Report - github.com/JayDDee/cpuminer-opt/releases/download/v3.20.2/cpuminer-opt-3.20.2-windows.zip

Report Overview

Submitted URL
github.com/JayDDee/cpuminer-opt/releases/download/v3.20.2/cpuminer-opt-3.20.2-windows.zip
IP
140.82.121.4
ASN
#36459 GITHUB
Submitted
2024-04-20 10:06:11
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
57

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-03-24	543 B	4.0 kB	140.82.121.4
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2024-04-20	1.0 kB	19 MB	185.199.108.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/51284118/084b3ba8-2926-4f9b-9ea2-80dff67e43e3?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240420%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240420T100536Z&X-Amz-Expires=300&X-Amz-Signature=8f65a4b768ae2012a552a82832c1c4bb31686ab201b3865b04e0245c2a552fbb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=51284118&response-content-disposition=attachment%3B%20filename%3Dcpuminer-opt-3.20.2-windows.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
19 MB (18915946 bytes)
Hash
7d8d2c89de846ca52fa4581913f00e3c
8190d20d4a90258d79450f48ffbd3df5323608fb
32dd1dc7fbe6f978222f87c574248803d48b26066aa02c69a0a019b9113d1825

Archive (18)

Filename

Md5

File type

cpuminer-aes-sse42.exe

f23c3a69f15f52485feb3c887fc5f5a6

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

cpuminer-avx2.exe

a0406f7fd9daa3e8a8b1fa8c8b18474e

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

cpuminer-avx2-sha.exe

3b9c1b644b13a9d4a1719970e03962b6

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

cpuminer-avx2-sha-vaes.exe

f5c974b199f3afcdc2a73d82b2748c79

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

cpuminer-avx512.exe

ee9392b09a67a5aea71f885d2636c037

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

cpuminer-avx512-sha-vaes.exe

bc303c157b7a263a09713f8bf977b91c

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

cpuminer-avx.exe

d7b43c704780b03ffa94670a4890414f

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

cpuminer-sse2.exe

f882ff55183717bfc13d46187051c937

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

libcrypto-1_1-x64.dll

8759f8c46a6e91bf54722a5739c41ebb

PE32+ executable (DLL) (console) x86-64, for MS Windows, 20 sections

libcurl-4.dll

aeab40ed9a8e627ea7cefc1f5cf9bf7a

PE32+ executable (DLL) (console) x86-64, for MS Windows, 19 sections

libgcc_s_seh-1.dll

7cf672bee2afba2dcd0c031ff985958e

PE32+ executable (DLL) (console) x86-64, for MS Windows, 19 sections

libstdc++-6.dll

19fcc327c7f9eaf6a1fae47c9864fda7

PE32+ executable (DLL) (console) x86-64, for MS Windows, 19 sections

libwinpthread-1.dll

585efec1bc1d4d916a4402c9875dff75

PE32+ executable (DLL) (console) x86-64, for MS Windows, 20 sections

README.md

9c6a4bab10f00ad69d74bc4d410e7900

JavaScript source, ASCII text

README.txt

f73fad5e072248b6745b1201786874df

ASCII text

RELEASE_NOTES

1533255db67a457be8e6462d4d1a58b6

ASCII text

verthash-help.txt

8c5e29531ae134a06d77821bd0ef5619

ASCII text

zlib1.dll

c275a3b20a471cc858436e1c295314b1

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 12 sections

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects a Bitcoin Miner
Public Nextron YARA rules	malware	Detects mining pool protocol string in Executable
Public Nextron YARA rules	malware	Detects Monero mining software
Elastic Security YARA Rules	malware	Linux.Cryptominer.Flystudio
Elastic Security YARA Rules	malware	Linux.Cryptominer.Generic
Elastic Security YARA Rules	malware	Windows.Cryptominer.Generic
Public Nextron YARA rules	malware	Detects a Bitcoin Miner
Public Nextron YARA rules	malware	Detects mining pool protocol string in Executable
Public Nextron YARA rules	malware	Detects Monero mining software
Elastic Security YARA Rules	malware	Linux.Cryptominer.Flystudio
Elastic Security YARA Rules	malware	Linux.Cryptominer.Generic
Elastic Security YARA Rules	malware	Windows.Cryptominer.Generic
Public Nextron YARA rules	malware	Detects a Bitcoin Miner
Public Nextron YARA rules	malware	Detects Monero mining software
Elastic Security YARA Rules	malware	Linux.Cryptominer.Flystudio
Elastic Security YARA Rules	malware	Linux.Cryptominer.Generic
Elastic Security YARA Rules	malware	Windows.Cryptominer.Generic
Public Nextron YARA rules	malware	Detects a Bitcoin Miner
Public Nextron YARA rules	malware	Detects Monero mining software
Elastic Security YARA Rules	malware	Linux.Cryptominer.Flystudio
Elastic Security YARA Rules	malware	Linux.Cryptominer.Generic
Elastic Security YARA Rules	malware	Windows.Cryptominer.Generic
Public Nextron YARA rules	malware	Detects a Bitcoin Miner
Public Nextron YARA rules	malware	Detects Monero mining software
Elastic Security YARA Rules	malware	Linux.Cryptominer.Flystudio
Elastic Security YARA Rules	malware	Linux.Cryptominer.Generic
Elastic Security YARA Rules	malware	Windows.Cryptominer.Generic
Public Nextron YARA rules	malware	Detects a Bitcoin Miner
Public Nextron YARA rules	malware	Detects Monero mining software
Elastic Security YARA Rules	malware	Linux.Cryptominer.Flystudio
Elastic Security YARA Rules	malware	Linux.Cryptominer.Generic
Elastic Security YARA Rules	malware	Windows.Cryptominer.Generic
Public Nextron YARA rules	malware	Detects a Bitcoin Miner
Public Nextron YARA rules	malware	Detects mining pool protocol string in Executable
Public Nextron YARA rules	malware	Detects Monero mining software
Elastic Security YARA Rules	malware	Linux.Cryptominer.Flystudio
Elastic Security YARA Rules	malware	Linux.Cryptominer.Generic
Elastic Security YARA Rules	malware	Windows.Cryptominer.Generic
Public Nextron YARA rules	malware	Detects a Bitcoin Miner
Public Nextron YARA rules	malware	Detects mining pool protocol string in Executable
Public Nextron YARA rules	malware	Detects Monero mining software
Elastic Security YARA Rules	malware	Linux.Cryptominer.Flystudio
Elastic Security YARA Rules	malware	Linux.Cryptominer.Generic
Elastic Security YARA Rules	malware	MacOS.Cryptominer.Generic
Elastic Security YARA Rules	malware	Windows.Cryptominer.Generic
Public Nextron YARA rules	malware	Detects mining pool protocol string in Executable
Public Nextron YARA rules	malware	Detects mining pool protocol string in Executable
VirusTotal	malicious	VirusTotal - Scan result 46/67

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

github.com/JayDDee/cpuminer-opt/releases/download/v3.20.2/cpuminer-opt-3.20.2-windows.zip

140.82.121.4

302 Found

0 B

URL User Request GET HTTP/2
github.com/JayDDee/cpuminer-opt/releases/download/v3.20.2/cpuminer-opt-3.20.2-windows.zip
IP
140.82.121.4:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /JayDDee/cpuminer-opt/releases/download/v3.20.2/cpuminer-opt-3.20.2-windows.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Sat, 20 Apr 2024 10:05:36 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/51284118/084b3ba8-2926-4f9b-9ea2-80dff67e43e3?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240420%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240420T100536Z&X-Amz-Expires=300&X-Amz-Signature=8f65a4b768ae2012a552a82832c1c4bb31686ab201b3865b04e0245c2a552fbb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=51284118&response-content-disposition=attachment%3B%20filename%3Dcpuminer-opt-3.20.2-windows.zip&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: E015:1C89E8:16719E39:16A56A83:66239370
X-Firefox-Spdy: h2

objects.githubusercontent.com/github-production-release-asset-2e65be/51284118/084b3ba8-2926-4f9b-9ea2-80dff67e43e3?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240420%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240420T100536Z&X-Amz-Expires=300&X-Amz-Signature=8f65a4b768ae2012a552a82832c1c4bb31686ab201b3865b04e0245c2a552fbb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=51284118&response-content-disposition=attachment%3B%20filename%3Dcpuminer-opt-3.20.2-windows.zip&response-content-type=application%2Foctet-stream

185.199.108.133

200 OK

19 MB

URL User Request GET HTTP/2
objects.githubusercontent.com/github-production-release-asset-2e65be/51284118/084b3ba8-2926-4f9b-9ea2-80dff67e43e3?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240420%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240420T100536Z&X-Amz-Expires=300&X-Amz-Signature=8f65a4b768ae2012a552a82832c1c4bb31686ab201b3865b04e0245c2a552fbb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=51284118&response-content-disposition=attachment%3B%20filename%3Dcpuminer-opt-3.20.2-windows.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
19 MB (18915946 bytes)
Hash
7d8d2c89de846ca52fa4581913f00e3c
8190d20d4a90258d79450f48ffbd3df5323608fb
32dd1dc7fbe6f978222f87c574248803d48b26066aa02c69a0a019b9113d1825

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 46/67

HTTP Headers

GET /github-production-release-asset-2e65be/51284118/084b3ba8-2926-4f9b-9ea2-80dff67e43e3?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240420%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240420T100536Z&X-Amz-Expires=300&X-Amz-Signature=8f65a4b768ae2012a552a82832c1c4bb31686ab201b3865b04e0245c2a552fbb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=51284118&response-content-disposition=attachment%3B%20filename%3Dcpuminer-opt-3.20.2-windows.zip&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-md5: fY0sid6EbKUvpFgZE/AOPA==
last-modified: Tue, 02 Aug 2022 00:26:59 GMT
etag: "0x8DA741DB680A7A9"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 88f528ed-401e-0059-3009-9366d6000000
x-ms-version: 2020-10-02
x-ms-creation-time: Tue, 02 Aug 2022 00:26:59 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=cpuminer-opt-3.20.2-windows.zip
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 20 Apr 2024 10:05:37 GMT
age: 0
x-served-by: cache-iad-kjyo7100101-IAD, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 5, 0
x-timer: S1713607537.076717,VS0,VE487
content-length: 18915946
X-Firefox-Spdy: h2