Report Overview

  1. Visited public
    2024-08-17 13:38:15
    Tags
  2. URL

    github.com/ddf8196/BetterRenderDragon/releases/download/v1.4.4/BetterRenderDragon-1.4.4.zip

  3. Finishing URL

    about:privatebrowsing

  4. IP / ASN
    140.82.121.3

    #36459 GITHUB

    Title
    about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
github.com1423
objects.githubusercontent.com134060
r11.o.lencr.orgunknown
r10.o.lencr.orgunknown

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    objects.githubusercontent.com/github-production-release-asset-2e65be/586931419/25e4da5d-15a3-478a-bc06-1e1108a0080e?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240817%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240817T133750Z&X-Amz-Expires=300&X-Amz-Signature=5879783715bf96e2771eb54445d424d0e83a080d354cf5f61d5694a6bd466632&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=586931419&response-content-disposition=attachment%3B%20filename%3DBetterRenderDragon-1.4.4.zip&response-content-type=application%2Foctet-stream

  2. IP

    185.199.109.133

  3. ASN

    #54113 FASTLY

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=deflate

    Size

    328 kB (328262 bytes)

  2. Hash

    2dd7f2f3e5e21eade282c2b9019a2280

    fc0d3a2005d4d7197e56a11ed3eb8b4479506fd7

  1. Archive (6)

  2. FilenameMd5File type
    uwpinject.exe
    7c3b798bc6a1433b0db8ca3225e3e3fe
    PE32+ executable (console) x86-64, for MS Windows, 6 sections
    BetterRenderDragon.dll
    4f2414589c45b0ddd381e7b55e351ed6
    PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections
    launch.ps1
    38be5d9cfe9fb422c6a5bb9cf2ee53e0
    ASCII text, with no line terminators
    LaunchMinecraft.bat
    e69ca7afa5c2be9310e7fab72b83bcc4
    DOS batch file, ASCII text, with CRLF line terminators
    LaunchMinecraftPreview.bat
    b9a3a7a88d18ffb213c5fc33b4bc3978
    DOS batch file, ASCII text, with CRLF line terminators
    LICENSE
    02d4ea62d9fb26520eee03e3923515ce
    ASCII text, with CRLF line terminators

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    files - file ~tmp01925d3f.exe
    VirusTotalmalicious

JavaScript (0)

HTTP Transactions (9)

URLIPResponseSize
r11.o.lencr.org/
23.33.119.57 504 B
r10.o.lencr.org/
23.33.119.57 504 B
r10.o.lencr.org/
23.33.119.57 504 B
r10.o.lencr.org/
23.33.119.57 504 B
github.com/ddf8196/BetterRenderDragon/releases/download/v1.4.4/BetterRenderDragon-1.4.4.zip
140.82.121.3302 Found0 B
objects.githubusercontent.com/github-production-release-asset-2e65be/586931419/25e4da5d-15a3-478a-bc06-1e1108a0080e?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240817%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240817T133750Z&X-Amz-Expires=300&X-Amz-Signature=5879783715bf96e2771eb54445d424d0e83a080d354cf5f61d5694a6bd466632&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=586931419&response-content-disposition=attachment%3B%20filename%3DBetterRenderDragon-1.4.4.zip&response-content-type=application%2Foctet-stream
185.199.109.133200 OK328 kB
r11.o.lencr.org/
23.33.119.27 504 B
r11.o.lencr.org/
23.33.119.27 504 B
r11.o.lencr.org/
23.33.119.27 504 B