Report - cdn.discordapp.com/attachments/1186872008630349924/1222466664642379846/RDR2_Family_Menu_1_1_7_1.zip?ex=661651cd&is=6603dccd&hm=e1482c3e7b31cb51a8733323b1503f41ab5727658c59c0287f99e956714d105a&/

Report Overview

Submitted URL
cdn.discordapp.com/attachments/1186872008630349924/1222466664642379846/RDR2_Family_Menu_1_1_7_1.zip?ex=661651cd&is=6603dccd&hm=e1482c3e7b31cb51a8733323b1503f41ab5727658c59c0287f99e956714d105a&/
IP
162.159.129.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-28 19:09:21
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-03-27	647 B	10 MB	162.159.135.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/1186872008630349924/1222466664642379846/RDR2_Family_Menu_1_1_7_1.zip?ex=661651cd&is=6603dccd&hm=e1482c3e7b31cb51a8733323b1503f41ab5727658c59c0287f99e956714d105a&/
IP
162.159.135.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
10 MB (10221541 bytes)
Hash
f14bb2eeeef5e7e724e2b74d6d49b59f
a2c69872e0234f1cc8adfb9975539c84ced122e0
54cd1d88ad61865d79608450c0999a3d9e1b6729565a8018989d0aec19cdc21e

Archive (47)

Filename

Md5

File type

03-25-2024-12-07-09_Family.log

a2847db841ab74f207c16228fdcfe737

Unicode text, UTF-8 text, with CRLF line terminators, with escape sequences

03-25-2024-12-14-06_Family.log

ebcc2c035d6f3f4ba6af70091d727b9a

Unicode text, UTF-8 text, with CRLF line terminators, with escape sequences

03-25-2024-12-54-43_Family.log

5fd6a88239c7edcaeae272d69bac89f0

Unicode text, UTF-8 text, with CRLF line terminators, with escape sequences

03-25-2024-15-21-20_Family.log

732ae22db056c22f9c08944ca20eb2fc

ASCII text, with CRLF line terminators, with escape sequences

03-25-2024-17-06-25_Family.log

da1f5a47289210baaf14263c1cedb283

Unicode text, UTF-8 text, with CRLF line terminators, with escape sequences

03-25-2024-17-14-33_Family.log

d2a1f21dbd6a1de0cf922399db48d18e

ASCII text, with CRLF line terminators, with escape sequences

03-25-2024-17-23-24_Family.log

1d46a8579198ea3737f8d5663590fb3d

ASCII text, with CRLF line terminators, with escape sequences

03-25-2024-18-33-11_Family.log

b70c3bd37048130fadc550ce37003ad5

ASCII text, with CRLF line terminators, with escape sequences

03-25-2024-18-45-11_Family.log

9413f96b590a0ca05c9716f2b8dfc7cb

ASCII text, with CRLF line terminators, with escape sequences

03-25-2024-19-45-45_Family.log

2b6cb68a90f692892a61e14cedf7de2c

ASCII text, with CRLF line terminators, with escape sequences

03-25-2024-20-32-35_Family.log

53aa4a51d9c6d39fa9a2f1a0a83f9204

ASCII text, with CRLF line terminators, with escape sequences

03-25-2024-21-48-01_Family.log

cf16883f248ea226976e2ce8ce2c279b

ASCII text, with CRLF line terminators, with escape sequences

03-25-2024-22-13-21_Family.log

820fd6af9abe65f16d37a6344fcb276b

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-09-02-23_Family.log

ba204c24fb7f04960d649906a586162b

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-10-02-12_Family.log

8ec7a52ec044c3b494d0506d71127ffb

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-10-43-52_Family.log

b928e5f2095233bba0c9147a1c541a8f

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-11-59-19_Family.log

b2dd28cf63df48d0ffba1d14ba45773e

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-12-52-52_Family.log

2349d3fe0198e689c7ecec90d33452b1

Unicode text, UTF-8 text, with CRLF line terminators, with escape sequences

03-26-2024-13-07-31_Family.log

b5941b855558a44310d3b78fb6d40c17

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-13-29-09_Family.log

1995f561a1df99bda93ed392e3478819

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-13-49-46_Family.log

3a9c496ec68777f993d6c3a9e096a35d

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-14-03-55_Family.log

faad090af4e7364c474dd784d2b7dcd0

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-15-04-29_Family.log

cac4ff386a542b97d2ee5c4078bdaf19

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-15-47-32_Family.log

a0a70660c2e71113ae0d8c4162fbe58f

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-19-54-40_Family.log

7a66cd9b3ec6381b5df5c544069bf3a1

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-20-28-17_Family.log

dd7c77c32cc5b810df1642ce4e1be7ac

ASCII text, with CRLF line terminators, with escape sequences

03-26-2024-20-38-20_Family.log

bd684941547997889ce3f7bc0b7fddcf

ASCII text, with CRLF line terminators, with escape sequences

Family.log

dcd30f6e6d0de88fb09afc967d4650ff

ASCII text, with CRLF line terminators, with escape sequences

Bool.ttf

fcf3058e82a4ea2132cc023723629fb7

TrueType Font data, 10 tables, 1st "OS/2", 34 names, Macintosh, Copyright Micha? �Neoqueto� Nowak 2014MapperKitRegularFontStruct MapperKitMapperKit RegularVersi

Family.ttf

a90166a308da9b9469cf155a985726ed

TrueType Font data, 14 tables, 1st "FFTM", 14 names, Macintosh

Fonts.ttf

f7e50c657b3d1ec86faee2f6e5daa2f8

TrueType Font data, 18 tables, 1st "FFTM", name offset 0x9a46cc

Listing.ttf

e844e4b3255cf4866309eac479f58e2e

TrueType Font data, 17 tables, 1st "LTSH", 10 names, Macintosh, type 1 string, PointersRegularFontMonger:PointersPointersPointers

Logo.ttf

1ba3a76c457f0f1e6b5f210300868438

TrueType Font data, 17 tables, 1st "GPOS", 22 names, Macintosh, Copyright (c) 2017 by Rockstar Games. All rights reserved.RDR LinoRegular3.000;UKWN;RDRLino-Regu

Hotkeys.json

bd48b4942dde4324869d283ef75b2c13

JSON text data

Logo.png

0b338ec40fc27c3128a3b7313903c693

PNG image data, 1560 x 600, 8-bit/color RGBA, non-interlaced

de_DE.json

8f25e901db4029075db2536c9247711b

JSON text data

en_GB.json

907121abb2fd9f977ece9219095f1e96

JSON text data

ru_RU.json

4fd6373c90e8f0f4f4dd1c8b2ab25ad5

JSON text data

tr_TR.json

a75f2a9f9642240a77923744ae60dd2b

JSON text data

zh_CN.json

6b4cdefbeb23f77f4ef14e612f5b77a8

JSON text data

zh_TW.json

52c34be165a6ac0d79026590db19bbb4

JSON text data

Listing.json

bd22ad250d5cc66fd28aeeb5a03d2be1

JSON text data

Family.lua

b6382d385c06e39d76a875380586684b

ASCII text, with CRLF line terminators

Settings.json

f7afca338e287fdb52b2db17192085ff

JSON text data

FamilyRes.ytd

f9fa61608a28951b0f64eb3ac8f46142

data

FamilyRDR2.dll

a5ba8f073e0713a09d991a1d47512d2d

PE32+ executable (DLL) (console) x86-64, for MS Windows, 3 sections

RDR2Loader.exe

6b4d420a267dcbf73187842105db229d

PE32+ executable (console) x86-64, for MS Windows, 3 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 28/67

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

cdn.discordapp.com/attachments/1186872008630349924/1222466664642379846/RDR2_Family_Menu_1_1_7_1.zip?ex=661651cd&is=6603dccd&hm=e1482c3e7b31cb51a8733323b1503f41ab5727658c59c0287f99e956714d105a&/

162.159.135.233

200 OK

10 MB

URL User Request GET HTTP/2
cdn.discordapp.com/attachments/1186872008630349924/1222466664642379846/RDR2_Family_Menu_1_1_7_1.zip?ex=661651cd&is=6603dccd&hm=e1482c3e7b31cb51a8733323b1503f41ab5727658c59c0287f99e956714d105a&/
IP
162.159.135.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
10 MB (10221541 bytes)
Hash
f14bb2eeeef5e7e724e2b74d6d49b59f
a2c69872e0234f1cc8adfb9975539c84ced122e0
54cd1d88ad61865d79608450c0999a3d9e1b6729565a8018989d0aec19cdc21e

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 28/67

HTTP Headers

GET /attachments/1186872008630349924/1222466664642379846/RDR2_Family_Menu_1_1_7_1.zip?ex=661651cd&is=6603dccd&hm=e1482c3e7b31cb51a8733323b1503f41ab5727658c59c0287f99e956714d105a&/ HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 19:08:51 GMT
content-type: application/zip
content-length: 10221541
cf-ray: 86b9e9443fc9568d-OSL
cf-cache-status: HIT
accept-ranges: bytes, bytes
age: 55737
cache-control: public, max-age=31536000
content-disposition: attachment; filename="RDR2_Family_Menu_1_1_7_1.zip"
etag: "f14bb2eeeef5e7e724e2b74d6d49b59f"
expires: Fri, 28 Mar 2025 19:08:51 GMT
last-modified: Wed, 27 Mar 2024 08:46:05 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1711529165241872
x-goog-hash: crc32c=GY4a8g==, md5=8Uuy7u715+ck4rdNbUm1nw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10221541
x-guploader-uploadid: ABPtcPqncd9Nmc7Pge6A-QRX59bkcZk18Anu9zQ6kaC4rDhjjJguVBOWTEJEUv120Kt2nbRpB0o
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pV19SAbxCvWlRxfjn7c2ZJNln5AuVRAMTo0Y9XxrnrBtTnD0pvWAh5t8qorWDi0QHl2%2FJkyQhIEpICtmvkkoowC0geTxZgUQZrJy1UILoUu0hZlbokJ%2BgIJeP1vLBHFrQ3iGyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=DSlY68Yn_Jxnp6p07T3brfNMFywabb9rJ954O7pvwPs-1711652931-1.0.1.1-t6wqCI8tO6.ELg7izcmw5yns8S_DNfmHthBdmttQVlbujYf7UzLqBkWHjGscuMf4lXjemF.5.odYm55aN1BdZQ; path=/; expires=Thu, 28-Mar-24 19:38:51 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=bRtS_pJZLM9lhsMlqpUUMEkGHqlD.X2ymG5UiClTUIs-1711652931263-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2