Report - github.com/PSGO/PPPwnGo/releases/download/v2.8-20250109/PPPwnGo-v2.8-0109.zip

Report Overview

Visitedpublic

2025-01-19 04:36:02

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
github.com	1423	2007-10-09	2016-07-13	2025-01-15	531 B	4.3 kB	140.82.121.3
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2025-01-15	964 B	9.2 MB	185.199.109.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

objects.githubusercontent.com/github-production-release-asset-2e65be/794810266/c8d26624-baa0-4912-9a75-1c0a10a1e765?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250119%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250119T043535Z&X-Amz-Expires=300&X-Amz-Signature=35a366287add34d5b18ef6f7caf46efaff04d97c4ee39ad886d8279bc1a37d03&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DPPPwnGo-v2.8-0109.zip&response-content-type=application%2Foctet-stream

IP / ASN

185.199.109.133

#54113 FASTLY

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=deflate

Size9.2 MB (9234261 bytes)

MD54ac3233d138f47e255f57b900a078789

SHA13fcf987492d775618116c047ba2f4d9e3196a890

SHA256310583fbb1efa90cf3ca4f499251496f59f43e3f1425c7ecf814e06f437bad1e

Archive (99)

Modified	Filename	Size	MD5	File type
2025-01-09 15:31	README.md	4.1 kB	c6ae96d4a23b217e2800647558c80a2b	Unicode text, UTF-8 text
2025-01-09 15:29	˵��.txt	1.8 kB	ed975688ca3afdb197c3badfc78ad2a1	Unicode text, UTF-8 text
2024-05-10 23:54	Wait for other FWs	0 B	d41d8cd98f00b204e9800998ecf8427e
2024-06-19 16:51	Payload˵��readme.txt	261 B	56812b74f96d715f779fecc5399862fe	Unicode text, UTF-8 text, with CRLF line terminators
2024-12-23 02:03	goldhen.bin	261 kB	9caeb9afa1e26d80d0e293ade0446b10	DOS executable (COM), start instruction 0xe9d21100 00f30f1e
2024-10-28 13:09	goldhen.bin	260 kB	78c655db47c395434715fce94fa86743	DOS executable (COM), start instruction 0xe9861100 00f30f1e
2025-01-09 14:58	payload.bin	15 kB	a09599036497c3554dd6a73fb71f7812	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	15 kB	aeae08a07e580545066b5e28e208dd4f	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	4c6f0ccc08e5c7d6399d24e7817b7e3f	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	7bc8b565a82eddf7fe70b34311be86ac	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2024-12-23 02:03	goldhen.bin	261 kB	9caeb9afa1e26d80d0e293ade0446b10	DOS executable (COM), start instruction 0xe9d21100 00f30f1e
2024-10-28 13:09	goldhen.bin	260 kB	78c655db47c395434715fce94fa86743	DOS executable (COM), start instruction 0xe9861100 00f30f1e
2024-06-19 16:50	GoldHEN vs VTX.png	43 kB	5fabbff85db7895beb2018b66d4c2e5a	PNG image data, 480 x 550, 8-bit/color RGBA, non-interlaced
2024-10-28 13:09	goldhen.bin	260 kB	78c655db47c395434715fce94fa86743	DOS executable (COM), start instruction 0xe9861100 00f30f1e
2024-12-23 02:03	goldhen.bin	261 kB	9caeb9afa1e26d80d0e293ade0446b10	DOS executable (COM), start instruction 0xe9d21100 00f30f1e
2024-10-28 13:09	goldhen.bin	260 kB	78c655db47c395434715fce94fa86743	DOS executable (COM), start instruction 0xe9861100 00f30f1e
2024-12-23 02:03	goldhen.bin	261 kB	9caeb9afa1e26d80d0e293ade0446b10	DOS executable (COM), start instruction 0xe9d21100 00f30f1e
2024-10-28 13:09	goldhen.bin	260 kB	78c655db47c395434715fce94fa86743	DOS executable (COM), start instruction 0xe9861100 00f30f1e
2024-12-23 02:03	goldhen.bin	261 kB	9caeb9afa1e26d80d0e293ade0446b10	DOS executable (COM), start instruction 0xe9d21100 00f30f1e
2024-10-28 13:09	goldhen.bin	260 kB	78c655db47c395434715fce94fa86743	DOS executable (COM), start instruction 0xe9861100 00f30f1e
2024-12-23 02:03	goldhen.bin	261 kB	9caeb9afa1e26d80d0e293ade0446b10	DOS executable (COM), start instruction 0xe9d21100 00f30f1e
2024-10-28 13:09	goldhen.bin	260 kB	78c655db47c395434715fce94fa86743	DOS executable (COM), start instruction 0xe9861100 00f30f1e
2024-12-23 02:03	goldhen.bin	261 kB	9caeb9afa1e26d80d0e293ade0446b10	DOS executable (COM), start instruction 0xe9d21100 00f30f1e
2024-10-28 13:09	goldhen.bin	260 kB	78c655db47c395434715fce94fa86743	DOS executable (COM), start instruction 0xe9861100 00f30f1e
2024-12-23 02:03	goldhen.bin	261 kB	9caeb9afa1e26d80d0e293ade0446b10	DOS executable (COM), start instruction 0xe9d21100 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	259a2fbed349517939de90fd3cf102ca	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	259a2fbed349517939de90fd3cf102ca	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	259a2fbed349517939de90fd3cf102ca	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	bd70d7919dd2e0f8cb8df59c7e7bc413	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	bd70d7919dd2e0f8cb8df59c7e7bc413	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	bd70d7919dd2e0f8cb8df59c7e7bc413	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	db1de0517866663ec98ab0b99d2ce3ab	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	db1de0517866663ec98ab0b99d2ce3ab	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	5ef1339fe2741d12a31d68dd3050e8bd	DOS executable (COM), start instruction 0xe9940200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	d9f75cf066b06470b7b759f81fa87ef3	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2025-01-09 14:58	payload.bin	16 kB	540a9e6326a6001207fa3631b1c48275	DOS executable (COM), start instruction 0xe9970200 00f30f1e
2024-05-10 23:54	goldhen.bin	283 kB	db7ed7262f90d2f9f8342b1ae57179f5	DOS executable (COM), start instruction 0xe9661000 00f30f1e
2024-05-10 23:54	goldhen.bin	282 kB	9bf90ebe4f19699e41eaad1071392c6d	DOS executable (COM), start instruction 0xe9661000 00f30f1e
2025-01-09 15:18	stage2.bin	2.7 kB	bca7c2f584489f552b37d0867812be2f	DOS executable (COM), start instruction 0xe96e0700 00534889
2025-01-09 15:18	stage2.bin	2.7 kB	bca7c2f584489f552b37d0867812be2f	DOS executable (COM), start instruction 0xe96e0700 00534889
2025-01-09 15:18	stage2.bin	2.7 kB	8a620c3a08c2a034e41c0c7cb0458247	DOS executable (COM), start instruction 0xe96e0700 00534889
2025-01-09 15:18	stage2.bin	2.7 kB	6b954dd1bab01a79c7f7033ae6d1fe71	DOS executable (COM), start instruction 0xe96e0700 00534889
2025-01-09 15:18	stage2.bin	2.7 kB	bca7c2f584489f552b37d0867812be2f	DOS executable (COM), start instruction 0xe96e0700 00534889
2025-01-09 15:18	stage2.bin	2.7 kB	c976d00ec889926f2ac9fab2fd40ecfa	DOS executable (COM), start instruction 0xe96e0700 00534889
2025-01-09 15:18	stage2.bin	2.7 kB	0c43112d611c3723adb27010c28a5c52	DOS executable (COM), start instruction 0xe96e0700 00534889
2025-01-09 15:18	stage2.bin	2.7 kB	6b954dd1bab01a79c7f7033ae6d1fe71	DOS executable (COM), start instruction 0xe96e0700 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	1ae8c6d283a37ff3168c3401ac4e86a0	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	bfd749cd25b34373ba0184dc16165f3e	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	1ae8c6d283a37ff3168c3401ac4e86a0	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	bfd749cd25b34373ba0184dc16165f3e	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	1ae8c6d283a37ff3168c3401ac4e86a0	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	bfd749cd25b34373ba0184dc16165f3e	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	ca16956520dc8ce111856491aff89917	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	43d399fb566f47eaf0f21ab51893b661	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	ca16956520dc8ce111856491aff89917	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	43d399fb566f47eaf0f21ab51893b661	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	3967e107d97c66571b425377dc90ba2b	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	9da51f25f4f326952350124f6289fa84	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	9da51f25f4f326952350124f6289fa84	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	bf4e3a7df4dd01a29300cb57c0323620	DOS executable (COM), start instruction 0xe96e0100 00534889
2025-01-09 15:23	stage2.bin	6.0 kB	bf4e3a7df4dd01a29300cb57c0323620	DOS executable (COM), start instruction 0xe96e0100 00534889
2024-12-22 17:27	CPP_debug.ini	1.2 kB	e7f29daa8fa0a74a73324001537d971c	Unicode text, UTF-8 text, with CRLF line terminators
2024-11-10 21:55	pppwn.exe	563 kB	d8033fd7df4885e7e7b7ee9e6e074001	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections
2024-07-11 18:32	PPPwnGo.exe	111 kB	1f2e533441f0511252c4505c10143463	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
2024-05-03 14:59	4.��װpip��˫��.bat	40 B	58194b2a72727206780a3f6f0a1e51ae	ASCII text, with CRLF line terminators
2024-05-09 22:15	3.��װpython.txt	66 B	e69c776da0a2dda5c3927a1205f05c0f	Unicode text, UTF-8 text, with CRLF line terminators
2024-05-03 15:10	2.add Python to Path.png	103 kB	d6cb744eaec2c33afc6ba4c3ed93a028	PNG image data, 400 x 378, 8-bit/color RGB, non-interlaced
2024-06-23 02:51	1.��װnpcap.txt	454 B	699cdd28ed8cbc82f5f413bad33941cb	Unicode text, UTF-8 text, with CRLF line terminators
2024-05-03 08:29	5.��װscapy��˫��.bat	25 B	f75b5994777a0da1a7fdcda28546f454	ASCII text, with CRLF, LF line terminators
2024-06-16 23:57	pppwn.py	29 kB	c1908b4da915c4908f9d35fac921b709	Python script, ASCII text executable
2024-06-16 23:57	offsets.py	29 kB	d2cff007676aa9ba533bb831b9a7dfa6	ASCII text
2024-06-18 20:08	pppwn.exe	1.5 MB	ba2c3b1abcde339d0597ea0e32619b59	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections
2024-05-27 10:24	pppwn.exe	1.5 MB	87fd8e2c384052e9bfba97a92e4cd308	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections
2024-06-01 18:38	pppwn.exe	567 kB	199f3d26b818603f961b0995aa5271b4	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed, 3 sections
2024-06-23 02:40	Go_debug.ini	621 B	415080b598b8e97f7a4da0314da57cd1	ASCII text, with CRLF line terminators
2024-06-02 17:19	ReadMe.txt	414 B	01c189b3483685952ad05fb01c6400e1	Unicode text, UTF-8 text, with CRLF line terminators
2024-05-07 06:10	stage1.bin	500 B	99b8083ac07bed4bf555f0ec02a7ffa4	data
2024-05-07 06:10	stage1.bin	500 B	99b8083ac07bed4bf555f0ec02a7ffa4	data
2024-05-03 01:49	stage1.bin	500 B	44f3cc05520077899c0cd51422811013	data
2024-05-03 01:50	stage1.bin	500 B	44f3cc05520077899c0cd51422811013	data
2024-05-03 01:50	stage1.bin	500 B	44f3cc05520077899c0cd51422811013	data
2024-05-03 00:23	stage1.bin	500 B	565a3867eb66b0baafdeb812037c95f8	data
2024-05-20 01:47	stage1.bin	500 B	1da7b4d77bcb45cbfef127c0b2892284	data
2024-05-20 01:47	stage1.bin	500 B	1da7b4d77bcb45cbfef127c0b2892284	data
2024-05-20 01:47	stage1.bin	500 B	1da7b4d77bcb45cbfef127c0b2892284	data
2024-05-06 22:06	stage1.bin	500 B	8f8d7e2777d51905e5b4e15a27a38219	data
2024-05-06 22:06	stage1.bin	500 B	8f8d7e2777d51905e5b4e15a27a38219	data
2024-05-06 22:06	stage1.bin	500 B	8f8d7e2777d51905e5b4e15a27a38219	data
2024-05-06 22:06	stage1.bin	500 B	896e8f979ea9621107546b49ec00ed86	data
2024-05-06 22:06	stage1.bin	500 B	896e8f979ea9621107546b49ec00ed86	data
2024-05-06 22:06	stage1.bin	500 B	896e8f979ea9621107546b49ec00ed86	data
2024-05-06 22:06	stage1.bin	500 B	411aab2f9f2947d66286c9dd8c9b7a63	data
2024-05-06 22:06	stage1.bin	500 B	411aab2f9f2947d66286c9dd8c9b7a63	data
2024-05-03 01:48	stage1.bin	500 B	ab7db32dbe6c6e4e8f80d642a41f5d05	data
2024-05-03 00:23	stage1.bin	500 B	e372c39870ae642dd32c28122f6727c9	data
2024-05-03 01:48	stage1.bin	500 B	e372c39870ae642dd32c28122f6727c9	data
2024-05-03 01:49	stage1.bin	500 B	57749fe2519d4b987da8a4291d1d9fd7	data
2024-05-07 04:08	stage1.bin	500 B	57749fe2519d4b987da8a4291d1d9fd7	data
2024-05-03 01:49	stage1.bin	500 B	57749fe2519d4b987da8a4291d1d9fd7	data

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects imphash often found in malware samples (Maximum 0,25% hits with search for 'imphash:x p:0' on Virustotal) = 99,75% hits
Public Nextron YARA rules	malware	Detects imphash often found in malware samples (Maximum 0,25% hits with search for 'imphash:x p:0' on Virustotal) = 99,75% hits

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	GET github.com/PSGO/PPPwnGo/releases/download/v2.8-20250109/PPPwnGo-v2.8-0109.zip	140.82.121.3	302 Found	0 B
URL github.com/PSGO/PPPwnGo/releases/download/v2.8-20250109/PPPwnGo-v2.8-0109.zip IP / ASN 140.82.121.3 #36459 GITHUB Requested byN/A Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5605874 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerSectigo Limited Subjectgithub.com FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT HTTP Headers GET /PSGO/PPPwnGo/releases/download/v2.8-20250109/PPPwnGo-v2.8-0109.zip HTTP/1.1 Host: github.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: GitHub.com date: Sun, 19 Jan 2025 04:35:35 GMT content-type: text/html; charset=utf-8 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/794810266/c8d26624-baa0-4912-9a75-1c0a10a1e765?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250119%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250119T043535Z&X-Amz-Expires=300&X-Amz-Signature=35a366287add34d5b18ef6f7caf46efaff04d97c4ee39ad886d8279bc1a37d03&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DPPPwnGo-v2.8-0109.zip&response-content-type=application%2Foctet-stream cache-control: no-cache strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: no-referrer-when-downgrade content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com .rel.tunnels.api.visualstudio.com wss://.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com .actions.githubusercontent.com wss://.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/ content-length: 0 x-github-request-id: 7C51:339462:235A9FD:246C012:678C8117 X-Firefox-Spdy: h2

	GET objects.githubusercontent.com/github-production-release-asset-2e65be/794810266/c8d26624-baa0-4912-9a75-1c0a10a1e765?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250119%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250119T043535Z&X-Amz-Expires=300&X-Amz-Signature=35a366287add34d5b18ef6f7caf46efaff04d97c4ee39ad886d8279bc1a37d03&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DPPPwnGo-v2.8-0109.zip&response-content-type=application%2Foctet-stream	185.199.109.133	200 OK	9.2 MB
URL objects.githubusercontent.com/github-production-release-asset-2e65be/794810266/c8d26624-baa0-4912-9a75-1c0a10a1e765?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250119%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250119T043535Z&X-Amz-Expires=300&X-Amz-Signature=35a366287add34d5b18ef6f7caf46efaff04d97c4ee39ad886d8279bc1a37d03&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DPPPwnGo-v2.8-0109.zip&response-content-type=application%2Foctet-stream IP / ASN 185.199.109.133 #54113 FASTLY Requested byN/A Resource Info File typeZip archive data, at least v2.0 to extract, compression method=deflate First Seen2025-01-19 Last Seen2025-01-19 Times Seen1 Size9.2 MB (9234261 bytes) MD54ac3233d138f47e255f57b900a078789 SHA13fcf987492d775618116c047ba2f4d9e3196a890 SHA256310583fbb1efa90cf3ca4f499251496f59f43e3f1425c7ecf814e06f437bad1e Certificate Info IssuerDigiCert Inc Subject.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT HTTP Headers GET /github-production-release-asset-2e65be/794810266/c8d26624-baa0-4912-9a75-1c0a10a1e765?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250119%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250119T043535Z&X-Amz-Expires=300&X-Amz-Signature=35a366287add34d5b18ef6f7caf46efaff04d97c4ee39ad886d8279bc1a37d03&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DPPPwnGo-v2.8-0109.zip&response-content-type=application%2Foctet-stream HTTP/1.1 Host: objects.githubusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/octet-stream last-modified: Thu, 09 Jan 2025 07:41:05 GMT etag: "0x8DD3080F9841FC4" server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 828daaef-b01e-0000-166c-62e155000000 x-ms-version: 2024-11-04 x-ms-creation-time: Thu, 09 Jan 2025 07:41:05 GMT x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob content-disposition: attachment; filename=PPPwnGo-v2.8-0109.zip x-ms-server-encrypted: true via: 1.1 varnish, 1.1 varnish fastly-restarts: 1 accept-ranges: bytes age: 0 date: Sun, 19 Jan 2025 04:35:36 GMT x-served-by: cache-iad-kcgs7200138-IAD, cache-hel1410022-HEL x-cache: HIT, MISS x-cache-hits: 1288, 0 x-timer: S1737261336.708453,VS0,VE108 content-length: 9234261 X-Firefox-Spdy: h2

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

File detected

Detections

JavaScript (0)

HTTP Transactions (2)

HTTP Headers

HTTP Headers