Report - cdn.discordapp.com/attachments/495900802418737172/1230823032185032724/ssd_driver.zip?ex=6634b846&is=66224346&hm=375be3e95c8dea211ac9093a695c0d508857ae63f4a0264170c2edbe3b1335ee&

Report Overview

Submitted URL
cdn.discordapp.com/attachments/495900802418737172/1230823032185032724/ssd_driver.zip?ex=6634b846&is=66224346&hm=375be3e95c8dea211ac9093a695c0d508857ae63f4a0264170c2edbe3b1335ee&
IP
162.159.129.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-19 15:42:00
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-04-18	631 B	7.3 MB	162.159.130.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/495900802418737172/1230823032185032724/ssd_driver.zip?ex=6634b846&is=66224346&hm=375be3e95c8dea211ac9093a695c0d508857ae63f4a0264170c2edbe3b1335ee&
IP
162.159.130.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
7.3 MB (7281283 bytes)
Hash
d7b557885c36b8e0b56d30558d295544
97ebd935656959b460ac0275f2bdad78d0aae8e0
09c7b021d7c77e5f882421dbfa5f4fc30e91b00400e39b0080c00cd5d65e70e9

Archive (23)

Filename

Md5

File type

iaStorAfs.sys

42fb777b7d2da7f2cf7bfd2d66a070b4

PE32+ executable (native) x86-64, for MS Windows, 8 sections

iaStorAfsNative.exe

594f09fc1842118b0052da55695c7562

PE32+ executable (native) x86-64, for MS Windows, 6 sections

iaStorAfsService.exe

622b21c4e80ee22f2b8b540a1e8f2e73

PE32+ executable (console) x86-64, for MS Windows, 7 sections

iaStorVD.cat

0d1601ddb1a3c57b0947986ed2bbf7a6

DER Encoded PKCS#7 Signed Data

iaStorVD.inf

c34e4386ebb5899f3e0aa1432670c08a

Windows setup INFormation

iaStorVD.sys

06e886b213837e67027e52663c4a3e43

PE32+ executable (native) x86-64, for MS Windows, 8 sections

Optane.dll

2e4a0d1dc8d72eba03ce9c898babc423

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

OptaneEventLogMsg.dll

7ec46be42fea49589007ed331b7fe160

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 2 sections

RstMwEventLogMsg.dll

574432b334ea6222a863c9454a68ebda

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 2 sections

RstMwService.exe

3660d113e38fbf6435cc7b4cf2ff0777

PE32+ executable (console) x86-64, for MS Windows, 7 sections

HfcDisableService.exe

fb15291c23ececbb0ee143cfe6bcccf4

PE32+ executable (console) x86-64, for MS Windows, 7 sections

iaAHCIC.cat

2779e5d202153c1b6217a51c95186296

DER Encoded PKCS#7 Signed Data

iaAHCIC.inf

00bff08113ef858caa63678b05200b44

Windows setup INFormation

iaStorAC.cat

6d2b7a589a09e87fe828b4e8e9cec073

DER Encoded PKCS#7 Signed Data

iaStorAC.inf

e92c9943b2b678762e1474b072336a1e

Windows setup INFormation

iaStorAC.sys

bc9b09b9d2156f6f00b2a011f6a59b8d

PE32+ executable (native) x86-64, for MS Windows, 8 sections

iaStorAfs.sys

ebd5c77c8c6873ac69ac35ad0ec7fca9

PE32+ executable (native) x86-64, for MS Windows, 8 sections

iaStorAfsNative.exe

7d54228ceea5a4e7d60a70edb599f39b

PE32+ executable (native) x86-64, for MS Windows, 6 sections

iaStorAfsService.exe

92874b18254358f6f593063cbb37772f

PE32+ executable (console) x86-64, for MS Windows, 7 sections

Optane.dll

23c3aba373ef33bc7703cf8fb88bd016

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

OptaneEventLogMsg.dll

de7e381ffe3f2ce6a94a58b5f1903a81

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 2 sections

RstMwEventLogMsg.dll

a9fa5c248854ca1b9416cde42bfc7d1f

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 2 sections

RstMwService.exe

24a3b4f43b21177ead956f04c898cd84

PE32+ executable (console) x86-64, for MS Windows, 7 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	signed_sys_with_vulnerablity
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	signed_sys_with_vulnerablity
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	cdn.discordapp.com/attachments/495900802418737172/1230823032185032724/ssd_driver.zip?ex=6634b846&is=66224346&hm=375be3e95c8dea211ac9093a695c0d508857ae63f4a0264170c2edbe3b1335ee&	162.159.130.233	200 OK	7.3 MB
URL User Request GET HTTP/2 cdn.discordapp.com/attachments/495900802418737172/1230823032185032724/ssd_driver.zip?ex=6634b846&is=66224346&hm=375be3e95c8dea211ac9093a695c0d508857ae63f4a0264170c2edbe3b1335ee& IP 162.159.130.233:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectdiscordapp.com Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39 ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 7.3 MB (7281283 bytes) Hash d7b557885c36b8e0b56d30558d295544 97ebd935656959b460ac0275f2bdad78d0aae8e0 09c7b021d7c77e5f882421dbfa5f4fc30e91b00400e39b0080c00cd5d65e70e9 HTTP Headers GET /attachments/495900802418737172/1230823032185032724/ssd_driver.zip?ex=6634b846&is=66224346&hm=375be3e95c8dea211ac9093a695c0d508857ae63f4a0264170c2edbe3b1335ee& HTTP/1.1 Host: cdn.discordapp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 19 Apr 2024 15:41:31 GMT content-type: application/zip content-length: 7281283 cf-ray: 876dffc9aa5556bd-OSL cf-cache-status: MISS accept-ranges: bytes, bytes cache-control: public, max-age=31536000 content-disposition: attachment; filename="ssd_driver.zip" etag: "d7b557885c36b8e0b56d30558d295544" expires: Sat, 19 Apr 2025 15:41:30 GMT last-modified: Fri, 19 Apr 2024 10:11:18 GMT vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 x-goog-generation: 1713521478529362 x-goog-hash: crc32c=MCacyA==, md5=17VXiFw2uOC1bTBVjSlVRA== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 7281283 x-guploader-uploadid: ABPtcPoXhyvWQ021nP53tDBzveizwOdtedhVD3KS4XAzBiGTwSoIEsfsyGbvJ3NKrbApxG-MCwqM0AwiBg x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xylUuz%2BVp1H3g%2Bz%2Fy%2BoLN0%2FRC1IYrAq2VGYRN%2F4B6vVCR6OibbtCuUvsuzxAz4sz2OcJsyi024o6za5jCgYd98vT7DEdaXvXw0ET1ZJFaO1jRIUDHaJ9oL8MB%2FmU2s0JqSWLwQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} set-cookie: __cf_bm=lnv2fMdw9Dz2HKjxc430rmW8ARG1Tf.aXhEXSpw_m78-1713541291-1.0.1.1-CZXjYH7zT0pA6sTumjUgU1MQieoIr2GWyzoV3f2CUktRQ9OU2LMaA1hmjChUE6TUJ9HYM94GaCN.mfSMbNQcUw; path=/; expires=Fri, 19-Apr-24 16:11:31 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None _cfuvid=JYAcvYfOZFHh52r56djYifsBguLFxdWW76DshYcMTmM-1713541291075-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None server: cloudflare X-Firefox-Spdy: h2

cdn.discordapp.com/attachments/495900802418737172/1230823032185032724/ssd_driver.zip?ex=6634b846&is=66224346&hm=375be3e95c8dea211ac9093a695c0d508857ae63f4a0264170c2edbe3b1335ee&

162.159.130.233

200 OK

7.3 MB

URL User Request GET HTTP/2
cdn.discordapp.com/attachments/495900802418737172/1230823032185032724/ssd_driver.zip?ex=6634b846&is=66224346&hm=375be3e95c8dea211ac9093a695c0d508857ae63f4a0264170c2edbe3b1335ee&
IP
162.159.130.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
7.3 MB (7281283 bytes)
Hash
d7b557885c36b8e0b56d30558d295544
97ebd935656959b460ac0275f2bdad78d0aae8e0
09c7b021d7c77e5f882421dbfa5f4fc30e91b00400e39b0080c00cd5d65e70e9

HTTP Headers

GET /attachments/495900802418737172/1230823032185032724/ssd_driver.zip?ex=6634b846&is=66224346&hm=375be3e95c8dea211ac9093a695c0d508857ae63f4a0264170c2edbe3b1335ee& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 15:41:31 GMT
content-type: application/zip
content-length: 7281283
cf-ray: 876dffc9aa5556bd-OSL
cf-cache-status: MISS
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment; filename="ssd_driver.zip"
etag: "d7b557885c36b8e0b56d30558d295544"
expires: Sat, 19 Apr 2025 15:41:30 GMT
last-modified: Fri, 19 Apr 2024 10:11:18 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1713521478529362
x-goog-hash: crc32c=MCacyA==, md5=17VXiFw2uOC1bTBVjSlVRA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7281283
x-guploader-uploadid: ABPtcPoXhyvWQ021nP53tDBzveizwOdtedhVD3KS4XAzBiGTwSoIEsfsyGbvJ3NKrbApxG-MCwqM0AwiBg
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xylUuz%2BVp1H3g%2Bz%2Fy%2BoLN0%2FRC1IYrAq2VGYRN%2F4B6vVCR6OibbtCuUvsuzxAz4sz2OcJsyi024o6za5jCgYd98vT7DEdaXvXw0ET1ZJFaO1jRIUDHaJ9oL8MB%2FmU2s0JqSWLwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=lnv2fMdw9Dz2HKjxc430rmW8ARG1Tf.aXhEXSpw_m78-1713541291-1.0.1.1-CZXjYH7zT0pA6sTumjUgU1MQieoIr2GWyzoV3f2CUktRQ9OU2LMaA1hmjChUE6TUJ9HYM94GaCN.mfSMbNQcUw; path=/; expires=Fri, 19-Apr-24 16:11:31 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=JYAcvYfOZFHh52r56djYifsBguLFxdWW76DshYcMTmM-1713541291075-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (23)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers