Report Overview
Submitted URL
github.com/pwntester/ysoserial.net/releases/download/v1.36/ysoserial-1dba9c4416ba6e79b6b262b758fa75e2ee9008e9.zip
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-04-23 13:21:00
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
github.com | 1423 | 2007-10-09 | 2016-07-13 | 2024-03-24 | 567 B | 4.0 kB | 140.82.121.3 |
objects.githubusercontent.com | 134060 | 2014-02-06 | 2021-11-01 | 2024-04-23 | 1.0 kB | 5.3 MB | 185.199.110.133 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
Files detected
URL
objects.githubusercontent.com/github-production-release-asset-2e65be/103972121/0ace7d2d-e547-4aae-8dae-bd68f20a3404?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240423%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240423T132030Z&X-Amz-Expires=300&X-Amz-Signature=5099ea41a42952e4b370c15f41fbacefaa47e71d9202c03241736d978db72000&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=103972121&response-content-disposition=attachment%3B%20filename%3Dysoserial-1dba9c4416ba6e79b6b262b758fa75e2ee9008e9.zip&response-content-type=application%2Foctet-stream
IP
185.199.110.133
ASN
#54113 FASTLY
File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
5.3 MB (5303737 bytes)
Hash
710596bfa98d7fc2e2ec0ab20c6d2876
1c5047689215a620519e9b6e8313572aec9902be
Archive (51)
Filename | Md5 | File type | ||||||
---|---|---|---|---|---|---|---|---|
E.dll | 91eeaabca0d535b86ed2b5abf4e22221 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
ExploitClass.cs | 1548d1ccfcc4a7d22b69bd52f663d7e4 | Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | ||||||
fastjson.dll | 7266b4ccbd541b59b3f46b7c94f3c616 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
FsPickler.CSharp.dll | 112331ab4475bfa08548d475c198226e | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
FsPickler.CSharp.pdb | 1d5ae27c89169189bb3817d8770fb8c9 | MSVC program database ver 7.00, 512*67 bytes | ||||||
FsPickler.CSharp.xml | 40b2efde5db653df3acab5f804c34353 | XML 1.0 document, ASCII text, with CRLF line terminators | ||||||
FsPickler.dll | a895b3c0af856b2bcfac323ceef3e5a0
| PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
FsPickler.Json.dll | 5f302b5b6c80ee041f51dfa14cbdce3a | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
FsPickler.Json.pdb | 886bb1761e3b8b10d04048cbc249be20 | MSVC program database ver 7.00, 512*199 bytes | ||||||
FsPickler.Json.xml | e4dff27c457428c9acbaf22e443996c5 | XML 1.0 document, ASCII text, with very long lines (315), with CRLF line terminators | ||||||
FsPickler.pdb | 3a39fe8946a38b406083617dd0d3900c | MSVC program database ver 7.00, 512*2151 bytes | ||||||
FsPickler.xml | e41671d6bd8ba1317bb78ce7274c64ec | XML 1.0 document, ASCII text, with very long lines (916), with CRLF line terminators | ||||||
GhostWebShell.cs | 494b9a546863ccc16c48d0a6b63cf20d | Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | ||||||
MessagePack.Annotations.dll | 57a5f9bcf4453130b18f9e1b665d1ef2 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
MessagePack.Annotations.xml | 9302722ba45e0bacd8735a1fa5a77ef9 | XML 1.0 document, ASCII text, with CRLF line terminators | ||||||
MessagePack.dll | 460fd2a85d321559154681e9ec826812 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
MessagePack.xml | 7f3ba3ac59993db4b480e30f5293e723 | XML 1.0 document, ASCII text, with CRLF line terminators | ||||||
Microsoft.Bcl.AsyncInterfaces.dll | 48efe61d6ca3054309907b532d576d2a | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
Microsoft.Bcl.AsyncInterfaces.xml | 0737b770ba5d854d4887a8f4d9c8de04 | XML 1.0 document, ASCII text, with very long lines (321), with CRLF line terminators | ||||||
microsoft.identitymodel.dll | aadfcb6e3f0209d5efd582fd7d4e3eaf | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
Microsoft.NET.StringTools.dll | b65c93a5efb116d5563d7bf546cac04c | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
Microsoft.NET.StringTools.pdb | c5cfd47986bc5d46172e88068aa84a7b | Microsoft Roslyn C# debugging symbols version 1.0 | ||||||
Microsoft.NET.StringTools.xml | b8dd20b983ea02d9dc52d4eaf4c18e5c | XML 1.0 document, ASCII text, with CRLF line terminators | ||||||
Microsoft.PowerShell.Editor.dll | a84a18306a4774c3dc25cf50f0185bb2 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
NDesk.Options.dll | da56f1211f7dec41913719b608c95424 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
Newtonsoft.Json.dll | 6815034209687816d8cf401877ec8133 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
Newtonsoft.Json.xml | ad1a946cdbe4fc83907cf558fb80a37f | XML 1.0 document, ASCII text, with CRLF line terminators | ||||||
Polenter.SharpSerializer.dll | 83e2959b461a395bd35a38a59385873b | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
Polenter.SharpSerializer.xml | 6c8e13b86d3ffaa4fc734d2137af7e14 | XML 1.0 document, ASCII text, with CRLF line terminators | ||||||
System.Buffers.dll | ecdfe8ede869d2ccc6bf99981ea96400 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
System.Buffers.xml | 1c55860dd93297a6ea2fad2974834c3a | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (727), with CRLF line terminators | ||||||
System.Collections.Immutable.dll | d96470eec1462cdc385bfcd024a5d91b | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
System.Collections.Immutable.xml | 7278059c73a7a3e992eb9076f82bbdce | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (354), with CRLF line terminators | ||||||
System.Memory.dll | f09441a1ee47fb3e6571a3a448e05baf | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
System.Memory.xml | add19745a43b2515280ce24671863114 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | ||||||
System.Numerics.Vectors.dll | aaa2cbf14e06e9d3586d8a4ed455db33 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
System.Numerics.Vectors.xml | 95dd29ca17b63843ad787d3bc9c8c933 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | ||||||
System.Runtime.CompilerServices.Unsafe.dll | c610e828b54001574d86dd2ed730e392 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
System.Runtime.CompilerServices.Unsafe.xml | c782e92abbfc0531226f735c6ac56498 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | ||||||
System.Threading.Tasks.Extensions.dll | e1e9d7d46e5cd9525c5927dc98d9ecc7 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
System.Threading.Tasks.Extensions.xml | c89e735fcf37e76e4c3d7903d2111c04 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | ||||||
TestConsoleApp_YSONET.exe.config | 357b302903f3fd55c20ddf876835ae35 | XML 1.0 document, ASCII text, with CRLF line terminators | ||||||
TestConsoleApp_YSONET.exe | 080d5b71d04bda3c1e327ff24a376d1f
| PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
TestConsoleApp_YSONET.pdb | 13e70f49ec6c227dbd858bb9fe2ce866 | MSVC program database ver 7.00, 512*27 bytes | ||||||
YamlDotNet.dll | 1172f58d00a335aedfe63e295e765534 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
YamlDotNet.xml | 14be0331c3e9fa0775ea066a7d5c4ced | XML 1.0 document, ASCII text, with CRLF line terminators | ||||||
ysoserial.exe.config | e845740dc3837363db87a15e22a2789c | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | ||||||
ysoserial.exe | 9945815fb0e750d526922582eda2bf39
| PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
ysoserial.pdb | 36c650cf1b28055a0eb38d683fede7f1 | MSVC program database ver 7.00, 512*1371 bytes | ||||||
Microsoft.PowerShell.Editor.dll | a84a18306a4774c3dc25cf50f0185bb2 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections | ||||||
System.Management.Automation.dll | 40d5c5ee881957b887c29dff158ea207 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public Nextron YARA rules | malware | Detects c# red/black-team tools via typelibguid |
Public Nextron YARA rules | malware | Detects c# red/black-team tools via typelibguid |
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (2)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
github.com/pwntester/ysoserial.net/releases/download/v1.36/ysoserial-1dba9c4416ba6e79b6b262b758fa75e2ee9008e9.zip | 140.82.121.3 | 302 Found | 0 B | |||||||
HTTP Headers
| ||||||||||
objects.githubusercontent.com/github-production-release-asset-2e65be/103972121/0ace7d2d-e547-4aae-8dae-bd68f20a3404?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240423%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240423T132030Z&X-Amz-Expires=300&X-Amz-Signature=5099ea41a42952e4b370c15f41fbacefaa47e71d9202c03241736d978db72000&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=103972121&response-content-disposition=attachment%3B%20filename%3Dysoserial-1dba9c4416ba6e79b6b262b758fa75e2ee9008e9.zip&response-content-type=application%2Foctet-stream | 185.199.110.133 | 200 OK | 5.3 MB | |||||||
Detections
HTTP Headers
| ||||||||||