Report - raw.githubusercontent.com/Dump-GUY/Malware_TEMP/main/MBRWiper

Report Overview

Visited public
2023-09-24 03:14:39
Tags
URL
raw.githubusercontent.com/Dump-GUY/Malware_TEMP/main/MBRWiper_%20a0195c08fbfe459520423bf0a7c20504.7z
Finishing URL
about:privatebrowsing
IP / ASN
185.199.108.133
#54113 FASTLY
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
raw.githubusercontent.com	35802	2014-02-06	2014-03-01 08:08:08	2023-09-23 18:46:27	556 B	986 kB	185.199.111.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-24 03:14:34	high	54.37.238.86	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
raw.githubusercontent.com/Dump-GUY/Malware_TEMP/main/MBRWiper_%20a0195c08fbfe459520423bf0a7c20504.7z
IP
185.199.111.133
ASN
#54113 FASTLY

File type
7-zip archive data, version 0.4\012- data
Size
985 kB (984720 bytes)
Hash
b88afd4cc9e0d6575c61a7e0542a8f6c
c8c07b06c1ee038c566f8ff2d4aafac4322ab16c
3813c39904fbc424f3c6d64e244b9b08011beb61a32b780260d23b0bae4b50a8

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Size
	raw.githubusercontent.com/Dump-GUY/Malware_TEMP/main/MBRWiper_%20a0195c08fbfe459520423bf0a7c20504.7z	185.199.111.133	985 kB
URL raw.githubusercontent.com/Dump-GUY/Malware_TEMP/main/MBRWiper_%20a0195c08fbfe459520423bf0a7c20504.7z IP 185.199.111.133:0 ASN #54113 FASTLY File type 7-zip archive data, version 0.4\012- data Size 985 kB (984720 bytes) Hash b88afd4cc9e0d6575c61a7e0542a8f6c c8c07b06c1ee038c566f8ff2d4aafac4322ab16c 3813c39904fbc424f3c6d64e244b9b08011beb61a32b780260d23b0bae4b50a8 HTTP Headers GET /Dump-GUY/Malware_TEMP/main/MBRWiper_%20a0195c08fbfe459520423bf0a7c20504.7z HTTP/1.1 Host: raw.githubusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK cache-control: max-age=300 content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox content-type: application/octet-stream etag: W/"5040bba09cd175151ad6ed7dbc14ebce0b4111b1453e8817196c2e9e415038f8" strict-transport-security: max-age=31536000 x-content-type-options: nosniff x-frame-options: deny x-xss-protection: 1; mode=block x-github-request-id: 2914:9D75:221D6A3:239DB30:650FA98C accept-ranges: bytes date: Sun, 24 Sep 2023 03:14:22 GMT via: 1.1 varnish x-served-by: cache-bma1621-BMA x-cache: MISS x-cache-hits: 0 x-timer: S1695525263.543363,VS0,VE118 vary: Authorization,Accept-Encoding,Origin access-control-allow-origin: * cross-origin-resource-policy: cross-origin x-fastly-request-id: c985dd42bb3bc043ebf0d2a09fc8ccbb0dd4d0af expires: Sun, 24 Sep 2023 03:19:22 GMT source-age: 0 content-length: 984720 X-Firefox-Spdy: h2

raw.githubusercontent.com/Dump-GUY/Malware_TEMP/main/MBRWiper_%20a0195c08fbfe459520423bf0a7c20504.7z

185.199.111.133

985 kB

URL
raw.githubusercontent.com/Dump-GUY/Malware_TEMP/main/MBRWiper_%20a0195c08fbfe459520423bf0a7c20504.7z
IP
185.199.111.133:0
ASN
#54113 FASTLY

File type
7-zip archive data, version 0.4\012- data
Size
985 kB (984720 bytes)
Hash
b88afd4cc9e0d6575c61a7e0542a8f6c
c8c07b06c1ee038c566f8ff2d4aafac4322ab16c
3813c39904fbc424f3c6d64e244b9b08011beb61a32b780260d23b0bae4b50a8

HTTP Headers

GET /Dump-GUY/Malware_TEMP/main/MBRWiper_%20a0195c08fbfe459520423bf0a7c20504.7z HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"5040bba09cd175151ad6ed7dbc14ebce0b4111b1453e8817196c2e9e415038f8"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 2914:9D75:221D6A3:239DB30:650FA98C
accept-ranges: bytes
date: Sun, 24 Sep 2023 03:14:22 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695525263.543363,VS0,VE118
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: c985dd42bb3bc043ebf0d2a09fc8ccbb0dd4d0af
expires: Sun, 24 Sep 2023 03:19:22 GMT
source-age: 0
content-length: 984720
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

JavaScript (0)

HTTP Transactions (1)

URL

IP

ASN

File type

Size

Hash

HTTP Headers