Report - github.com/abbodi1406/WHD/raw/master/scripts/ESD2CAB-CAB2ESD-3.zip

Report Overview

Visitedpublic

2024-05-27 18:06:59

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
raw.githubusercontent.com	35802	2014-02-06	2014-03-01 08:08:08	2024-05-26 21:57:52	531 B	1.1 MB	185.199.110.133
github.com	1423	2007-10-09	2016-07-13 12:28:22	2024-05-25 18:40:04	522 B	1.1 MB	140.82.121.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

raw.githubusercontent.com/abbodi1406/WHD/master/scripts/ESD2CAB-CAB2ESD-3.zip

IP / ASN

185.199.110.133

#54113 FASTLY

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=deflate

Size1.1 MB (1052105 bytes)

MD5cd22c522007a4c6961b7f4f64c245f1b

SHA1bf6a3cff746806f83fb1ba63df13f0d5450ce364

SHA25612430cdc60e68e27078064a51a5366c5fe45541b12caa1bffcdfd23d89e32a2c

Archive (10)

Modified	Filename	Size	MD5	File type
2023-02-12 00:40	esd2cab_GUI.cmd	1.8 kB	361c427ed3ab9950139556bb2349c397	DOS batch file, ASCII text, with CRLF line terminators
2013-10-14 19:12	cabarc.exe	81 kB	a02a8702c6c539bd8648ccbb1869a604	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 3 sections
2017-09-02 03:09	DXTool_x64.exe	282 kB	5933e3965452379338d726cda0678a5b	PE32+ executable (GUI) x86-64, for MS Windows, 6 sections
2017-09-02 03:09	DXTool_x86.exe	252 kB	c4acde86764dc2d2ed765ab0330ae5e4	PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
2017-03-18 02:21	imagex64.exe	754 kB	51f155be5c13e26fdeada1cce51e1e1e	PE32+ executable (console) x86-64, for MS Windows, 6 sections
2017-03-18 02:30	imagex86.exe	648 kB	a452fd6f47c7f603c2c2034dacc8cac4	PE32 executable (console) Intel 80386, for MS Windows, 5 sections
2016-01-10 18:15	SxSExpand.exe	88 kB	ca13105c6b1a532b8aeec611ec6459ef	PE32 executable (console) Intel 80386, for MS Windows, 8 sections
2023-02-12 00:40	_ReadMe.txt	850 B	4c79ddb5b47f494f65c7aa1ef17c67ac	ASCII text, with CRLF line terminators
2024-03-19 19:53	cab2esd_CLI.cmd	2.0 kB	e104fdf0811b33216902dc21003489ec	DOS batch file, ASCII text, with CRLF line terminators
2024-03-19 19:53	esd2cab_CLI.cmd	2.1 kB	44cd59fbe5578331c0fee5db4a6eb75f	DOS batch file, ASCII text, with CRLF line terminators

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	GET raw.githubusercontent.com/abbodi1406/WHD/master/scripts/ESD2CAB-CAB2ESD-3.zip	185.199.110.133	200 OK	1.1 MB
URL User Request GET HTTPS raw.githubusercontent.com/abbodi1406/WHD/master/scripts/ESD2CAB-CAB2ESD-3.zip IP / ASN 185.199.110.133 #54113 FASTLY Requested byN/A Resource Info File typeZip archive data, at least v2.0 to extract, compression method=deflate First Seen2024-05-27 Last Seen2025-03-18 Times Seen8 Size1.1 MB (1052105 bytes) MD5cd22c522007a4c6961b7f4f64c245f1b SHA1bf6a3cff746806f83fb1ba63df13f0d5450ce364 SHA25612430cdc60e68e27078064a51a5366c5fe45541b12caa1bffcdfd23d89e32a2c Certificate Info IssuerDigiCert Inc Subject.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT HTTP Headers GET /abbodi1406/WHD/master/scripts/ESD2CAB-CAB2ESD-3.zip HTTP/1.1 Host: raw.githubusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK cache-control: max-age=300 content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox content-type: application/zip etag: W/"ff65462904595a86c22970912be1cfe55906c5cd250accfbf2d4abb97d425bd0" strict-transport-security: max-age=31536000 x-content-type-options: nosniff x-frame-options: deny x-xss-protection: 1; mode=block x-github-request-id: D99A:312653:19FA2B0:1B77690:6654CBA9 accept-ranges: bytes date: Mon, 27 May 2024 18:06:33 GMT via: 1.1 varnish x-served-by: cache-hel1410022-HEL x-cache: MISS x-cache-hits: 0 x-timer: S1716833194.729250,VS0,VE152 vary: Authorization,Accept-Encoding,Origin access-control-allow-origin: cross-origin-resource-policy: cross-origin x-fastly-request-id: e7895657fecc77642f0569ac0b0ce13ee91a7088 expires: Mon, 27 May 2024 18:11:33 GMT source-age: 0 content-length: 1052105 X-Firefox-Spdy: h2

	GET github.com/abbodi1406/WHD/raw/master/scripts/ESD2CAB-CAB2ESD-3.zip	140.82.121.4	302 Found	1.1 MB
URL User Request GET HTTPS github.com/abbodi1406/WHD/raw/master/scripts/ESD2CAB-CAB2ESD-3.zip IP / ASN 140.82.121.4 #36459 GITHUB Requested byN/A Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-05 Times Seen5676345 Size1.1 MB (1052105 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerSectigo Limited Subjectgithub.com FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT HTTP Headers GET /abbodi1406/WHD/raw/master/scripts/ESD2CAB-CAB2ESD-3.zip HTTP/1.1 Host: github.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: GitHub.com date: Mon, 27 May 2024 18:06:33 GMT content-type: text/html; charset=utf-8 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With access-control-allow-origin: location: https://raw.githubusercontent.com/abbodi1406/WHD/master/scripts/ESD2CAB-CAB2ESD-3.zip cache-control: no-cache strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: no-referrer-when-downgrade content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/copilot-codex/completions .actions.githubusercontent.com wss://.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/ x-github-request-id: C111:3A5E19:CB55386:CE745E9:6654CBA9 X-Firefox-Spdy: h2

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

File detected

JavaScript (0)

HTTP Transactions (2)

HTTP Headers

HTTP Headers