{"report_id":"73396170-ccc4-4a01-b65e-a20157b0b4e7","version":6,"status":"done","tags":[],"date":"2024-11-29T18:41:03Z","url":{"schema":"http","addr":"raw.githubusercontent.com/MangoManRbX/Moonware-/refs/heads/main/MoonWareGit.zip","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.108.133","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-02-07T18:41:02Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"raw.githubusercontent.com","ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2014-02-06","domain_rank":35802,"first_seen":"2014-03-01T08:08:08Z","last_seen":"2024-11-27T03:21:44.516068Z","alert_count":1,"request_count":1,"received_data":3409163,"sent_data":533,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"d694ba43746f1c2a09bbebe17295131f","sha1":"4b7b63df44afcaca97faa628b3f98434b002d4e9","sha256":"f1d320079cd27aee79ac2586837bfb64603c11136d4c8eea827aa129cb02923a","sha512":"3e230c7453e4548fd2797000e57004832c67cd3016f54e19fea5bff3f24dff3e2863eb7939332454d65fe624ce654d591d99bd24a9321275174f9c0cd2dd0d49","magic":"Zip archive data, at least v2.0 to extract, compression method=store","size":3408275,"url":{"schema":"https","addr":"raw.githubusercontent.com/MangoManRbX/Moonware-/refs/heads/main/MoonWareGit.zip","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"archive":[{"path":"Debug/bin/libcrypto-3-x64.dll","filename":"libcrypto-3-x64.dll","modified":"","Modified":"2024-10-26T13:26:26+01:00","magic":"PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections","size":4703232,"md5":"be0f6d1d60e149cedaca33a04963e05f","sha1":"b686e1ed9ae47b8ae803a5d9e912b0e631bc4217","sha256":"81a5fe6cd0ef5b083e5c4bdb6a40a30bfb1b0de15a9dfad459de2d6a36d94f86","sha512":"7b39dd8c70286ec4fe61cb2c3c12062f2dcbdda607c2f14c4f983741026f6aa62b60f9e983204949395cc54b5ebf6426c0f8300e0e385c35c1f2f3847160d7ff","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/bin/libssl-3-x64.dll","filename":"libssl-3-x64.dll","modified":"","Modified":"2024-10-26T13:26:26+01:00","magic":"PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections","size":821760,"md5":"733e3b58ee1760a442fec4712848c3ad","sha1":"529206caad19cce2424323bc29a9fb9a4bbd3e76","sha256":"159198cb8e740f9ad5918b51503121fd1b7e70460f6a4f6a6aa27576bbfa31c7","sha512":"10835ff09e35d8acb2739707219905b3ae2870af973d8f80040baeb732eb798fa93ef1bc599ad9898aff8e20ee21aa1f5e5e07340eda205aa938fc001cd83a88","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/bin/Xeno.dll","filename":"Xeno.dll","modified":"","Modified":"2024-11-08T16:18:33+01:00","magic":"PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections","size":948736,"md5":"793b46d5dbcdac15c172910be1adbb72","sha1":"cc1211f7bb106964b94bf1e350a71cb021071739","sha256":"2e209dbc6a8f87c95af2758411ec30c8778ce122e24efc59a78cc99cac609677","sha512":"ff46bf5029702ebcff6f7aab22d3f384b19933f813093e80d9e1a140b33c3a663fa2b6ddd061673ef75f06146a73bc1a62238ebfc869ff36d93e40f6c06a5907","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/bin/Xeno_original.dll","filename":"Xeno_original.dll","modified":"","Modified":"2024-11-08T16:18:33+01:00","magic":"PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections","size":946176,"md5":"b5f9a613a2cb0dbc4f1e6d45d7977b2b","sha1":"7b42218bb07aaf3a037590a79947a2e1ee4f3162","sha256":"a3812fdc9acc96c541179ee4bed6a3a8349044c928a109a8b7af9609e14cfc0a","sha512":"18b13e8988e81c089ab5380ffea780bcb07b89ffa4367eae1234a01e1571d30f8c4a906ca4d6ba6b8a71f41b53c79b15a3739652bc376e22d9fd3c62d30fcec1","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-25","alert":"Scan result 1/72","trigger":"a3812fdc9acc96c541179ee4bed6a3a8349044c928a109a8b7af9609e14cfc0a","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/a3812fdc9acc96c541179ee4bed6a3a8349044c928a109a8b7af9609e14cfc0a","meta":null}]}},{"path":"Debug/bin/xxhash.dll","filename":"xxhash.dll","modified":"","Modified":"2024-10-26T13:26:22+01:00","magic":"PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections","size":47616,"md5":"70c514826d9428f184d27f0c8f397404","sha1":"e6b0b1a396de9913004d9bcaa230972686416bb6","sha256":"aff59e91d222b75b3e3ac789baba9e24eff99796261ae5e887ef9e3c28bb3d64","sha512":"168c63cbb54865ca42a884fd974291bcadd9dd8cf8bc1980148214e84498af42a590cb3d3a394765ee0b7d2e337fab6e85ff4f85d9ced97b92b540152202a0a6","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/bin/zstd.dll","filename":"zstd.dll","modified":"","Modified":"2024-10-26T13:26:24+01:00","magic":"PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections","size":653824,"md5":"5b96fb0d4e6453680da278f5b7e51a29","sha1":"3c96a29248fa3644de2c653a5d97c1e21b13a769","sha256":"1374391dafd6262795243a58f9fb234be859d940683fe756c64692ca807f0478","sha512":"27d06b7182aa48a81cce18f8f7b1bee054f3a862ccebd77d273a67c6a15e5d0ef5ba8fd7430976f445eb8bff51d290f2bb50061ac7ef448255ba8a18b8baf193","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/cxapis.dll","filename":"cxapis.dll","modified":"","Modified":"2024-11-08T16:05:47+01:00","magic":"PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows, 2 sections","size":10752,"md5":"4ae4a4a268ccd36acffa1674ebbf910e","sha1":"b3737ff0d2296a6e5b652af1a4a519f2b336295b","sha256":"910716461ccde7774e637f214bc1de262dce0c371751a585ed1dcf84ee748faf","sha512":"5c80f85cdeb634be6986131c974b7a400a6cbac4b33e0a9c0523b679df2fea821322d32c8cb1870d6ad07bb5d1e9c35123cd89724de1a6b359b252ecced567be","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-11-29","alert":"Detect pe file that no import table","trigger":"Debug/cxapis.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"date":"2021-10-19","description":"Detect pe file that no import table","rule":"pe_no_import_table","yarahub_license":"CC0 1.0","yarahub_reference_md5":"045ff7ed5a360b19dcc4c5bd9211d194","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"a91fb4f4-1ceb-456d-90d1-a25f6d16b204"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-24","alert":"Scan result 1/72","trigger":"910716461ccde7774e637f214bc1de262dce0c371751a585ed1dcf84ee748faf","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/910716461ccde7774e637f214bc1de262dce0c371751a585ed1dcf84ee748faf","meta":null}]}},{"path":"Debug/FastColoredTextBox.dll","filename":"FastColoredTextBox.dll","modified":"","Modified":"2018-12-05T16:07:38+01:00","magic":"PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections","size":330752,"md5":"8610f4d3cdc6cc50022feddced9fdaeb","sha1":"4b60b87fd696b02d7fce38325c7adfc9e806f650","sha256":"ac926c92ccfc3789a5ae571cc4415eb1897d500a79604d8495241c19acdf01b9","sha512":"693d1af1f89470eab659b4747fe344836affa0af8485b0c0635e2519815e5a498f4618ea08db9dcf421aac1069a04616046207ee05b9ed66c0a1c4a8f0bddd09","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/FastColoredTextBox.xml","filename":"FastColoredTextBox.xml","modified":"","Modified":"2018-12-05T16:07:38+01:00","magic":"XML 1.0 document, ASCII text, with CRLF line terminators","size":135273,"md5":"70d49dec6a333f1d94fb1e77c663525c","sha1":"184b544e672f4c4cb9ed9cf010da568eed16623d","sha256":"f3f2e537065317b6ce66dac64042e925bbcea65f00561f9860b7172c9ca07027","sha512":"b78a3c4418a7c5014eb16e72f2113f00353e9e566942f7160067c826c47f1ec2752ae7ede796fc159fb9bae499d347f822401fbc4446e2556cbd680cd595c2e2","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/Moonware V1.exe","filename":"Moonware V1.exe","modified":"","Modified":"2024-11-08T20:22:01+01:00","magic":"PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows, 2 sections","size":45568,"md5":"2c6a652acebc4ecf7d797f90a48a5eb9","sha1":"dd1adfaf053408071d365f9f28f1c150ac06da71","sha256":"a7a61581606fb8814940e0bfc0c2dcd24fa2625cf4999138bb3aa2c212b49ef6","sha512":"c7fc55900440bf49877119602d1d94389119e3206aa0c20bfb4ef06bd5d1a9ab7a4f62f16c81c44481219d0895cc9f6bdbd3d784c3ac72fb95cfdc4d692c9c46","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-11-29","alert":"Detect pe file that no import table","trigger":"Debug/Moonware V1.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"date":"2021-10-19","description":"Detect pe file that no import table","rule":"pe_no_import_table","yarahub_license":"CC0 1.0","yarahub_reference_md5":"045ff7ed5a360b19dcc4c5bd9211d194","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"a91fb4f4-1ceb-456d-90d1-a25f6d16b204"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-28","alert":"Scan result 4/71","trigger":"a7a61581606fb8814940e0bfc0c2dcd24fa2625cf4999138bb3aa2c212b49ef6","verdict":"suspicious","severity":"","comment":"suspicious - 4/71","link":"https://www.virustotal.com/gui/file/a7a61581606fb8814940e0bfc0c2dcd24fa2625cf4999138bb3aa2c212b49ef6","meta":null}]}},{"path":"Debug/Moonware V1.exe.config","filename":"Moonware V1.exe.config","modified":"","Modified":"2024-10-26T10:22:58+01:00","magic":"XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators","size":187,"md5":"15c8c4ba1aa574c0c00fd45bb9cce1ab","sha1":"0dad65a3d4e9080fa29c42aa485c6102d2fa8bc8","sha256":"f82338e8e9c746b5d95cd2ccc7bf94dd5de2b9b8982fffddf2118e475de50e15","sha512":"52baac63399340427b94bfdeb7a42186d5359ce439c3d775497f347089edfbf72a6637b23bb008ab55b8d4dd3b79a7b2eb7c7ef922ea23d0716d5c3536b359d4","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/Moonware V1.pdb","filename":"Moonware V1.pdb","modified":"","Modified":"2024-11-08T20:22:01+01:00","magic":"MSVC program database ver 7.00, 512*91 bytes","size":46592,"md5":"c1948428d71eb5610a6eabe969d7eba0","sha1":"6ca6152ff0b508dea7e7902fc92124054e187d1b","sha256":"051456904f2231ab2974da548aab6d99e9c62e331fd0c3588b6da4a3e854e329","sha512":"2f0dadc5afa7599eb4d606ae9bf2da8d7633d39de7633d2a6bbf0847179ce64c56b63fab164140ffc60793569bbeca912e59f059f5dfc18bbd4b265af1034a31","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/appendfile.txt","filename":"appendfile.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/getcustomasset.txt","filename":"getcustomasset.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/isfile.txt","filename":"isfile.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/listfiles/test_1.txt","filename":"test_1.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/listfiles/test_2.txt","filename":"test_2.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/loadfile.txt","filename":"loadfile.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"very short file (no magic)","size":1,"md5":"8fa14cdd754f91cc6554c9e71929cce7","sha1":"4a0a19218e082a343a1b17e5333409af9d98f0f5","sha256":"252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111","sha512":"711c22448e721e5491d8245b49425aa861f1fc4a15287f0735e203799b65cffec50b5abd0fddd91cd643aeb3b530d48f05e258e7e230a94ed5025c1387bb4e1b","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/readfile.txt","filename":"readfile.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/writefile","filename":"writefile","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/writefile.txt","filename":"writefile.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/IY_FE.iy","filename":"IY_FE.iy","modified":"","Modified":"2024-10-26T14:55:04+01:00","magic":"JSON text data","size":539,"md5":"291d5636a434c4f1ceb0f3f776c2a51f","sha1":"ae287e08f71c522a72812f0dace94b8ffb569341","sha256":"73bb58ba5b81960caf5a8e66675cc89b5761b77db99c6ceb9435f7211d400452","sha512":"7dab8034f85aef1b2b7a86cc8220ebdbb95a3f083d1565e1cff38414367aa69fc597a11aaba11dbef411e13fbfb285855d9c46ae59738f6e88c22dd55c81a743","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-11-29","alert":"Detect pe file that no import table","trigger":"Debug/cxapis.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"date":"2021-10-19","description":"Detect pe file that no import table","rule":"pe_no_import_table","yarahub_license":"CC0 1.0","yarahub_reference_md5":"045ff7ed5a360b19dcc4c5bd9211d194","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"a91fb4f4-1ceb-456d-90d1-a25f6d16b204"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-11-29","alert":"Detect pe file that no import table","trigger":"Debug/Moonware V1.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"date":"2021-10-19","description":"Detect pe file that no import table","rule":"pe_no_import_table","yarahub_license":"CC0 1.0","yarahub_reference_md5":"045ff7ed5a360b19dcc4c5bd9211d194","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"a91fb4f4-1ceb-456d-90d1-a25f6d16b204"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-21","alert":"Scan result 3/69","trigger":"f1d320079cd27aee79ac2586837bfb64603c11136d4c8eea827aa129cb02923a","verdict":"suspicious","severity":"","comment":"suspicious - 3/69","link":"https://www.virustotal.com/gui/file/f1d320079cd27aee79ac2586837bfb64603c11136d4c8eea827aa129cb02923a","meta":null}]}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"d694ba43746f1c2a09bbebe17295131f","sha1":"4b7b63df44afcaca97faa628b3f98434b002d4e9","sha256":"f1d320079cd27aee79ac2586837bfb64603c11136d4c8eea827aa129cb02923a","sha512":"3e230c7453e4548fd2797000e57004832c67cd3016f54e19fea5bff3f24dff3e2863eb7939332454d65fe624ce654d591d99bd24a9321275174f9c0cd2dd0d49","magic":"Zip archive data, at least v2.0 to extract, compression method=store","size":3408275,"url":{"schema":"https","addr":"raw.githubusercontent.com/MangoManRbX/Moonware-/refs/heads/main/MoonWareGit.zip","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"archive":[{"path":"Debug/bin/libcrypto-3-x64.dll","filename":"libcrypto-3-x64.dll","modified":"","Modified":"2024-10-26T13:26:26+01:00","magic":"PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections","size":4703232,"md5":"be0f6d1d60e149cedaca33a04963e05f","sha1":"b686e1ed9ae47b8ae803a5d9e912b0e631bc4217","sha256":"81a5fe6cd0ef5b083e5c4bdb6a40a30bfb1b0de15a9dfad459de2d6a36d94f86","sha512":"7b39dd8c70286ec4fe61cb2c3c12062f2dcbdda607c2f14c4f983741026f6aa62b60f9e983204949395cc54b5ebf6426c0f8300e0e385c35c1f2f3847160d7ff","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/bin/libssl-3-x64.dll","filename":"libssl-3-x64.dll","modified":"","Modified":"2024-10-26T13:26:26+01:00","magic":"PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections","size":821760,"md5":"733e3b58ee1760a442fec4712848c3ad","sha1":"529206caad19cce2424323bc29a9fb9a4bbd3e76","sha256":"159198cb8e740f9ad5918b51503121fd1b7e70460f6a4f6a6aa27576bbfa31c7","sha512":"10835ff09e35d8acb2739707219905b3ae2870af973d8f80040baeb732eb798fa93ef1bc599ad9898aff8e20ee21aa1f5e5e07340eda205aa938fc001cd83a88","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/bin/Xeno.dll","filename":"Xeno.dll","modified":"","Modified":"2024-11-08T16:18:33+01:00","magic":"PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections","size":948736,"md5":"793b46d5dbcdac15c172910be1adbb72","sha1":"cc1211f7bb106964b94bf1e350a71cb021071739","sha256":"2e209dbc6a8f87c95af2758411ec30c8778ce122e24efc59a78cc99cac609677","sha512":"ff46bf5029702ebcff6f7aab22d3f384b19933f813093e80d9e1a140b33c3a663fa2b6ddd061673ef75f06146a73bc1a62238ebfc869ff36d93e40f6c06a5907","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/bin/Xeno_original.dll","filename":"Xeno_original.dll","modified":"","Modified":"2024-11-08T16:18:33+01:00","magic":"PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections","size":946176,"md5":"b5f9a613a2cb0dbc4f1e6d45d7977b2b","sha1":"7b42218bb07aaf3a037590a79947a2e1ee4f3162","sha256":"a3812fdc9acc96c541179ee4bed6a3a8349044c928a109a8b7af9609e14cfc0a","sha512":"18b13e8988e81c089ab5380ffea780bcb07b89ffa4367eae1234a01e1571d30f8c4a906ca4d6ba6b8a71f41b53c79b15a3739652bc376e22d9fd3c62d30fcec1","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-25","alert":"Scan result 1/72","trigger":"a3812fdc9acc96c541179ee4bed6a3a8349044c928a109a8b7af9609e14cfc0a","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/a3812fdc9acc96c541179ee4bed6a3a8349044c928a109a8b7af9609e14cfc0a","meta":null}]}},{"path":"Debug/bin/xxhash.dll","filename":"xxhash.dll","modified":"","Modified":"2024-10-26T13:26:22+01:00","magic":"PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections","size":47616,"md5":"70c514826d9428f184d27f0c8f397404","sha1":"e6b0b1a396de9913004d9bcaa230972686416bb6","sha256":"aff59e91d222b75b3e3ac789baba9e24eff99796261ae5e887ef9e3c28bb3d64","sha512":"168c63cbb54865ca42a884fd974291bcadd9dd8cf8bc1980148214e84498af42a590cb3d3a394765ee0b7d2e337fab6e85ff4f85d9ced97b92b540152202a0a6","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/bin/zstd.dll","filename":"zstd.dll","modified":"","Modified":"2024-10-26T13:26:24+01:00","magic":"PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections","size":653824,"md5":"5b96fb0d4e6453680da278f5b7e51a29","sha1":"3c96a29248fa3644de2c653a5d97c1e21b13a769","sha256":"1374391dafd6262795243a58f9fb234be859d940683fe756c64692ca807f0478","sha512":"27d06b7182aa48a81cce18f8f7b1bee054f3a862ccebd77d273a67c6a15e5d0ef5ba8fd7430976f445eb8bff51d290f2bb50061ac7ef448255ba8a18b8baf193","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/cxapis.dll","filename":"cxapis.dll","modified":"","Modified":"2024-11-08T16:05:47+01:00","magic":"PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows, 2 sections","size":10752,"md5":"4ae4a4a268ccd36acffa1674ebbf910e","sha1":"b3737ff0d2296a6e5b652af1a4a519f2b336295b","sha256":"910716461ccde7774e637f214bc1de262dce0c371751a585ed1dcf84ee748faf","sha512":"5c80f85cdeb634be6986131c974b7a400a6cbac4b33e0a9c0523b679df2fea821322d32c8cb1870d6ad07bb5d1e9c35123cd89724de1a6b359b252ecced567be","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-11-29","alert":"Detect pe file that no import table","trigger":"Debug/cxapis.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"date":"2021-10-19","description":"Detect pe file that no import table","rule":"pe_no_import_table","yarahub_license":"CC0 1.0","yarahub_reference_md5":"045ff7ed5a360b19dcc4c5bd9211d194","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"a91fb4f4-1ceb-456d-90d1-a25f6d16b204"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-24","alert":"Scan result 1/72","trigger":"910716461ccde7774e637f214bc1de262dce0c371751a585ed1dcf84ee748faf","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/910716461ccde7774e637f214bc1de262dce0c371751a585ed1dcf84ee748faf","meta":null}]}},{"path":"Debug/FastColoredTextBox.dll","filename":"FastColoredTextBox.dll","modified":"","Modified":"2018-12-05T16:07:38+01:00","magic":"PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections","size":330752,"md5":"8610f4d3cdc6cc50022feddced9fdaeb","sha1":"4b60b87fd696b02d7fce38325c7adfc9e806f650","sha256":"ac926c92ccfc3789a5ae571cc4415eb1897d500a79604d8495241c19acdf01b9","sha512":"693d1af1f89470eab659b4747fe344836affa0af8485b0c0635e2519815e5a498f4618ea08db9dcf421aac1069a04616046207ee05b9ed66c0a1c4a8f0bddd09","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/FastColoredTextBox.xml","filename":"FastColoredTextBox.xml","modified":"","Modified":"2018-12-05T16:07:38+01:00","magic":"XML 1.0 document, ASCII text, with CRLF line terminators","size":135273,"md5":"70d49dec6a333f1d94fb1e77c663525c","sha1":"184b544e672f4c4cb9ed9cf010da568eed16623d","sha256":"f3f2e537065317b6ce66dac64042e925bbcea65f00561f9860b7172c9ca07027","sha512":"b78a3c4418a7c5014eb16e72f2113f00353e9e566942f7160067c826c47f1ec2752ae7ede796fc159fb9bae499d347f822401fbc4446e2556cbd680cd595c2e2","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/Moonware V1.exe","filename":"Moonware V1.exe","modified":"","Modified":"2024-11-08T20:22:01+01:00","magic":"PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows, 2 sections","size":45568,"md5":"2c6a652acebc4ecf7d797f90a48a5eb9","sha1":"dd1adfaf053408071d365f9f28f1c150ac06da71","sha256":"a7a61581606fb8814940e0bfc0c2dcd24fa2625cf4999138bb3aa2c212b49ef6","sha512":"c7fc55900440bf49877119602d1d94389119e3206aa0c20bfb4ef06bd5d1a9ab7a4f62f16c81c44481219d0895cc9f6bdbd3d784c3ac72fb95cfdc4d692c9c46","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-11-29","alert":"Detect pe file that no import table","trigger":"Debug/Moonware V1.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"date":"2021-10-19","description":"Detect pe file that no import table","rule":"pe_no_import_table","yarahub_license":"CC0 1.0","yarahub_reference_md5":"045ff7ed5a360b19dcc4c5bd9211d194","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"a91fb4f4-1ceb-456d-90d1-a25f6d16b204"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-28","alert":"Scan result 4/71","trigger":"a7a61581606fb8814940e0bfc0c2dcd24fa2625cf4999138bb3aa2c212b49ef6","verdict":"suspicious","severity":"","comment":"suspicious - 4/71","link":"https://www.virustotal.com/gui/file/a7a61581606fb8814940e0bfc0c2dcd24fa2625cf4999138bb3aa2c212b49ef6","meta":null}]}},{"path":"Debug/Moonware V1.exe.config","filename":"Moonware V1.exe.config","modified":"","Modified":"2024-10-26T10:22:58+01:00","magic":"XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators","size":187,"md5":"15c8c4ba1aa574c0c00fd45bb9cce1ab","sha1":"0dad65a3d4e9080fa29c42aa485c6102d2fa8bc8","sha256":"f82338e8e9c746b5d95cd2ccc7bf94dd5de2b9b8982fffddf2118e475de50e15","sha512":"52baac63399340427b94bfdeb7a42186d5359ce439c3d775497f347089edfbf72a6637b23bb008ab55b8d4dd3b79a7b2eb7c7ef922ea23d0716d5c3536b359d4","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/Moonware V1.pdb","filename":"Moonware V1.pdb","modified":"","Modified":"2024-11-08T20:22:01+01:00","magic":"MSVC program database ver 7.00, 512*91 bytes","size":46592,"md5":"c1948428d71eb5610a6eabe969d7eba0","sha1":"6ca6152ff0b508dea7e7902fc92124054e187d1b","sha256":"051456904f2231ab2974da548aab6d99e9c62e331fd0c3588b6da4a3e854e329","sha512":"2f0dadc5afa7599eb4d606ae9bf2da8d7633d39de7633d2a6bbf0847179ce64c56b63fab164140ffc60793569bbeca912e59f059f5dfc18bbd4b265af1034a31","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/appendfile.txt","filename":"appendfile.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/getcustomasset.txt","filename":"getcustomasset.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/isfile.txt","filename":"isfile.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/listfiles/test_1.txt","filename":"test_1.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/listfiles/test_2.txt","filename":"test_2.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/loadfile.txt","filename":"loadfile.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"very short file (no magic)","size":1,"md5":"8fa14cdd754f91cc6554c9e71929cce7","sha1":"4a0a19218e082a343a1b17e5333409af9d98f0f5","sha256":"252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111","sha512":"711c22448e721e5491d8245b49425aa861f1fc4a15287f0735e203799b65cffec50b5abd0fddd91cd643aeb3b530d48f05e258e7e230a94ed5025c1387bb4e1b","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/readfile.txt","filename":"readfile.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/writefile","filename":"writefile","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/.tests/writefile.txt","filename":"writefile.txt","modified":"","Modified":"2024-11-08T16:07:44+01:00","magic":"ASCII text, with no line terminators","size":7,"md5":"260ca9dd8a4577fc00b7bd5810298076","sha1":"53a5687cb26dc41f2ab4033e97e13adefd3740d6","sha256":"aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27","sha512":"51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7","alerts":{"urlquery":null,"analyzer":null}},{"path":"Debug/workspace/IY_FE.iy","filename":"IY_FE.iy","modified":"","Modified":"2024-10-26T14:55:04+01:00","magic":"JSON text data","size":539,"md5":"291d5636a434c4f1ceb0f3f776c2a51f","sha1":"ae287e08f71c522a72812f0dace94b8ffb569341","sha256":"73bb58ba5b81960caf5a8e66675cc89b5761b77db99c6ceb9435f7211d400452","sha512":"7dab8034f85aef1b2b7a86cc8220ebdbb95a3f083d1565e1cff38414367aa69fc597a11aaba11dbef411e13fbfb285855d9c46ae59738f6e88c22dd55c81a743","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-11-29","alert":"Detect pe file that no import table","trigger":"Debug/cxapis.dll","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"date":"2021-10-19","description":"Detect pe file that no import table","rule":"pe_no_import_table","yarahub_license":"CC0 1.0","yarahub_reference_md5":"045ff7ed5a360b19dcc4c5bd9211d194","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"a91fb4f4-1ceb-456d-90d1-a25f6d16b204"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"YARAhub by abuse.ch","scan_date":"2024-11-29","alert":"Detect pe file that no import table","trigger":"Debug/Moonware V1.exe","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"date":"2021-10-19","description":"Detect pe file that no import table","rule":"pe_no_import_table","yarahub_license":"CC0 1.0","yarahub_reference_md5":"045ff7ed5a360b19dcc4c5bd9211d194","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"a91fb4f4-1ceb-456d-90d1-a25f6d16b204"}},{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-21","alert":"Scan result 3/69","trigger":"f1d320079cd27aee79ac2586837bfb64603c11136d4c8eea827aa129cb02923a","verdict":"suspicious","severity":"","comment":"suspicious - 3/69","link":"https://www.virustotal.com/gui/file/f1d320079cd27aee79ac2586837bfb64603c11136d4c8eea827aa129cb02923a","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"Mnemonic Secure DNS","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"raw.githubusercontent.com/MangoManRbX/Moonware-/refs/heads/main/MoonWareGit.zip","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-11-29T18:40:37.301Z","timestamp":1732905637301,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":"GitHub, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 Mar 2024 00:00:00 GMT","end":"Fri, 14 Mar 2025 23:59:59 GMT"},"fingerprint":{"sha1":"97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28","sha256":"09:01:0C:CE:9B:72:21:55:C7:E6:86:B0:77:39:D3:D2:DC:06:05:DE:A1:A4:98:4A:0B:96:5E:18:77:77:26:B5"}}},"request":{"raw":"GET /MangoManRbX/Moonware-/refs/heads/main/MoonWareGit.zip HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: application/zip\r\netag: W/\"68aad045a62056c709021ddc60ff44def35a96bad82375ce1b3769a268b96372\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: 5764:3D17E2:DF92ED:E8E253:674A0AA5\r\naccept-ranges: bytes\r\ndate: Fri, 29 Nov 2024 18:40:37 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410026-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1732905637.385256,VS0,VE219\r\nvary: Authorization,Accept-Encoding,Origin\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: fb5bc772a5b7b09e01683a5c6ed30041b7393c3b\r\nexpires: Fri, 29 Nov 2024 18:45:37 GMT\r\nsource-age: 0\r\ncontent-length: 3408275\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3408275,"size_decoded":3408275,"mime_type":"application/zip","magic":"Zip archive data, at least v2.0 to extract, compression method=store","md5":"d694ba43746f1c2a09bbebe17295131f","sha1":"4b7b63df44afcaca97faa628b3f98434b002d4e9","sha256":"f1d320079cd27aee79ac2586837bfb64603c11136d4c8eea827aa129cb02923a","sha512":"3e230c7453e4548fd2797000e57004832c67cd3016f54e19fea5bff3f24dff3e2863eb7939332454d65fe624ce654d591d99bd24a9321275174f9c0cd2dd0d49","ssdeep":"98304:D+unxDDcESW42uVdTWjPEG4tRZi+kg/layhOVbvzT:yuDNqhkPyHY+kgtWNT","tlshash":"cbf5331585b054e0c9fd8d7a308a36d33d579cd4b302b247a16a20c6c7295ae3ab77ef","first_seen":"2024-11-14T16:41:50.68253Z","last_seen":"2024-12-06T15:36:05.814224Z","times_seen":4,"resource_available":false,"data":null}},"time_used":640,"timings":{"blocked":63,"dns":2,"connect":26,"send":0,"wait":249,"receive":265,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-21","alert":"Scan result 3/69","trigger":"f1d320079cd27aee79ac2586837bfb64603c11136d4c8eea827aa129cb02923a","verdict":"suspicious","severity":"","comment":"suspicious - 3/69","link":"https://www.virustotal.com/gui/file/f1d320079cd27aee79ac2586837bfb64603c11136d4c8eea827aa129cb02923a","meta":null}],"urlquery":null}}]}