Report - cdn.discordapp.com/attachments/1193213884056744016/1218257678992801952/cec79bc5786f9c05_4_1.zip?ex=662b4320&is=6629f1a0&hm=223d05e81876b3ee8b855612ac474724dd169d3ec324c766fc6428591d9b89bf&

Report Overview

Submitted URL
cdn.discordapp.com/attachments/1193213884056744016/1218257678992801952/cec79bc5786f9c05_4_1.zip?ex=662b4320&is=6629f1a0&hm=223d05e81876b3ee8b855612ac474724dd169d3ec324c766fc6428591d9b89bf&
IP
162.159.130.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 14:16:43
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-04-24	642 B	7.2 MB	162.159.130.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/1193213884056744016/1218257678992801952/cec79bc5786f9c05_4_1.zip?ex=662b4320&is=6629f1a0&hm=223d05e81876b3ee8b855612ac474724dd169d3ec324c766fc6428591d9b89bf&
IP
162.159.130.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
7.2 MB (7227674 bytes)
Hash
08790ba2410958585cfacced72b41647
62c8e4eebb865bd4dcac1a79b901b302e8aa9527
f2b1af16a6d50fd1d7697217740547cb36564f335bbaab482c04f84c66b2c257

Archive (17)

Filename

Md5

File type

afof.wav

2902f17199b81b0e4c949e21786f072b

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

afon.wav

88ce5a31051cf04dae97702b24fd4263

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

block.wav

1a41a157159c189d174b633b98ff4527

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

buock.wav

d20cc6496264521ffe602b6bb46d4cf1

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

CoreLibNet.dll

dcb4cc859454070f053d4bec63b6d47e

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

ioff.wav

367628d95a91fd887609d00febf45dec

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

ion.wav

4bd66cd6846b900d47a2765ced6f2c78

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

NetLimiter.dll

6e5459e4ddcda2e3f0fa0267e6af2bb3

PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows, 2 sections

NLInterop.dll

3ea750dd60f5216100889c6d599616fb

PE32+ executable (DLL) (GUI) x86-64 Mono/.Net assembly, for MS Windows, 7 sections

NLog.dll

b70274014c925937f0f2e79de6a17615

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

setup.exe

3016ba5803076073a95f9c744633ea31

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

soff.wav

0ee4d8474fc01f1e0d95ca63d96ae153

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

son.wav

bca53317bd1da2fec6599deb2dfb30df

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

yt.txt

6dc2f80072d393e3d55050c7e9969a11

ASCII text, with no line terminators

�� .txt

337cde9dd772d201b211b01782fc31d2

ISO-8859 text, with CRLF line terminators

��.exe

dc5189a6fa786791ae8efcfb90ee0328

PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows, 2 sections

�� - ��.txt

e2f7ccefe3df24d9238d5cda065f51ff

ISO-8859 text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 26/63

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

cdn.discordapp.com/attachments/1193213884056744016/1218257678992801952/cec79bc5786f9c05_4_1.zip?ex=662b4320&is=6629f1a0&hm=223d05e81876b3ee8b855612ac474724dd169d3ec324c766fc6428591d9b89bf&

162.159.130.233

200 OK

7.2 MB

URL User Request GET HTTP/2
cdn.discordapp.com/attachments/1193213884056744016/1218257678992801952/cec79bc5786f9c05_4_1.zip?ex=662b4320&is=6629f1a0&hm=223d05e81876b3ee8b855612ac474724dd169d3ec324c766fc6428591d9b89bf&
IP
162.159.130.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
7.2 MB (7227674 bytes)
Hash
08790ba2410958585cfacced72b41647
62c8e4eebb865bd4dcac1a79b901b302e8aa9527
f2b1af16a6d50fd1d7697217740547cb36564f335bbaab482c04f84c66b2c257

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 26/63

HTTP Headers

GET /attachments/1193213884056744016/1218257678992801952/cec79bc5786f9c05_4_1.zip?ex=662b4320&is=6629f1a0&hm=223d05e81876b3ee8b855612ac474724dd169d3ec324c766fc6428591d9b89bf& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 14:16:16 GMT
content-type: application/zip
content-length: 7227674
cf-ray: 879ef32bb9f8712f-OSL
cf-cache-status: MISS
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment; filename="cec79bc5786f9c05_4_1.zip"
etag: "08790ba2410958585cfacced72b41647"
expires: Fri, 25 Apr 2025 14:16:16 GMT
last-modified: Fri, 15 Mar 2024 18:01:04 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1710525664878136
x-goog-hash: crc32c=nxUM5g==, md5=CHkLokEJWFhc+sztcrQWRw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7227674
x-guploader-uploadid: ABPtcPp_Kn_4uB7SH7FxRx2eU6sUgJjvvWdZmv7mkwoTVThlV6eUQh0j1-1TOAiN5owg9mwJzIw
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59Pw0kH3bxRcR26l714gPyNeiok0YBKEVfbDtK2Zv3y7sj5DSRne71ckG15b4SgkRA%2FKe8W0pvGcJqSjOQTzon071F6S%2FICMbRx8tblqY4GYpMsxGrDgFQCyxv4ogoOxsuQyCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=jJRXxBljY3uAbu0YDaGZwI7.NVo_R8qAlA.Mv6PZaLs-1714054576-1.0.1.1-DnNYC._N1m1lSqdpLCnH0FcAkUuzLw48OTUK.P77_W6fknY1K3iUKUblFphnFrOcgUwhaa7EL1ENtDHVDUsMxw; path=/; expires=Thu, 25-Apr-24 14:46:16 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=b9po25ByFDwTv2e3oKIjqHMNqVHNtcT6CWr6tV0FH6Q-1714054576524-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (17)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers