Report - cdn.discordapp.com/attachments/1230626507244703835/1238644056368877568/Moral_Beta_Launcher_2.01_2.zip?ex=664008ab&is=663eb72b&hm=0961e17b0081eb9b4af264263bfcd57511ac0e69ae0811edbbc62ce652963edc&

Report Overview

Submitted URL
cdn.discordapp.com/attachments/1230626507244703835/1238644056368877568/Moral_Beta_Launcher_2.01_2.zip?ex=664008ab&is=663eb72b&hm=0961e17b0081eb9b4af264263bfcd57511ac0e69ae0811edbbc62ce652963edc&
IP
162.159.129.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-11 03:20:47
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
7

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	unknown	No data	No data	648 B	16 MB	162.159.133.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/1230626507244703835/1238644056368877568/Moral_Beta_Launcher_2.01_2.zip?ex=664008ab&is=663eb72b&hm=0961e17b0081eb9b4af264263bfcd57511ac0e69ae0811edbbc62ce652963edc&
IP
162.159.133.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
16 MB (16104216 bytes)
Hash
8df7307398013e82e1929c69565fb275
f46340cc029ec665622bbfddb9d2a360c6c1184d
1a79040973dffcc8c7815a0763fcdf1b02abefd8975f5bbb284e17e975075bc4

Archive (77)

Filename

Md5

File type

Appium.Net.dll

b965f2a31d5af09cfbc6bb25faaf9a8d

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Appium.Net.xml

4296e5dbf39bf179a957bb0121c62060

XML 1.0 document, ASCII text, with very long lines (499), with CRLF line terminators

AWSSDK.Core.dll

8ae49205d31ca3d97f21aa9b7297ca82

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

AWSSDK.Core.pdb

3a20add790ff1889ec6839172e39ec05

Microsoft Roslyn C# debugging symbols version 1.0

AWSSDK.Core.xml

240a13849079062a5311e270c9b8f750

XML 1.0 document, ASCII text, with CRLF line terminators

AWSSDK.SecurityToken.dll

59f80595b1b4f60daf2f19ff2f748f08

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

AWSSDK.SecurityToken.pdb

5cf114c494b431dfad819dad439da60f

Microsoft Roslyn C# debugging symbols version 1.0

AWSSDK.SecurityToken.xml

b33b6b0ddb9f4aa22030c509a51ee71d

XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators

Castle.Core.dll

726ab57d22c502a460576f55041a9ce1

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Castle.Core.xml

f77134374fc0dad31ec4910c7081aa63

XML 1.0 document, ASCII text, with very long lines (332), with CRLF line terminators

DiscordRPC.dll

3956130e36754f184a0443c850f708f8

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

DiscordRPC.pdb

79d6e74e2253e7db2590fe279ed84996

Microsoft Roslyn C# debugging symbols version 1.0

DiscordRPC.xml

8dd0e62f1ef1355060719b062049e1db

XML 1.0 document, ASCII text, with very long lines (319)

DnsClient.dll

5b326e9e8a78ed4d106c19936004410d

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

DnsClient.xml

f4584d89b77a878d64abe69466d28739

XML 1.0 document, ASCII text, with CRLF line terminators

INIFileParser.dll

2e77f841dbf271fd1ffc460bfd87a1d5

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

INIFileParser.xml

9e1e82310f8566a90f561c8cfd437b04

XML 1.0 document, ASCII text

Legerity.Core.dll

a4fb0654196d4aec7485c527e02cc23a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Legerity.Core.xml

711237ced4dc7eafc634072d7a96463d

XML 1.0 document, ASCII text

Legerity.Windows.dll

62c904a9261e7813a6f365e94586f3e9

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Legerity.Windows.xml

671981e4087eb10933d1b54993dcad03

XML 1.0 document, ASCII text

Microsoft.Bcl.AsyncInterfaces.dll

1ee251645b8a54a116d6d06c83a2bd85

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Bcl.AsyncInterfaces.xml

0737b770ba5d854d4887a8f4d9c8de04

XML 1.0 document, ASCII text, with very long lines (321), with CRLF line terminators

Microsoft.Edge.SeleniumTools.dll

8094fc9bad0a651ba78d2d3ea6f5d52d

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Extensions.Logging.Abstractions.dll

f6bfb173119f48eed8b3616a3fd5464f

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Extensions.Logging.Abstractions.xml

a5c90bc105dc23074fbdb131d2dd1fec

XML 1.0 document, ASCII text, with CRLF line terminators

Microsoft.Web.WebView2.Core.dll

5cfa9dc1d4a3d153542036c3675519ea

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Web.WebView2.Core.xml

23a503d05deda39333cb8fdfcb300fea

XML 1.0 document, ASCII text, with very long lines (801), with CRLF line terminators

Microsoft.Web.WebView2.WinForms.dll

f1d70ec78d7aab57b09f57e44f626d0a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Web.WebView2.WinForms.xml

7accce3ee43e2042e8f3bf53fa754ef5

XML 1.0 document, ASCII text, with very long lines (565), with CRLF line terminators

Microsoft.Web.WebView2.Wpf.dll

accc1a8fb812a2fc89e6d9e07c63244f

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Web.WebView2.Wpf.xml

aeff0eb62df649c8510d11ace3ee421a

XML 1.0 document, ASCII text, with very long lines (560), with CRLF line terminators

Microsoft.Win32.Registry.dll

59c48aacb1c413c108161afe13fdbed9

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Microsoft.Win32.Registry.xml

a3290ea94f8f3bb6577b78e792d6018d

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (360), with CRLF line terminators

mongocrypt.dll

0cf27a123c4f51d1992dbf1a92218680

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections

MongoDB.Bson.dll

5d471e51fad3f1ce9dd6b15060edd9a6

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

MongoDB.Bson.xml

c5ae9e1d358a4fe8f900203a39be761e

XML 1.0 document, ASCII text, with very long lines (314), with CRLF, CR line terminators

MongoDB.Driver.Core.dll

c01471c5b5ea7186ba24f518e575a656

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

MongoDB.Driver.Core.xml

b510559c29affd8d931d3c8fce77f788

XML 1.0 document, ASCII text, with very long lines (628), with CRLF line terminators

MongoDB.Driver.dll

bfe7788f302bec456318203b1e248df0

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

MongoDB.Driver.xml

4e644f1afafe198adf0d9abc8ed82226

XML 1.0 document, ASCII text, with very long lines (393), with CRLF line terminators

MongoDB.Libmongocrypt.dll

d1509c7b0daf880cdd873ab2097b6f70

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Moral BetaLauncher.exe

83c9c8a980e6cc7a9bc176ee0123eb6b

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Newtonsoft.Json.dll

081d9558bbb7adce142da153b2d5577a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Newtonsoft.Json.xml

f414b3f68fe7c4f094b8fe8382f858c9

XML 1.0 document, ASCII text, with CRLF line terminators

WebView2Loader.dll

8c85303286462a681f6067b75d22e262

PE32+ executable (DLL) (console) Aarch64, for MS Windows, 8 sections

WebView2Loader.dll

75bf6c40545560e5013313655b110b93

PE32+ executable (DLL) (console) x86-64, for MS Windows, 12 sections

WebView2Loader.dll

187ebe3e687679673716d1013b8e18a0

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 8 sections

SeleniumExtras.PageObjects.dll

4f7932af630e306dc2947f3aaf2c7a0f

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

SharpCompress.dll

6701ee3e7f165187480e693ea2a717da

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Snappier.dll

ff946ef655243208b5ab1b2ba351258c

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Snappier.xml

3da86e2cfc9adedf5a7d3696db6eea66

XML 1.0 document, ASCII text

System.Buffers.dll

ecdfe8ede869d2ccc6bf99981ea96400

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Buffers.xml

1c55860dd93297a6ea2fad2974834c3a

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (727), with CRLF line terminators

System.Memory.dll

f09441a1ee47fb3e6571a3a448e05baf

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Memory.xml

add19745a43b2515280ce24671863114

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

System.Numerics.Vectors.dll

aaa2cbf14e06e9d3586d8a4ed455db33

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Numerics.Vectors.xml

95dd29ca17b63843ad787d3bc9c8c933

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

System.Runtime.CompilerServices.Unsafe.dll

9a341540899dcc5630886f2d921be78f

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Runtime.CompilerServices.Unsafe.xml

aa2cb9ba14481a623ee20f821cf5d180

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

System.Security.AccessControl.dll

996aab294e1d369b148d732e5ec0dfdc

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Security.AccessControl.xml

b3c9070ed2c4d57dec812a5873b75e62

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (644), with CRLF line terminators

System.Security.Principal.Windows.dll

be2962225b441cc23575456f32a9cf6a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Security.Principal.Windows.xml

9977a803a9bc474843d4dc0b3fd8aff1

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (482), with CRLF line terminators

System.Text.Encoding.CodePages.dll

be1849efb259352613e72046a3b4bcaf

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Text.Encoding.CodePages.xml

c1bed46594fd83112d7e77050eb0e874

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

System.Threading.Tasks.Extensions.dll

e1e9d7d46e5cd9525c5927dc98d9ecc7

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Threading.Tasks.Extensions.xml

c89e735fcf37e76e4c3d7903d2111c04

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

WebDriver.dll

9283cfa187616d4db0e41bdab6083d88

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

WebDriver.Support.dll

10ea7d402172831486eb48deacf2924b

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

WebDriver.Support.xml

f85ab77bc3dc1476e1e0ae22749a9d2d

XML 1.0 document, ASCII text, with CRLF line terminators

WebDriver.xml

c41361604cf332cd9f49de9a7cd04a63

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

WindowsAPICodePack.Shell.CommonFileDialogs.dll

37e343fa4a13ff80365f3614936ed294

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Wpf.Ui.dll

aead90ab96e2853f59be27c4ec1e4853

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Wpf.Ui.pdb

066c4b2047783276252164c5e5f18857

Microsoft Roslyn C# debugging symbols version 1.0

Wpf.Ui.xml

d771f719c2d455cd2f42e0461a01c782

XML 1.0 document, ASCII text, with CRLF line terminators

ZstdSharp.dll

506a30f1b5463347e5ab64566b3fb60f

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	meth_get_eip
VirusTotal	suspicious	VirusTotal - Scan result 3/64

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

cdn.discordapp.com/attachments/1230626507244703835/1238644056368877568/Moral_Beta_Launcher_2.01_2.zip?ex=664008ab&is=663eb72b&hm=0961e17b0081eb9b4af264263bfcd57511ac0e69ae0811edbbc62ce652963edc&

162.159.133.233

200 OK

16 MB

URL User Request GET HTTP/2
cdn.discordapp.com/attachments/1230626507244703835/1238644056368877568/Moral_Beta_Launcher_2.01_2.zip?ex=664008ab&is=663eb72b&hm=0961e17b0081eb9b4af264263bfcd57511ac0e69ae0811edbbc62ce652963edc&
IP
162.159.133.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
16 MB (16104216 bytes)
Hash
8df7307398013e82e1929c69565fb275
f46340cc029ec665622bbfddb9d2a360c6c1184d
1a79040973dffcc8c7815a0763fcdf1b02abefd8975f5bbb284e17e975075bc4

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 3/64

HTTP Headers

GET /attachments/1230626507244703835/1238644056368877568/Moral_Beta_Launcher_2.01_2.zip?ex=664008ab&is=663eb72b&hm=0961e17b0081eb9b4af264263bfcd57511ac0e69ae0811edbbc62ce652963edc& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:55:22 GMT
content-type: application/zip
content-length: 16104216
cf-ray: 881e8bdfcb145696-OSL
cf-cache-status: MISS
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment; filename="Moral_Beta_Launcher_2.01_2.zip"
etag: "8df7307398013e82e1929c69565fb275"
expires: Sun, 11 May 2025 01:55:22 GMT
last-modified: Sat, 11 May 2024 00:09:16 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1715386156011830
x-goog-hash: crc32c=a20c6Q==, md5=jfcwc5gBPoLhkpxpVl+ydQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16104216
x-guploader-uploadid: ABPtcPpfsoyLLpRuhVOJ1zemApWGEWwPNqPN_EaSDm_HmrYK09rc_hhb3Nbi7q_5t3E-YYBZJk8
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7ST%2FHmlfg73GWQck930xifRd1nBhxSlvjWY8imQjpag4f3iwiNm1%2FsvfSTWJxg5e9ZKUlaWo6gUblZRpUggxI9v15%2BPtX0z2sr5KpaBXY1KzU0zSfuDufQJvCUfwsxsTDtR7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=s7mgCYILVhwxAA5B6MK4fupcUUsl4qrAMCXc78e0u3Y-1715392522-1.0.1.1-hiju7wf.ytjl2zMTWmAkVUvvwmVY3lrNhOgE9P8_pJT2KhJ5luorTWQgDkrDM4kqFpYWjp8z74GpsCwp9m3yGA; path=/; expires=Sat, 11-May-24 02:25:22 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=J2s0YdgSH5YTkoZge4NvWc3snI3yGER8VV.WKVfD3K4-1715392522765-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (77)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers