Report - cdn.discordapp.com/attachments/1191858671869755513/1192950064075772054/Ukn_Nenyooo_v1.0.3028.0.7_unknowncheats.me_.zip?ex=663b4c93&is=6639fb13&hm=963476024f1e3444463ba98e89f94813b3ef8694e51649bea2ad2c47699f95d1&

Report Overview

Submitted URL
cdn.discordapp.com/attachments/1191858671869755513/1192950064075772054/Ukn_Nenyooo_v1.0.3028.0.7_unknowncheats.me_.zip?ex=663b4c93&is=6639fb13&hm=963476024f1e3444463ba98e89f94813b3ef8694e51649bea2ad2c47699f95d1&
IP
162.159.135.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 21:51:30
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-05-06	665 B	13 MB	162.159.133.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/1191858671869755513/1192950064075772054/Ukn_Nenyooo_v1.0.3028.0.7_unknowncheats.me_.zip?ex=663b4c93&is=6639fb13&hm=963476024f1e3444463ba98e89f94813b3ef8694e51649bea2ad2c47699f95d1&
IP
162.159.133.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
13 MB (13267630 bytes)
Hash
0e29c16bb68bba81b5a4bd58e243ee07
db3eb6a51fd4c8001865cfd6615906233efab94c
96bcafc7faeac788a9b827372bbb306cecbdcda01e80eab170d149ff205f9bfd

Archive (20)

Filename

Md5

File type

Barbie Barb.xml

bf5b3c75607a0218010a97798edb8714

XML 1.0 document, ASCII text

Barbie.xml

2535c36ddcc5c9e9af802eb9b251149e

XML 1.0 document, ASCII text

Aerial_Islands.xml

0bf237e9d12c53f63296a553048cbf07

XML document, Unicode text, UTF-8 text

Upside_Down_World.xml

9f80b6869101d36970385c105f7b972b

XML document, Unicode text, UTF-8 text

All_Vehicle.ini

ccab2a5c67f52f2762cf9f38045aa185

ASCII text, with CRLF line terminators

Birthday sex by Spine.xml

c31127bfa63271908f8d66cfa5fc4aec

XML 1.0 document, ASCII text

Carrier Invader (by Spine).xml

c437a38feb58e083fc301269032eb257

XML 1.0 document, ASCII text

Rolling Destruction by Spine - Copy.xml

e46cb78d2ceb9ce75610860a67830948

XML 1.0 document, ASCII text

Spinethetic-FuckT2Blimp.xml

a74a5924410a74dee16144003cfe8c97

XML 1.0 document, ASCII text

Spinethetic-HamburgersRevenge.xml

2c47a42e9f72d0fb34dd900c7262a9ce

XML 1.0 document, ASCII text

Spinethetic-XmasSleighBoat.xml

3253820c216399f27c99d87edb7f570e

XML 1.0 document, ASCII text

Spinethetic-ZombieSabreGT.xml

338b29f194b2c45f867bbb15ad5f8ade

XML 1.0 document, ASCII text

Xmas.wav

1e2bd472c41ff2590c9346826285162f

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz

Options.ttf

e671580dac468cbc7e4ae3b5a5720842

TrueType Font data, 15 tables, 1st "FFTM", 34 names, Macintosh

Title.ttf

5341b1c8be577e3fbc38eb58e73790c4

OpenType font data

Header.gif

319241870a5cd9b3702681f240a3ad50

GIF image data, version 89a, 1076 x 138

Header.png

d7c1e0c1d5b309d9e61e15a0726f3863

PNG image data, 1076 x 138, 8-bit/color RGBA, non-interlaced

Options.png

14c92499f5ea9367e62a5aff0503bf5e

PNG image data, 512 x 48, 8-bit/color RGBA, non-interlaced

Right Arrow.png

adea6e471b7fe9ab0e243a8b031bd486

PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced

Nenyooo v1.0.3028.0.7.exe

e4cd62277fbd751b1fd3484f9b3bfc6b

PE32+ executable (GUI) x86-64, for MS Windows, 12 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 36/67

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

cdn.discordapp.com/attachments/1191858671869755513/1192950064075772054/Ukn_Nenyooo_v1.0.3028.0.7_unknowncheats.me_.zip?ex=663b4c93&is=6639fb13&hm=963476024f1e3444463ba98e89f94813b3ef8694e51649bea2ad2c47699f95d1&

162.159.133.233

200 OK

13 MB

URL User Request GET HTTP/2
cdn.discordapp.com/attachments/1191858671869755513/1192950064075772054/Ukn_Nenyooo_v1.0.3028.0.7_unknowncheats.me_.zip?ex=663b4c93&is=6639fb13&hm=963476024f1e3444463ba98e89f94813b3ef8694e51649bea2ad2c47699f95d1&
IP
162.159.133.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
13 MB (13267630 bytes)
Hash
0e29c16bb68bba81b5a4bd58e243ee07
db3eb6a51fd4c8001865cfd6615906233efab94c
96bcafc7faeac788a9b827372bbb306cecbdcda01e80eab170d149ff205f9bfd

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 36/67

HTTP Headers

GET /attachments/1191858671869755513/1192950064075772054/Ukn_Nenyooo_v1.0.3028.0.7_unknowncheats.me_.zip?ex=663b4c93&is=6639fb13&hm=963476024f1e3444463ba98e89f94813b3ef8694e51649bea2ad2c47699f95d1& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 21:51:02 GMT
content-type: application/zip
content-length: 13267630
cf-ray: 88046dd6ecdf56bd-OSL
cf-cache-status: MISS
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment; filename="Ukn_Nenyooo_v1.0.3028.0.7_unknowncheats.me_.zip"
etag: "0e29c16bb68bba81b5a4bd58e243ee07"
expires: Wed, 07 May 2025 21:51:02 GMT
last-modified: Fri, 05 Jan 2024 21:57:39 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1704491859289028
x-goog-hash: crc32c=Lg5Plw==, md5=DinBa7aLuoG1pL1Y4kPuBw==
x-goog-metageneration: 4
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13267630
x-guploader-uploadid: ABPtcPo4wVSAfqzSvxt3Tmz5UUB2qjQ7-aKMZ9uyM6XklSuJpNAsSSF0M-TbcROXiAwEAb2wFSc
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fUtD7dNRwLPP%2BQk46qoKOBKtUWE5tmADT9cDRLPLsb6KmFEPGha1Ew%2Fvu1oOZr4NLI9WsIi%2FVl4kezYkrRNZof4cVIrNqWh4gzRcK1tqJrC%2BN%2FS2ByZPZJOMaINSprSEXDVDjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=xj.fz4S_kiQZe9KR1LoU3Mp9xcc9aRuibm0CZFvJkWU-1715118662-1.0.1.1-t2uGdcV8TI5gVhZk6R8iEYHCWRSp2DDJvJnPLXGkom8GKIIGoYmhE2.ACr2254YObXLBeAx7PewMuBaXjTEwrg; path=/; expires=Tue, 07-May-24 22:21:02 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=CBelcs9PR3uFJlh7WHPvM.ZYFiIWM.qazf56xp0nFN8-1715118662785-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (20)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers