Report - cdn.discordapp.com/attachments/788086502419726361/788184473983516672/icytower1.5_package.zip?ex=66302bfe&is=661db6fe&hm=7736fc5a747542da7b05f967478e9c0664b03bfaeee2ec85f4859110e7be5195&

Report Overview

Submitted URL
cdn.discordapp.com/attachments/788086502419726361/788184473983516672/icytower1.5_package.zip?ex=66302bfe&is=661db6fe&hm=7736fc5a747542da7b05f967478e9c0664b03bfaeee2ec85f4859110e7be5195&
IP
162.159.130.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 19:21:48
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-04-17	639 B	3.9 MB	162.159.133.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/788086502419726361/788184473983516672/icytower1.5_package.zip?ex=66302bfe&is=661db6fe&hm=7736fc5a747542da7b05f967478e9c0664b03bfaeee2ec85f4859110e7be5195&
IP
162.159.133.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
3.9 MB (3904628 bytes)
Hash
346ee8c33bfbf6a08d8a2c48e7b5b80d
b7376f8e2d012b283ab85cfb5038576c8cfa602c
2bf9f6df231780d362d42b64050be26f766754e7c115d82ee444c9b01cf73948

Archive (31)

Filename

Md5

File type

ads.csv

d41d8cd98f00b204e9800998ecf8427e

characters.txt

83d1f66152a0e8775e6cb7206cbfb30a

ASCII text, with CRLF line terminators

dave.dat

06b78a71ec5f3fee1e4b393cfae80f97

Allegro datafile (packed)

disco_dave.txt

fb66240b03ecca6ecf6056e2c229a1f9

ASCII text, with CRLF line terminators

harold.dat

bfce3faa03ca1273ad737aac6e4050ca

Allegro datafile (packed)

harold_the_homeboy.txt

a38791b9a0dfb12415a0d4f3b6b3f5bb

ASCII text, with CRLF line terminators

wendy.dat

2ce09e31c52f60559e0856f5b322d38d

Allegro datafile (packed)

wild_wendy.txt

d8c7555eea4b554915581ac0c2c988b5

ASCII text, with CRLF line terminators

_template.png

fda28c6b199bec094aa31f0c66ce5b65

PNG image data, 540 x 80, 8-bit/color RGB, non-interlaced

_template.txt

6655bec6767a90d57d1a2c372fbbdad4

ASCII text, with CRLF line terminators

data.dat

203d2c32a0b0a01796ff2146abc74652

data

loading.dat

cd3c286708cd5b818d265bd9761e1c0f

data

sfx15.dat

f39a64a050bb986087c87e4c5f732d87

data

exchndl.dll

d8293bf4e4ad25c94698c5adf3810a62

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections

icytower.url

8c62d279dcebdd98e0e57af7ee298fc8

MS Windows 95 Internet shortcut text (URL=<http://www.icytower.com/?src=it15_startmenu>), ASCII text, with CRLF line terminators

icytower15.exe

fc40cca56ce75c72a66a51f1353b74ca

PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections

libpng3.dll

7ab85e8bd90b7b75aabe97fe8ecc5961

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections

log.txt

7ac68dab6865712d667912d77c85632e

data

ogg_license.txt

01d69b71c40960081ef1beaff046ac99

ASCII text, with CRLF, LF line terminators

dummy.txt

3321e06a17432bcf79edddeda062c5de

ASCII text, with no line terminators

dummy.txt

3321e06a17432bcf79edddeda062c5de

ASCII text, with no line terminators

guest.itp

c5206d67a7d848ab0cb9d8ec8924ab71

data

guest_stats.txt

f6e9f186b6de5ac87c59afc83fe3bc70

ASCII text, with CRLF line terminators

dummy.txt

3321e06a17432bcf79edddeda062c5de

ASCII text, with no line terminators

pthreadGC2.dll

02d99732db270270682e1b5e97415857

PE32 executable (DLL) (console) Intel 80386, for MS Windows, UPX compressed, 3 sections

readme.txt

17a7f0bee7beb4848b496feaa0a38be3

ASCII text, with CRLF line terminators

screenshots.txt

ce1353a41a2d12a37e6afdaa4ab5a5ec

ASCII text, with CRLF line terminators

tower.cfg

1d57b1f1d56febfd6976440298924b6b

Allegro datafile (packed)

unins000.dat

ed34eedaadb1c74ae62285e121d0730f

InnoSetup Log Icy Tower v1.5, version 0x30, 4463 bytes, STACJONARNY\Piotr, "c:\games\icytower1.5"

unins000.exe

a3d12999a046b4b8d97eade99d1d8db8

PE32 executable (GUI) Intel 80386, for MS Windows, 8 sections

zlib1.dll

c7d4d685a0af2a09cbc21cb474358595

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 7 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/64

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

cdn.discordapp.com/attachments/788086502419726361/788184473983516672/icytower1.5_package.zip?ex=66302bfe&is=661db6fe&hm=7736fc5a747542da7b05f967478e9c0664b03bfaeee2ec85f4859110e7be5195&

162.159.133.233

200 OK

3.9 MB

URL User Request GET HTTP/2
cdn.discordapp.com/attachments/788086502419726361/788184473983516672/icytower1.5_package.zip?ex=66302bfe&is=661db6fe&hm=7736fc5a747542da7b05f967478e9c0664b03bfaeee2ec85f4859110e7be5195&
IP
162.159.133.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
3.9 MB (3904628 bytes)
Hash
346ee8c33bfbf6a08d8a2c48e7b5b80d
b7376f8e2d012b283ab85cfb5038576c8cfa602c
2bf9f6df231780d362d42b64050be26f766754e7c115d82ee444c9b01cf73948

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/64

HTTP Headers

GET /attachments/788086502419726361/788184473983516672/icytower1.5_package.zip?ex=66302bfe&is=661db6fe&hm=7736fc5a747542da7b05f967478e9c0664b03bfaeee2ec85f4859110e7be5195& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 19:21:23 GMT
content-type: application/zip
content-length: 3904628
cf-ray: 875ec71f48460b02-OSL
cf-cache-status: MISS
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment;%20filename=icytower1.5_package.zip
etag: "346ee8c33bfbf6a08d8a2c48e7b5b80d"
expires: Thu, 17 Apr 2025 19:21:23 GMT
last-modified: Mon, 14 Dec 2020 23:23:42 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1607988222732100
x-goog-hash: crc32c=DTUthQ==, md5=NG7owzv79qCNiixI57W4DQ==
x-goog-metageneration: 3
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3904628
x-guploader-uploadid: ABPtcPqVGteXl6K9PmEuE9LmoH6LRUqmwWgNA0wKcJghbuKoVnEWi7r_Q7vMt3aBd2tNL8A-IzuonM3usA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhqBnErPQ1aGtg6jf9CoVemptsPD5%2F%2BlslgvHJF%2Ba8ij%2B0yNF%2F5nvJYVuvWqCklCVBhrjcBOoCzjKOu8wqVd9JvzL50XYKfIx8QanOT%2F60%2Fc4Vm2El%2FAyq5jYjcLediP5Ioz7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=lqnmjtX0DDiAA.uMJnyWFPtMdA2dnWOnbX6EJKBOf0s-1713381683-1.0.1.1-I75F9UM_JPQeFsycu2uNkqHgkmgJddRdlBlytku0DNxn5XisfMwpPwhTR5e9a8Vb9tcukbOkV47xGRiKjQlw.Q; path=/; expires=Wed, 17-Apr-24 19:51:23 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=UqzJprq8TZOWHXRXTWvL2pKzOTgcAyUtDOHuC5AQP9I-1713381683739-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (31)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers