Report Overview
Submitted URL
cdn.discordapp.com/attachments/1088936401883639849/1171900171240616078/Fps_boost_plamkata.zip?ex=6616ee15&is=66047915&hm=8d3b41d6a8c756f35c4c789d3cfd78da15f3b3af7ffa59ec91b7d75b4aa85668&
IP
162.159.134.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-28 19:10:46
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
cdn.discordapp.com | 2474 | 2015-02-26 | 2015-08-24 | 2024-03-27 | 640 B | 17 kB | 162.159.130.233 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
cdn.discordapp.com/attachments/1088936401883639849/1171900171240616078/Fps_boost_plamkata.zip?ex=6616ee15&is=66047915&hm=8d3b41d6a8c756f35c4c789d3cfd78da15f3b3af7ffa59ec91b7d75b4aa85668&
IP
162.159.130.233
ASN
#13335 CLOUDFLARENET
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
15 kB (14935 bytes)
Hash
26209ea5c3cba8ff22e9d85b96926156
0712a00b98934b7936a4ccd947c204186e464141
Archive (25)
Filename | Md5 | File type | ||||||
---|---|---|---|---|---|---|---|---|
Create a restore point first.txt | d41d8cd98f00b204e9800998ecf8427e | |||||||
CHANGE THE RES IF YOU DON'T LIKE IT.txt | 1bd29cd8a2321cd41b081026880eb3c9 | ASCII text, with no line terminators | ||||||
GameUserSettings.ini | 19bd34b7aa10ff27aac5e1507d42d6b8 | ASCII text, with CRLF line terminators | ||||||
epic games commands.txt | 3fb99810eac4931e4d715c07e6d58683 | ASCII text, with CRLF line terminators | ||||||
Fortnite High Priority.reg | d39d1c33607b27350729253054f514fa | ASCII text, with CRLF line terminators | ||||||
Fortnite Normal Priority.reg | 3ca666a48357051820fb54d7dbdd284e | Windows Registry text (Win2K or above) | ||||||
Turn off too.url | ad8be6d1c424a9642fbe6706dd745fe5
| Generic INItialization configuration [InternetShortcut] | ||||||
Turn off.url | c11ad148171fb89dc961e943689659e9
| Generic INItialization configuration [InternetShortcut] | ||||||
Clear Temp files.cmd | 97069525452c81643843c1f373f0d785 | DOS batch file, ASCII text, with CRLF line terminators | ||||||
clear the dns cache.cmd | b01f41d85d8212a7433f805110837be8 | DOS batch file, ASCII text, with CRLF line terminators | ||||||
disable HPET.cmd | 66bef50ad05530603269559082ca9237 | DOS batch file, ASCII text, with CRLF line terminators | ||||||
Disable Power Throttling.reg | 50ff4ccd4fe707d244b2a58ffcf573bf | ASCII text, with CRLF line terminators | ||||||
Stop apps automaticaly run on your pc.reg | 2fdc915837fb5d76ceac02272e68144b | ASCII text, with CRLF line terminators | ||||||
turn on game mode.reg | 3f503a6e59cbb798ad9cc6f8c4bc7441 | Windows Registry little-endian text (Win2K or above) | ||||||
wake up all cores.reg | 956ef1b5324ab938628aa32e170fd106 | Windows Registry text (Win2K or above) | ||||||
Xbox game bar off.reg | 4001669a0437d83b89baca88c3235315 | Windows Registry little-endian text (Win2K or above) | ||||||
PARKCONTROL DOWNLOAD.txt | d41d8cd98f00b204e9800998ecf8427e | |||||||
QUICKCPU DOWNLOAD.txt | d41d8cd98f00b204e9800998ecf8427e | |||||||
RAZERCORTEXDOWNLOAD.txt | d41d8cd98f00b204e9800998ecf8427e | |||||||
Background Apps (Turn off).url | d36dd3e6ef9f1fb595fe0ca980bf1962
| Generic INItialization configuration [InternetShortcut] | ||||||
Color -turn off transparency effects.url | c6a0f5c557050b7a0ac62edfc4bb37e2
| Generic INItialization configuration [InternetShortcut] | ||||||
Graphics settings.url | 85e0a02e42fcbfd222a4cf4aed179dc6
| Generic INItialization configuration [InternetShortcut] | ||||||
Mouse settings.url | 3619bf5061ee10841bfd941ec29752d9
| Generic INItialization configuration [InternetShortcut] | ||||||
msconfig.txt | d41d8cd98f00b204e9800998ecf8427e | |||||||
System Restore Point.lnk | 4d9e55c79ea6a1f60232e6ff2c47423b
| MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Fri Sep 29 13:42:07 2017, mtime=Fri Sep 29 13:42:07 2017, atime=Fri Sep 29 13:42:07 2017, length=117760, window=hide |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public Nextron YARA rules | malware | Detects possible shortcut usage for .URL persistence |
Public Nextron YARA rules | malware | Detects possible shortcut usage for .URL persistence |
Public Nextron YARA rules | malware | Detects possible shortcut usage for .URL persistence |
Public Nextron YARA rules | malware | Detects possible shortcut usage for .URL persistence |
Public Nextron YARA rules | malware | Detects possible shortcut usage for .URL persistence |
Public Nextron YARA rules | malware | Detects possible shortcut usage for .URL persistence |
Public InfoSec YARA rules | malware | Identifies executable artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies shortcut (LNK) file with a long relative path. Might be used in an attempt to hide the path. |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |
---|---|---|---|---|
cdn.discordapp.com/attachments/1088936401883639849/1171900171240616078/Fps_boost_plamkata.zip?ex=6616ee15&is=66047915&hm=8d3b41d6a8c756f35c4c789d3cfd78da15f3b3af7ffa59ec91b7d75b4aa85668& | 162.159.130.233 | 200 OK | 15 kB | |
HTTP Headers
| ||||