Report Overview
Visitedpublic
2024-11-29 18:41:03
Tags
Submit Tags
URL
raw.githubusercontent.com/MangoManRbX/Moonware-/refs/heads/main/MoonWareGit.zip
Finishing URL
about:privatebrowsing
IP / ASN
185.199.108.133
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
raw.githubusercontent.com 1 alert(s) on this Host | 35802 | 2014-02-06 | 2014-03-01 | 2024-11-27 | 533 B | 3.4 MB | 185.199.110.133 |
Related reports
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Mnemonic Secure DNS
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
raw.githubusercontent.com/MangoManRbX/Moonware-/refs/heads/main/MoonWareGit.zip
IP / ASN
185.199.110.133
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=store
Size3.4 MB (3408275 bytes)
MD5d694ba43746f1c2a09bbebe17295131f
SHA14b7b63df44afcaca97faa628b3f98434b002d4e9
Archive (22)
| Filename | MD5 | File type |
|---|---|---|
| libcrypto-3-x64.dll | be0f6d1d60e149cedaca33a04963e05f | PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections |
| libssl-3-x64.dll | 733e3b58ee1760a442fec4712848c3ad | PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections |
| Xeno.dll | 793b46d5dbcdac15c172910be1adbb72 | PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections |
| Xeno_original.dll | b5f9a613a2cb0dbc4f1e6d45d7977b2b | PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections |
| xxhash.dll | 70c514826d9428f184d27f0c8f397404 | PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections |
| zstd.dll | 5b96fb0d4e6453680da278f5b7e51a29 | PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections |
| cxapis.dll | 4ae4a4a268ccd36acffa1674ebbf910e | PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows, 2 sections |
| FastColoredTextBox.dll | 8610f4d3cdc6cc50022feddced9fdaeb | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| FastColoredTextBox.xml | 70d49dec6a333f1d94fb1e77c663525c | XML 1.0 document, ASCII text, with CRLF line terminators |
| Moonware V1.exe | 2c6a652acebc4ecf7d797f90a48a5eb9 | PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows, 2 sections |
| Moonware V1.exe.config | 15c8c4ba1aa574c0c00fd45bb9cce1ab | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators |
| Moonware V1.pdb | c1948428d71eb5610a6eabe969d7eba0 | MSVC program database ver 7.00, 512*91 bytes |
| appendfile.txt | 260ca9dd8a4577fc00b7bd5810298076 | ASCII text, with no line terminators |
| getcustomasset.txt | 260ca9dd8a4577fc00b7bd5810298076 | ASCII text, with no line terminators |
| isfile.txt | 260ca9dd8a4577fc00b7bd5810298076 | ASCII text, with no line terminators |
| test_1.txt | 260ca9dd8a4577fc00b7bd5810298076 | ASCII text, with no line terminators |
| test_2.txt | 260ca9dd8a4577fc00b7bd5810298076 | ASCII text, with no line terminators |
| loadfile.txt | 8fa14cdd754f91cc6554c9e71929cce7 | very short file (no magic) |
| readfile.txt | 260ca9dd8a4577fc00b7bd5810298076 | ASCII text, with no line terminators |
| writefile | 260ca9dd8a4577fc00b7bd5810298076 | ASCII text, with no line terminators |
| writefile.txt | 260ca9dd8a4577fc00b7bd5810298076 | ASCII text, with no line terminators |
| IY_FE.iy | 291d5636a434c4f1ceb0f3f776c2a51f | JSON text data |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | Detect pe file that no import table |
| YARAhub by abuse.ch | malware | Detect pe file that no import table |
| VirusTotal | suspicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|