Report - github.com/dqx-translation-project/dqxclarity/releases/download/v4.11.2/dqxclarity.zip

Report Overview

Submitted URL
github.com/dqx-translation-project/dqxclarity/releases/download/v4.11.2/dqxclarity.zip
IP
140.82.121.4
ASN
#36459 GITHUB
Submitted
2024-04-19 13:13:41
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-03-24	540 B	3.9 kB	140.82.121.3
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2024-04-19	993 B	2.8 MB	185.199.108.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/556371191/6d0b37ff-49c7-4d48-97bd-de5c9fe66a6d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240419%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240419T131313Z&X-Amz-Expires=300&X-Amz-Signature=7eba69e000d9cd3077a353950f180d04e2b5a21fd988ebc526284adbd676e291&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=556371191&response-content-disposition=attachment%3B%20filename%3Ddqxclarity.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
2.8 MB (2799551 bytes)
Hash
9f0fca7f8c35ae2b76669bc5c8c88455
c47be346149e1e9683f680dd7f7ac90965555de0
369019fefc4c41e4a04646e8cbd6388b85781afb5aa7451394ba0d52289e67a8

Archive (54)

Filename

Md5

File type

clarity.py

a3e472ae6c1f6e02e8cca0865955e1db

Python script, ASCII text executable

easydetour.py

dcd7ede01df7c7efa1266439c8e20e0c

Python script, ASCII text executable

quest.py

5f68a68a9d58a18296ce37638e0e4bd1

Python script, ASCII text executable

party.py

0c298780bb224ba3410f8191ab6165df

Python script, ASCII text executable

corner_text.py

cccc9b7fdc233830a5e84c6684826a68

Python script, ASCII text executable

walkthrough.py

d09f0f32078bfae05305f711b62ac767

ASCII text

dialog.py

81bee19f7bcaf18574bdeb33fe25f824

Python script, ASCII text executable

__init__.py

d41d8cd98f00b204e9800998ecf8427e

hide_hooks.py

71824a7bdc36e4dd51ade4cf8616178f

Python script, ASCII text executable

network_text.py

0c292f7fec713aed6cb198a03dbed26f

Python script, Unicode text, UTF-8 text executable

hook.py

b2fd2e121dd6ad9784671dee9ef642d5

Python script, ASCII text executable

player.py

77a5731939fd8f0998f5f901cbbead4a

Python script, Unicode text, UTF-8 text executable

version.update

408d0388b8180ad2e97042014a9c247f

ASCII text

dqxclarity.exe

48b10034cb3f5aadf0a274601e3b0226

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

__init__.py

d41d8cd98f00b204e9800998ecf8427e

errors.py

59cf675fc3fae99b616082451e3bccb0

Python script, ASCII text executable

constants.py

5717be006aaa24a3d8d1a2154322b635

ASCII text

translate.py

772012bb7c25c9d88e666335725b4308

Python script, Unicode text, UTF-8 text executable

signatures.py

f7a8bb77f7f9518a9bb1fdd7fb9fa998

Unicode text, UTF-8 text

schema.sql

e9ecd77f918f1842d1a7528023fb8e9c

ASCII text

db_ops.py

4d3397564df7f95dff845b9c5fae8bc5

Python script text executable Python script, ASCII text executable

__init__.py

d41d8cd98f00b204e9800998ecf8427e

process.py

21254bdfa58f468781ea76284e00fda9

Python script, ASCII text executable

lib.py

9fff0157e1a5bf3cc1ee599fc8c53947

Python script, ASCII text executable

memory.py

855e2bbe8244690206374ebd22207c9f

Python script, ASCII text executable

update.py

1a8f85d3c9930c56189238fa2914cc04

Python script, ASCII text executable

user_settings.ini

e2a1ed3922967c1944e4cee1025789d6

ASCII text

requirements.txt

caf40da3345b5e5b252f6548ca781490

ASCII text

.keep

d41d8cd98f00b204e9800998ecf8427e

clarity_dialog.db

9be00c28ffdb5bf38556807f562bc731

SQLite 3.x database, last written using SQLite version 3035005, file counter 11854, database pages 1389, 1st free page 10, free pages 625, cookie 0x1f, schema 4, UTF-8, version-valid-for 11854

run_clarity.ps1

9cb203452c133a851241a1d147feacd2

ASCII text

updater.py

12e1e5b804727f4c4d75739697b6e3d9

Python script, ASCII text executable

main.py

22b4e5757f89617ce9fdd10616033ccd

Python script, ASCII text executable

LICENSE

4d5546e6aa3a77ed403637c8ebb8855c

ASCII text

__init__.py

d41d8cd98f00b204e9800998ecf8427e

_agent.js

304e5ddc87d15164c2c1cd10c43c755f

JavaScript source, Unicode text, UTF-8 text, with very long lines (2420)

index.ts

a9de0f6e3ee2ab1e5a74564e75ca90c6

JavaScript source, ASCII text

hwbp.ts

beb003ad6def1fd5e53b9abb253cefa4

JavaScript source, ASCII text

msvc.ts

a0f72fdb8b0f65298be05e12b87b5f48

JavaScript source, ASCII text

frida_agent.py

56398b09afe9c7c2a55f05fd1481a403

Python script, ASCII text executable

dqxcrypt.py

17f4683a04bb69d8278d4d5f0449245e

Python script, ASCII text executable

advapi32.py

40488e25022d1a0b384f3fc5b9d3a8f9

ASCII text

ntdll.py

e8dc4ab48547cde9e98060a4afb39324

ASCII text

psapi.py

296a6ca1966b268e8e238b3ee3f3463e

ASCII text

__init__.py

5f1975f69536cad407671a7d860bcfd4

Python script, ASCII text executable

structure.py

e9dfbe7ac69d993a5a0afc7e4bdf9345

Python script, ASCII text executable, with very long lines (424)

kernel32.py

218a3542aea3d06ac561c505c243ece1

Python script, ASCII text executable

ptypes.py

4a09764f27a1ad178ec73f25c693042b

Python script, ASCII text executable

pattern.py

d166ed51852e1529f15382344bd83ae2

Python script, ASCII text executable

__init__.py

8023d1b6076192fa86f831e3ba1c40ce

Python script, ASCII text executable

process.py

42ee40d04576d460ff2db4a77925046f

Python script, ASCII text executable

memory.py

3702c85d4ca59bd52f9079332ea75a82

Python script, ASCII text executable

thread.py

e59be302796963ca9481ec4873377499

Python script, ASCII text executable

exception.py

35df1e68d4e5c2b10deeef4b2213a69a

Python script, ASCII text executable

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/64

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

github.com/dqx-translation-project/dqxclarity/releases/download/v4.11.2/dqxclarity.zip

140.82.121.3

302 Found

0 B

URL User Request GET HTTP/2
github.com/dqx-translation-project/dqxclarity/releases/download/v4.11.2/dqxclarity.zip
IP
140.82.121.3:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dqx-translation-project/dqxclarity/releases/download/v4.11.2/dqxclarity.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Fri, 19 Apr 2024 13:13:13 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/556371191/6d0b37ff-49c7-4d48-97bd-de5c9fe66a6d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240419%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240419T131313Z&X-Amz-Expires=300&X-Amz-Signature=7eba69e000d9cd3077a353950f180d04e2b5a21fd988ebc526284adbd676e291&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=556371191&response-content-disposition=attachment%3B%20filename%3Ddqxclarity.zip&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: ACE8:20F26:2879F10B:28D04469:66226DE9
X-Firefox-Spdy: h2

objects.githubusercontent.com/github-production-release-asset-2e65be/556371191/6d0b37ff-49c7-4d48-97bd-de5c9fe66a6d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240419%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240419T131313Z&X-Amz-Expires=300&X-Amz-Signature=7eba69e000d9cd3077a353950f180d04e2b5a21fd988ebc526284adbd676e291&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=556371191&response-content-disposition=attachment%3B%20filename%3Ddqxclarity.zip&response-content-type=application%2Foctet-stream

185.199.108.133

200 OK

2.8 MB

URL User Request GET HTTP/2
objects.githubusercontent.com/github-production-release-asset-2e65be/556371191/6d0b37ff-49c7-4d48-97bd-de5c9fe66a6d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240419%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240419T131313Z&X-Amz-Expires=300&X-Amz-Signature=7eba69e000d9cd3077a353950f180d04e2b5a21fd988ebc526284adbd676e291&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=556371191&response-content-disposition=attachment%3B%20filename%3Ddqxclarity.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
2.8 MB (2799551 bytes)
Hash
9f0fca7f8c35ae2b76669bc5c8c88455
c47be346149e1e9683f680dd7f7ac90965555de0
369019fefc4c41e4a04646e8cbd6388b85781afb5aa7451394ba0d52289e67a8

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/64

HTTP Headers

GET /github-production-release-asset-2e65be/556371191/6d0b37ff-49c7-4d48-97bd-de5c9fe66a6d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240419%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240419T131313Z&X-Amz-Expires=300&X-Amz-Signature=7eba69e000d9cd3077a353950f180d04e2b5a21fd988ebc526284adbd676e291&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=556371191&response-content-disposition=attachment%3B%20filename%3Ddqxclarity.zip&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-md5: nw/Kf4w1rit2ZpvFyMiEVQ==
last-modified: Wed, 17 Apr 2024 21:53:05 GMT
etag: "0x8DC5F28C3082481"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 68ac11e4-c01e-0068-1412-9187c5000000
x-ms-version: 2020-10-02
x-ms-creation-time: Wed, 17 Apr 2024 21:53:05 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=dqxclarity.zip
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 0
date: Fri, 19 Apr 2024 13:13:14 GMT
x-served-by: cache-iad-kcgs7200116-IAD, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 198, 0
x-timer: S1713532394.103869,VS0,VE500
content-length: 2799551
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (54)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers