Report Overview
Visitedpublic
2025-01-16 21:13:13
Tags
Submit Tags
URL
github.com/KintaroEB/POE-2-Assistance/raw/refs/heads/main/3.5.zip
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.3
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
github.com | 1423 | 2007-10-09 | 2016-07-13 | 2025-01-15 | 519 B | 3.9 kB | 140.82.121.4 | |
raw.githubusercontent.com | 35802 | 2014-02-06 | 2014-03-01 | 2025-01-15 | 530 B | 7.7 MB |  185.199.108.133 |
Related reports
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
raw.githubusercontent.com/KintaroEB/POE-2-Assistance/refs/heads/main/3.5.zip
IP / ASN
185.199.108.133
File Overview
File TypeZip archive data, at least v1.0 to extract, compression method=store
Size7.7 MB (7682081 bytes)
MD5da9dd381752c0b132de9b266b1fbd5ce
SHA1a6337af0e934662c18685ef7759ec7c34f49bc09
Archive (86)
| Filename | MD5 | File type |
|---|---|---|
| config.ini | cd5a7f9d9409e6bb89bb3e4adedcb945 | Generic INItialization configuration [values] |
| cports.exe | 996b2a9ad2af67fbf9629e86a42597c2 | PE32+ executable (GUI) x86-64, for MS Windows, 5 sections |
| ggpx_files_here | d41d8cd98f00b204e9800998ecf8427e | |
| upload_me_this_file_in_discord | d41d8cd98f00b204e9800998ecf8427e | |
| atlas.ggpx | 2e54de132d602f3d599633f24669333b | data |
| delirium.ggpx | 2e5057b3d072bea446f79bee481cec2a | data |
| minimap.ggpx | aeba590be074e16629be894b4501dad7 | data |
| monsterhp.ggpx | 1fbd4c43de978811d1d9fb9dd4b382f2 | data |
| restore.ggpx | e017ed010dad5ebd596076f6fe286b2b | data |
| zoom13.ggpx | e45e870ba4c4b62dd765106f875e06a5 | data |
| zoom16.ggpx | 3785ded1d5e7a1b8da92a86825a667c0 | data |
| zoom19.ggpx | 07d6145dd07d5cdb6bec029ed6e2938d | data |
| ggpx_files_in_advanced | d41d8cd98f00b204e9800998ecf8427e | |
| _FUNCTIONS.AHK | 3f4a2ce84145c38af1b75e8b1a538736 | Unicode text, UTF-8 (with BOM) text, with CRLF line terminators |
| _INCLUDES_GLOBAL | 3adf83a93430a2c3e5045a0a61e8b0f5 | ASCII text, with CRLF line terminators |
| _INCLUDES_THREAD | c354e958b3da26fd1e22d587fdef4783 | ASCII text, with CRLF line terminators |
| LibBundle3.dll | da258b2cfc77579481789df2b0fc5dc8 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| LibBundledGGPK3.dll | 8dc28b44625424aa3f0dbf3a531035fe | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| LibGGPK3.dll | e073759831f4be629b5355771faaee15 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| oo2core.dll | a555e1cd5870d1fd7c385d0ea695aa2a | PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections |
| PatchBundle3.dll | cf3c608dd4e432dcdc9135e146d190ed | PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows, 2 sections |
| PatchBundle3.exe | 22fd07dd3087958750fe4a405ca0935e | PE32+ executable (console) x86-64, for MS Windows, 6 sections |
| PatchBundle3.runtimeconfig.json | 8668acdba4ef5bae1442d1caafb5385a | JSON text data |
| PatchBundledGGPK3.dll | b136082b80e03b29dc78ab3fb1dcf024 | PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows, 2 sections |
| PatchBundledGGPK3.exe | 39f1c2e7b1fb183c8f51e1d7559abb68 | PE32+ executable (console) x86-64, for MS Windows, 6 sections |
| PatchBundledGGPK3.runtimeconfig.json | 8668acdba4ef5bae1442d1caafb5385a | JSON text data |
| SystemExtensions.dll | f3a2d9cd7de5c93b63115bd016c5b2d0 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| always_enemy_hp.png | bf4f1c3c029e34a769cd1de018e652bb | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| always_enemy_hp_a.png | bb69e5d95035adb56a2d03341f9a3d66 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| blackscreenmode.png | 7af49d4e5700cba4c3544c9ffcfcb353 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| blackscreenmode_a.png | 5ba40549437f4a80f2983ad05e95b8d2 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| close.png | b225d613564860b8020ba9248a1b6f2b | PNG image data, 125 x 38, 8-bit/color RGB, non-interlaced |
| close_altered.png | dc0278a2dbec73b60385115efae75942 | PNG image data, 125 x 38, 8-bit/color RGB, non-interlaced |
| dc.png | 1d749b98836bc8e47cead02bde8a4437 | PNG image data, 200 x 38, 8-bit/color RGBA, non-interlaced |
| dc_altered.png | cbbcc1ad191ecf357baaf1cb01bf4bce | PNG image data, 200 x 38, 8-bit/color RGBA, non-interlaced |
| enable.wav | 0d8adbf6b0dbad15f3c708510f63a295 | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz |
| exit.png | e2c3de4958bc38d7d8863f436cc33336 | PNG image data, 125 x 38, 8-bit/color RGB, non-interlaced |
| exit.wav | 0cd6c260ef1faf1efc252a25613bf31e | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz |
| exit_altered.png | 3f59cc6f003e6e12ccb739ce5f68f4f3 | PNG image data, 125 x 38, 8-bit/color RGB, non-interlaced |
| gamepad_ai.png | 8ec6073595afff32cee7b360a87dfa2e | PNG image data, 651 x 420, 8-bit/color RGB, non-interlaced |
| gamepad_ai1.png | 3dc9ef7c8074ba6105d76f5f981471fa | PNG image data, 651 x 520, 8-bit/color RGB, non-interlaced |
| gamepad_wnd.png | 0998493e571984a817f2f68a9bb084e0 | PNG image data, 163 x 105, 8-bit/color RGB, non-interlaced |
| insert.wav | 4b2e7f99fc2e1f402e317f862ce78ffc | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 48000 Hz |
| maphack.png | 9f654edd9409b946692998bb98fb300b | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| maphack_altered.png | a045d78e751197d155ee79c00ccbee38 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| minimap.png | 1dd4e67ed360f9406c26c945d4f58125 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| minimap_altered.png | c5da668a82c84d268b73a9a79b7c8148 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| notify.wav | 80c94c596e16453bac410773ceadadfb | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 48000 Hz |
| pp.png | b501654a158aaa2243c532ed01b135d6 | PNG image data, 188 x 35, 8-bit/color RGBA, non-interlaced |
| pp_altered.png | bcebd645465a3f95ba92678358b2c538 | PNG image data, 188 x 35, 8-bit/color RGBA, non-interlaced |
| remove.wav | 7b8be1db87a4bddee47dd8cc849a9ffd | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 48000 Hz |
| remove_atlas_fog.png | efff2969dee80cd2ebd28e6957a324cf | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| remove_atlas_fog_a.png | af547f3f45a6e2e89b9aa6cc15f06973 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| remove_delirium_fog.png | ac277b4d0ac78d17143d10f7b4042510 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| remove_delirium_fog_a.png | 61636c8159a5bceaeb0c6782666f52cf | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| remove_shadowseffects.png | 150b1961b625f41aa4dd8e379d6c7ce8 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| remove_shadowseffects_a.png | e7d71e8d2cb0674aeb6b7bc31019aed3 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| restore.png | 62e1fec0f572c925495c9c684242b055 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| restore_altered.png | 8820fdcff318dd9534505b14d22b2c6d | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| save.png | 82a631b6b495482b761a5ca35025f842 | PNG image data, 125 x 38, 8-bit/color RGB, non-interlaced |
| save.wav | 3a38af61795d6a0b85801f4c5bcd3169 | RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz |
| save_altered.png | 838c4b5bb5766b44663b897f6d2f062e | PNG image data, 125 x 38, 8-bit/color RGB, non-interlaced |
| settings.png | 29cbb0ad3654c61efcba09aeef305a23 | PNG image data, 125 x 38, 8-bit/color RGB, non-interlaced |
| settings_altered.png | 286e4d6ab5e4a423fa65d3ba24a293c4 | PNG image data, 125 x 38, 8-bit/color RGB, non-interlaced |
| virtualgamepad.png | 87b1fc67b5bb8cee20750dbaa66f16a9 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| virtualgamepad_altered.png | baf10cd8173f8ce72db5f2ec02024293 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| zoomout13.png | c2becb2a42f45c0540dbcaf99d3bf3ff | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| zoomout13_altered.png | 06368455696c5c527dc55e8733a538c0 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| zoomout16.png | 3bc2b680436888ba99ed11a64b376431 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| zoomout16_altered.png | 23609b2d7f41f82cf2bea4d6c5aaa59e | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| zoomout19.png | 864058d764a34c13626feab35103240d | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| zoomout19_altered.png | e2aa98d4c194612a35c3396939c64069 | PNG image data, 200 x 38, 8-bit/color RGB, non-interlaced |
| allow_virtualGamepadPoe2exe_to_start_always_as_admin | d41d8cd98f00b204e9800998ecf8427e | |
| ViGEmWrapper.dll | 9053d4747feb614cbe4947d80231f791 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| virtualGamepadPoe2.exe | b5ca63be02cd2fae400c434b2d6d9726 | PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, 3 sections |
| KeyListController.txt | 6023c3148f2373bc3dbab898cd1b2578 | ASCII text, with CRLF line terminators |
| main.exe | f771ac1aa4ca4c29805090a8162108b1 | PE32+ executable (GUI) x86-64, for MS Windows, 5 sections |
| readme.txt | d94e31975e5b0f7a680a8dee793b5246 | ASCII text, with CRLF line terminators |
| HYBRID__THREAD__UTILITY.AHK | f835d9c2c0b586148af88afd0456316b | ASCII text, with CRLF line terminators |
| LOWLIFE__THREAD__TEMPORALRIFT.AHK | 6a68b839213cdb1a0d31b3f4ed80a39b | ASCII text, with CRLF line terminators |
| MOM__THREAD__UTILITY.AHK | 1eeffd9dd5a1d54e1750fc02a95da97e | ASCII text, with CRLF line terminators |
| readme.txt | e0eb170be3c64b780d58c5e3cf294453 | ASCII text, with CRLF line terminators |
| updater.exe | 92749280fa7b89bb2c69dffbcec01c69 | PE32+ executable (GUI) x86-64, for MS Windows, 5 sections |
| __THREAD__KEYSTATE.AHK | 322cdeade33a350d6135a293ea3ec74a | ASCII text, with CRLF line terminators |
| __THREAD__TEMPORALRIFT.AHK | d8e7b05615ab3a0316bda2de8ecf1d70 | ASCII text, with CRLF line terminators |
| __THREAD__UTILITY.AHK | 9211adbfaeb2d655bbedb4e2870b1f93 | ASCII text, with CRLF line terminators |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | Detect pe file that no import table |
| YARAhub by abuse.ch | malware | Detect pe file that no import table |
| YARAhub by abuse.ch | malware | meth_stackstrings |
| YARAhub by abuse.ch | malware | meth_stackstrings |
JavaScript (0)
No JavaScripts
HTTP Transactions (2)
| URL | IP | Response | Size |
|---|