Report - cdn.discordapp.com/attachments/1145753875987562669/1233429978138411079/Debug.zip?ex=662d10ae&is=662bbf2e&hm=4300d04928594125880f8bdc01ec0a5248c3748cf40f02be2692ae0e03aff86e&

Report Overview

Submitted URL
cdn.discordapp.com/attachments/1145753875987562669/1233429978138411079/Debug.zip?ex=662d10ae&is=662bbf2e&hm=4300d04928594125880f8bdc01ec0a5248c3748cf40f02be2692ae0e03aff86e&
IP
162.159.135.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 14:53:36
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-04-25	627 B	2.8 MB	162.159.129.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/1145753875987562669/1233429978138411079/Debug.zip?ex=662d10ae&is=662bbf2e&hm=4300d04928594125880f8bdc01ec0a5248c3748cf40f02be2692ae0e03aff86e&
IP
162.159.129.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.8 MB (2780639 bytes)
Hash
3a6e92d91a602d7c29ac776e15d76ab4
1457b52987de9a12db45e7b162c5b66e584c52ab
98fb59726f3c8496b925ae358dda584d7f161f6db3c445e0c908edbf5bac5cac

Archive (15)

Filename

Md5

File type

font.ttf

559e2c661bda0df1442c897454fc98a2

libcurl_debug.dll

f783fe6d8073ed263897f913110db5df

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

README.txt

0e830aef3382e506ee117c84d9242cc3

ISO-8859 text, with no line terminators

SDL2.dll

d907fdb46a171761bd4d8ca62456853a

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

SDL2THING.exe

712605bfcbc8a7606da6a1c43fc7558e

PE32 executable (console) Intel 80386, for MS Windows, 9 sections

SDL2_image.dll

6524007b798a3bb294f05cc568ab0e37

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

SDL2_mixer.dll

83da0cd09edda199b1622b8727d5fbc5

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

SDL2_ttf.dll

d6d34e0e1be34da69f7c9eecb49c8852

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

hit.wav

5949a05277e61b80bdbc2edef0ce75bd

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 44100 Hz

lost.wav

a6e6bfb560ce21c1e158f0b42e3832a0

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 44100 Hz

start.wav

8a1cf71aee5ed493d56d6f47423312d5

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 44100 Hz

wall.wav

7b1aa1cb1deb70cff28831ffaac07a08

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 8 bit, mono 44100 Hz

ball-16x16.png

1a93dbfdd0e207f0bca8fc7fc33a6e3d

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

ball-32x32.png

999dbb159451b938b0cf7d74e13f2bad

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

ball.png

a567e29ff1e70743a4985c3a6cd7c995

PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	cdn.discordapp.com/attachments/1145753875987562669/1233429978138411079/Debug.zip?ex=662d10ae&is=662bbf2e&hm=4300d04928594125880f8bdc01ec0a5248c3748cf40f02be2692ae0e03aff86e&	162.159.129.233	200 OK	2.8 MB
URL User Request GET HTTP/2 cdn.discordapp.com/attachments/1145753875987562669/1233429978138411079/Debug.zip?ex=662d10ae&is=662bbf2e&hm=4300d04928594125880f8bdc01ec0a5248c3748cf40f02be2692ae0e03aff86e& IP 162.159.129.233:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectdiscordapp.com Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39 ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 2.8 MB (2780639 bytes) Hash 3a6e92d91a602d7c29ac776e15d76ab4 1457b52987de9a12db45e7b162c5b66e584c52ab 98fb59726f3c8496b925ae358dda584d7f161f6db3c445e0c908edbf5bac5cac HTTP Headers GET /attachments/1145753875987562669/1233429978138411079/Debug.zip?ex=662d10ae&is=662bbf2e&hm=4300d04928594125880f8bdc01ec0a5248c3748cf40f02be2692ae0e03aff86e& HTTP/1.1 Host: cdn.discordapp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 26 Apr 2024 14:53:09 GMT content-type: application/zip content-length: 2780639 cf-ray: 87a76696ebaa1c16-OSL cf-cache-status: HIT accept-ranges: bytes, bytes cache-control: public, max-age=31536000 content-disposition: attachment; filename="Debug.zip" etag: "3a6e92d91a602d7c29ac776e15d76ab4" expires: Sat, 26 Apr 2025 14:53:09 GMT last-modified: Fri, 26 Apr 2024 14:50:22 GMT vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 x-goog-generation: 1714143022899413 x-goog-hash: crc32c=WGZakw==, md5=Om6S2RpgLXwprHduFddqtA== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 2780639 x-guploader-uploadid: ABPtcPqxvJP0RUsMJRc3Y02sYv2X13s5-ZMkHufj4ZpiRO3JyJlYOVqbNOjLmCrHhh4574BdtRA x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5kfUQm7Eb1HjeVe%2F%2F1DE57MPMTAIuH9Hg6kJqIavApzgwzK%2FBIN1SM384fdmoyMpeUkhc07NEVkVrNh4jjTJYheALJAyCghvWouULs%2BXTMFZuTDYQV%2FceCmznzfJEUiglO5tA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} set-cookie: __cf_bm=hijq378uh63ntHFnnZW8MEieTDnlnockqJFyfnEdLqY-1714143189-1.0.1.1-mu0wb8QRIykAy2EklI7v85WpLWyEKC6qYKM1whTXeBrTXmCSLuIV2sBr7pxJ3h.e0PPws3VIYlTJq8kELKvKcg; path=/; expires=Fri, 26-Apr-24 15:23:09 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None _cfuvid=uDWlu_C3bSS12hbfaJmK4wIajtFiGcBe9x2dvxHazCc-1714143189635-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None server: cloudflare X-Firefox-Spdy: h2

cdn.discordapp.com/attachments/1145753875987562669/1233429978138411079/Debug.zip?ex=662d10ae&is=662bbf2e&hm=4300d04928594125880f8bdc01ec0a5248c3748cf40f02be2692ae0e03aff86e&

162.159.129.233

200 OK

2.8 MB

URL User Request GET HTTP/2
cdn.discordapp.com/attachments/1145753875987562669/1233429978138411079/Debug.zip?ex=662d10ae&is=662bbf2e&hm=4300d04928594125880f8bdc01ec0a5248c3748cf40f02be2692ae0e03aff86e&
IP
162.159.129.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.8 MB (2780639 bytes)
Hash
3a6e92d91a602d7c29ac776e15d76ab4
1457b52987de9a12db45e7b162c5b66e584c52ab
98fb59726f3c8496b925ae358dda584d7f161f6db3c445e0c908edbf5bac5cac

HTTP Headers

GET /attachments/1145753875987562669/1233429978138411079/Debug.zip?ex=662d10ae&is=662bbf2e&hm=4300d04928594125880f8bdc01ec0a5248c3748cf40f02be2692ae0e03aff86e& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 14:53:09 GMT
content-type: application/zip
content-length: 2780639
cf-ray: 87a76696ebaa1c16-OSL
cf-cache-status: HIT
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment; filename="Debug.zip"
etag: "3a6e92d91a602d7c29ac776e15d76ab4"
expires: Sat, 26 Apr 2025 14:53:09 GMT
last-modified: Fri, 26 Apr 2024 14:50:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1714143022899413
x-goog-hash: crc32c=WGZakw==, md5=Om6S2RpgLXwprHduFddqtA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2780639
x-guploader-uploadid: ABPtcPqxvJP0RUsMJRc3Y02sYv2X13s5-ZMkHufj4ZpiRO3JyJlYOVqbNOjLmCrHhh4574BdtRA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5kfUQm7Eb1HjeVe%2F%2F1DE57MPMTAIuH9Hg6kJqIavApzgwzK%2FBIN1SM384fdmoyMpeUkhc07NEVkVrNh4jjTJYheALJAyCghvWouULs%2BXTMFZuTDYQV%2FceCmznzfJEUiglO5tA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=hijq378uh63ntHFnnZW8MEieTDnlnockqJFyfnEdLqY-1714143189-1.0.1.1-mu0wb8QRIykAy2EklI7v85WpLWyEKC6qYKM1whTXeBrTXmCSLuIV2sBr7pxJ3h.e0PPws3VIYlTJq8kELKvKcg; path=/; expires=Fri, 26-Apr-24 15:23:09 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=uDWlu_C3bSS12hbfaJmK4wIajtFiGcBe9x2dvxHazCc-1714143189635-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (15)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers