Report - cdn.discordapp.com/attachments/998834059553820743/1101216204615602256/Side_Aim_Framework_v1.6.1_-_EN.7z?ex=663bc702&is=663a7582&hm=c874a01b58f933b02d882bb3c6a7de4224bc3bc273e00e822e28a3524823c420&

Report Overview

Submitted URL
cdn.discordapp.com/attachments/998834059553820743/1101216204615602256/Side_Aim_Framework_v1.6.1_-_EN.7z?ex=663bc702&is=663a7582&hm=c874a01b58f933b02d882bb3c6a7de4224bc3bc273e00e822e28a3524823c420&
IP
162.159.129.233
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 23:47:53
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2024-05-06	650 B	293 kB	162.159.134.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/998834059553820743/1101216204615602256/Side_Aim_Framework_v1.6.1_-_EN.7z?ex=663bc702&is=663a7582&hm=c874a01b58f933b02d882bb3c6a7de4224bc3bc273e00e822e28a3524823c420&
IP
162.159.134.233
ASN
#13335 CLOUDFLARENET

File type
7-zip archive data, version 0.4
Size
291 kB (291363 bytes)
Hash
edd9ac234a3092e34485dfd17672d531
e8f45efda9975f826ae4da0d7d55836e65f92708
8fc3f1cc5e1e3d5ded6e34065a0d40295f0ef7f865f959fc0f896a7cad7a42d3

Archive (40)

Filename

Md5

File type

SideAim.ini

2cead3dc649127c5cf710df7ca4e68e0

Generic INItialization configuration [ZoomData]

Custom.ini

7606d34b9d6227d5b0759fa4c46c5038

ASCII text, with CRLF line terminators

config.json

6f4730e56510f287ae9b231e7c38dcf9

JSON text data

keybinds.json

84c4e77c9c9877d637bd725a350093dd

JSON text data

SideAim.ini

4a62d70d6371db1779cdfe1c533cf71c

ASCII text, with CRLF line terminators

WPNEquipFast.hkx

4b94d1558e2d0a38aa31c0f3b6d2c2c2

data

WPNEquipFast.hkx

965e62f869d8434d0efcc009b2b51a6b

data

WPNEquipFast.hkx

4b94d1558e2d0a38aa31c0f3b6d2c2c2

data

WPNFireAutoReadyBack.hkx

4dd7f8678a1d2cf763720fc8cb5d0a2a

data

WPNFireAutoReadyForward.hkx

4dd7f8678a1d2cf763720fc8cb5d0a2a

data

WPNFireAutoSighted.hkx

01d524466cd20b326be69a381fd00620

data

WPNFireSingleReady.hkx

d21743d06450e99589e56d2999d60dca

data

WPNFireSingleReadyA.hkx

d21743d06450e99589e56d2999d60dca

data

WPNFireSingleReadyB.hkx

d21743d06450e99589e56d2999d60dca

data

WPNFireSingleSighted.hkx

eb80ff289f99f4796bad195f62834ab3

data

WPNIdleReady.hkx

4b43ac73835fbda4cec457abe89b972f

data

WPNIdleReadyA.hkx

4b43ac73835fbda4cec457abe89b972f

data

WPNIdleReadyB.hkx

4b43ac73835fbda4cec457abe89b972f

data

WPNIdleReadyC.hkx

4b43ac73835fbda4cec457abe89b972f

data

WPNIdleReadyD.hkx

4b43ac73835fbda4cec457abe89b972f

data

WPNIdleSighted.hkx

9ec43c232ac5948b6f34fbd6ca3cc50a

data

WPNRunForwardReady.hkx

ba74508953cdf4456ac793ca012d182c

data

WPNWalkForwardSighted.hkx

39e0ca3e164ded8fba3ccd42e7441b61

data

WPNBoltChargeSighted.hkx

58c704e1448072d646cf72e9e63c8be6

data

WPNEquipFast.hkx

c8caf532f2c48da1be4b8b65a10f5be4

data

WPNFireSingleSighted.hkx

687d90c6154c137fa511138e89492b89

data

WPNIdleSighted.hkx

4ea63ecdcd86cae2bcb9b4f6cf0db428

data

WPNWalkForwardSighted.hkx

5e429556f0d6eeceed75b67b0dcd60e4

data

ChangeFireMode.hkx

82b2acdc190591061835a081c1ec1691

data

justForTesting.hkx

82b2acdc190591061835a081c1ec1691

data

oooo.hkx

82b2acdc190591061835a081c1ec1691

data

Events.pex

352ec9695360d11077af433bc74d3a1f

Compiled PSI (v1) data

HotkeyChangeFireMode.pex

636d974618ce4366a19b102278631181

Compiled PSI (v1) data

HotkeyChangeSideAim.pex

ad7a475ebbc9ede0c531c468f2882dfa

Compiled PSI (v1) data

MCM.pex

d6e9dcc3f14ac6ffcf878aad3331403d

Compiled PSI (v1) data

SideAim.pex

6ced2cd1c11912d412605cd2b100176b

Compiled PSI (v1) data

ZoomDataAdjust.pex

3dec4f20ac9b7bb4409dcc07cbaaddb8

Compiled PSI (v1) data

SideAim.esp

94149ba73b1db545191e0528408647fb

data

auto_semiauto_switch.wav

2bc6c9c798bb37b8603db67e78e54b34

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 44100 Hz

SideAimAni.dll

dfe926fa6355b044621077a97a498404

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

cdn.discordapp.com/attachments/998834059553820743/1101216204615602256/Side_Aim_Framework_v1.6.1_-_EN.7z?ex=663bc702&is=663a7582&hm=c874a01b58f933b02d882bb3c6a7de4224bc3bc273e00e822e28a3524823c420&

162.159.134.233

200 OK

291 kB

URL User Request GET HTTP/2
cdn.discordapp.com/attachments/998834059553820743/1101216204615602256/Side_Aim_Framework_v1.6.1_-_EN.7z?ex=663bc702&is=663a7582&hm=c874a01b58f933b02d882bb3c6a7de4224bc3bc273e00e822e28a3524823c420&
IP
162.159.134.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdiscordapp.com
Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
7-zip archive data, version 0.4
Size
291 kB (291363 bytes)
Hash
edd9ac234a3092e34485dfd17672d531
e8f45efda9975f826ae4da0d7d55836e65f92708
8fc3f1cc5e1e3d5ded6e34065a0d40295f0ef7f865f959fc0f896a7cad7a42d3

HTTP Headers

GET /attachments/998834059553820743/1101216204615602256/Side_Aim_Framework_v1.6.1_-_EN.7z?ex=663bc702&is=663a7582&hm=c874a01b58f933b02d882bb3c6a7de4224bc3bc273e00e822e28a3524823c420& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:47:29 GMT
content-type: application/x-7z-compressed
content-length: 291363
cf-ray: 880518694ea8b503-OSL
cf-cache-status: MISS
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment; filename="Side_Aim_Framework_v1.6.1_-_EN.7z"
etag: "edd9ac234a3092e34485dfd17672d531"
expires: Wed, 07 May 2025 23:47:29 GMT
last-modified: Thu, 27 Apr 2023 18:40:02 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1682620802860799
x-goog-hash: crc32c=/NYUSQ==, md5=7dmsI0owkuNEhd/RdnLVMQ==
x-goog-metageneration: 3
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 291363
x-guploader-uploadid: ABPtcPow-FHO2teZM12-lvZrcQzRV1NHQQXGzRGOUdDI-_sATYy7YqUVubW5YXFRu9rLT-rGsnLAky1BIA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJciLkZStaUyLFtM%2F8%2F8j9aSbF1RxQqfxFAkWFcoCx2WM9PO6chA%2FLKhbnI4oJE260BoTd7qTrUq4EshkiS3VIF5LYf3o0NBxjLeGuyclhvfATllo7PTHhteZ8FP340cM1CV2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=e8DjQuu3Q6TwHHEScUCckdyzUgEjPN.u45C0TvtW188-1715125649-1.0.1.1-i9O4N4rxjfj9GppxkUV4vlZbIAW2AIzMD4R8u.HHblNszMiCRmDY56md4jR7STDf1fC8Ske3EmFJQuQMezPSRg; path=/; expires=Wed, 08-May-24 00:17:29 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=q1JLCQzqeXRv7wiT1Yih2TMW6qADpl3rteXCWTxg7ac-1715125649987-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2