuse.ch | malware | meth_stackstrings |
YARAhub by abuse.ch | malware | Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen |
VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
cdn.discordapp.com/attachments/1238554909020913814/1238554938548686878/SS_EXPOSED_50.zip?ex=663fb5ac&is=663e642c&hm=54ccfbba645e885e0996b2323b3ba6655ae5d652c5d6fada333b662facae543c& | 162.159.135.233 | 200 OK | 6.3 MB | |||||||
Detections
HTTP Headers
| ||||||||||