Report - cdn.discordapp.com/attachments/1238601360543449190/1238606156562173982/pj64.zip?ex=663fe55f&is=663e93df&hm=55e100b940721bbcc265da2521846a28edcf53e3b6a665592ce56f212bf3317d&

Report Overview

Submitted URL
cdn.discordapp.com/attachments/1238601360543449190/1238606156562173982/pj64.zip?ex=663fe55f&is=663e93df&hm=55e100b940721bbcc265da2521846a28edcf53e3b6a665592ce56f212bf3317d&
IP
162.159.134.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 21:43:47
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-05-09	626 B	8.7 MB	162.159.135.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/1238601360543449190/1238606156562173982/pj64.zip?ex=663fe55f&is=663e93df&hm=55e100b940721bbcc265da2521846a28edcf53e3b6a665592ce56f212bf3317d&
IP
162.159.135.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
8.7 MB (8698538 bytes)
Hash
eedf2ff4d2af4c3f0653b0557a7de725
1d2541af8533c9792ca8f175218eeab2de835fc4
b3b8e727de6b407d0573dfa02824e06c1ce804493f480c3bdd7bfd8ace0c0c2d

Archive (25)

Filename

Md5

File type

AzimersLegacyAudio.ini

3a4208aef8aac26de79239d6e83f4272

ASCII text, with CRLF line terminators

Jabo's Direct3D8 1.7.0.47a Hide Advance Settings.reg

69b23a462c6285c484a76bd1b1c73653

Windows Registry little-endian text (Win2K or above)

Jabo's Direct3D8 1.7.0.47a Unhide Advance Settings.reg

78a27fc9d25834b5aa4f4f72d764aca6

Windows Registry little-endian text (Win2K or above)

Jabo.ini

992a7e88632802feef23a58724fc4e95

ISO-8859 text, with very long lines (836), with CRLF, LF line terminators

Project64.cdb

611e8ad0091c5e5676909a6f5d7a62b1

ASCII text, with very long lines (7651), with CRLF line terminators

AziAudio_Legacy.dll

d355d2bceef77ee32615da0063976076

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

Icepir8sLegacyLLE.dll

0cd54783f84ca19bb04f64cb3e66d2fe

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

Icepir8sLegacyRSP.dll

5aa90f30129b291b2571dda8def055a5

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

Jabo's Direct3D8 1.7.0.47a.dll

45baa5d65e45f23a1e52a4596cdb44e4

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections

Jabo_DInput.dll

dc886a749fe948dfce6d521da9c037f8

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

Jabo_Direct3D6.dll

b86f764dfcab7e95d0e362c0cedc00fb

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

Jabo_Direct3D8.dll

2c09ed3bd8b647381c971391f25b0424

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 8 sections

Jabo_Dsound.dll

b092a24802c8312044e0b1926ecc3492

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

No audio.dll

3edb13b90f8df4fc11d5cd323fa5515d

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 5 sections

NRage_Legacy_Input.dll

d4686a4a456c9619117c27e041a44ea1

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

RSP.dll

23706412ee7a8e7c2c2aa218f9258dd8

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

Project64.rds

05caf33ef8602834c15e9491f9a22b5f

ASCII text, with CRLF line terminators

Project64.rdi

af4862703be7c6c465cb08c3cd8668c5

ASCII text, with CRLF line terminators

Project64_1.6.3.exe

dffbdb53fa68e42f8465385407a60a68

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

parallel-rsp.dll

b697cebde024ebb0ebe32f22b51839f4

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 18 sections

pj64-parallelrdp.dll

b7ec04bdf1a744870082693bc0c04efc

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 18 sections

AziAudio v0.70 WIP10.dll

5c9259f9b3a8de36769a3199a9697630

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

parasettings.exe

504bffd53640e08376ec64f22fdf5c0d

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

NRage_Input_V2.dll

fd98e6c7b9ccc4d2396c8d59d6ab07d3

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

Project64.apps

900e80c793559397af5c533c618e38ad

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	cdn.discordapp.com/attachments/1238601360543449190/1238606156562173982/pj64.zip?ex=663fe55f&is=663e93df&hm=55e100b940721bbcc265da2521846a28edcf53e3b6a665592ce56f212bf3317d&	162.159.135.233	200 OK	8.7 MB
URL User Request GET HTTP/2 cdn.discordapp.com/attachments/1238601360543449190/1238606156562173982/pj64.zip?ex=663fe55f&is=663e93df&hm=55e100b940721bbcc265da2521846a28edcf53e3b6a665592ce56f212bf3317d& IP 162.159.135.233:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectdiscordapp.com Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39 ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 8.7 MB (8698538 bytes) Hash eedf2ff4d2af4c3f0653b0557a7de725 1d2541af8533c9792ca8f175218eeab2de835fc4 b3b8e727de6b407d0573dfa02824e06c1ce804493f480c3bdd7bfd8ace0c0c2d HTTP Headers GET /attachments/1238601360543449190/1238606156562173982/pj64.zip?ex=663fe55f&is=663e93df&hm=55e100b940721bbcc265da2521846a28edcf53e3b6a665592ce56f212bf3317d& HTTP/1.1 Host: cdn.discordapp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 10 May 2024 21:43:18 GMT content-type: application/zip content-length: 8698538 cf-ray: 881d1a9e8c8e568b-OSL cf-cache-status: MISS accept-ranges: bytes, bytes cache-control: public, max-age=31536000 content-disposition: attachment; filename="pj64.zip" etag: "eedf2ff4d2af4c3f0653b0557a7de725" expires: Sat, 10 May 2025 21:43:18 GMT last-modified: Fri, 10 May 2024 21:38:39 GMT vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 x-goog-generation: 1715377119987079 x-goog-hash: crc32c=yI8d8Q==, md5=7t8v9NKvTD8GU7BVen3nJQ== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 8698538 x-guploader-uploadid: ABPtcPouC1pf-TgPaMaL8fC_n05gJF-k8XOGaJc2hIjStidM7WxAQ9nYb5WLTV1ErWinBGWBBjE x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XdfuaEcZB6JZlWMh096PHMSPivadQN5emKp%2FWVjiM6fNfyyOCrr6VICgs9dNnEInIwfiQS2Yu7n7t5cZSyNVIlSTbmEvCn8s8Ut2yA6aIOWJoZcAvZ1nrPdB%2FT3hCG8foFlGiA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} set-cookie: __cf_bm=FCJanlFnjaBE1mtlDtUskaxqe6gElcTeXvNpZn2f_7E-1715377398-1.0.1.1-UClQSu8jqKyL6Jkrc5M3X.27iIDHFupZufYkAvPYh5H10g7avNDPTjZWGg6DGrl7D8IOsNWDHFXIiQ559AM4Gw; path=/; expires=Fri, 10-May-24 22:13:18 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None _cfuvid=K3qsiNZ.mRj94DaXmrCPU6_4sZzYMdHY1_iyAHk_Qz4-1715377398150-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None server: cloudflare X-Firefox-Spdy: h2

cdn.discordapp.com/attachments/1238601360543449190/1238606156562173982/pj64.zip?ex=663fe55f&is=663e93df&hm=55e100b940721bbcc265da2521846a28edcf53e3b6a665592ce56f212bf3317d&

162.159.135.233

200 OK

8.7 MB

URL User Request GET HTTP/2
cdn.discordapp.com/attachments/1238601360543449190/1238606156562173982/pj64.zip?ex=663fe55f&is=663e93df&hm=55e100b940721bbcc265da2521846a28edcf53e3b6a665592ce56f212bf3317d&
IP
162.159.135.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
8.7 MB (8698538 bytes)
Hash
eedf2ff4d2af4c3f0653b0557a7de725
1d2541af8533c9792ca8f175218eeab2de835fc4
b3b8e727de6b407d0573dfa02824e06c1ce804493f480c3bdd7bfd8ace0c0c2d

HTTP Headers

GET /attachments/1238601360543449190/1238606156562173982/pj64.zip?ex=663fe55f&is=663e93df&hm=55e100b940721bbcc265da2521846a28edcf53e3b6a665592ce56f212bf3317d& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 21:43:18 GMT
content-type: application/zip
content-length: 8698538
cf-ray: 881d1a9e8c8e568b-OSL
cf-cache-status: MISS
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment; filename="pj64.zip"
etag: "eedf2ff4d2af4c3f0653b0557a7de725"
expires: Sat, 10 May 2025 21:43:18 GMT
last-modified: Fri, 10 May 2024 21:38:39 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1715377119987079
x-goog-hash: crc32c=yI8d8Q==, md5=7t8v9NKvTD8GU7BVen3nJQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8698538
x-guploader-uploadid: ABPtcPouC1pf-TgPaMaL8fC_n05gJF-k8XOGaJc2hIjStidM7WxAQ9nYb5WLTV1ErWinBGWBBjE
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XdfuaEcZB6JZlWMh096PHMSPivadQN5emKp%2FWVjiM6fNfyyOCrr6VICgs9dNnEInIwfiQS2Yu7n7t5cZSyNVIlSTbmEvCn8s8Ut2yA6aIOWJoZcAvZ1nrPdB%2FT3hCG8foFlGiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=FCJanlFnjaBE1mtlDtUskaxqe6gElcTeXvNpZn2f_7E-1715377398-1.0.1.1-UClQSu8jqKyL6Jkrc5M3X.27iIDHFupZufYkAvPYh5H10g7avNDPTjZWGg6DGrl7D8IOsNWDHFXIiQ559AM4Gw; path=/; expires=Fri, 10-May-24 22:13:18 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=K3qsiNZ.mRj94DaXmrCPU6_4sZzYMdHY1_iyAHk_Qz4-1715377398150-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (25)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers