Report - github.com/SeriousCache/UABE/releases/download/v3.0-beta1/AssetBundleExtractor_3.0beta1

Report Overview

Submitted URL
github.com/SeriousCache/UABE/releases/download/v3.0-beta1/AssetBundleExtractor_3.0beta1_64bit.zip
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-04-17 16:55:11
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-03-24	551 B	4.0 kB	140.82.121.3
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2024-04-17	1.0 kB	5.5 MB	185.199.109.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/42009172/b19d4f3e-ca98-4451-abf6-bfb20ec6da0f?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240417%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240417T165443Z&X-Amz-Expires=300&X-Amz-Signature=9caa04fb4380000d8901522890a556ba310578b0d1a505403752596c6d23ab65&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=42009172&response-content-disposition=attachment%3B%20filename%3DAssetBundleExtractor_3.0beta1_64bit.zip&response-content-type=application%2Foctet-stream
IP
185.199.109.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
5.5 MB (5492500 bytes)
Hash
094474d391d64d5400d89fbe22cd77b4
979eb588cb498cf5ac4c771d141fafe4ba44af3c
803384cfd183884a81fbb077d109b76c9a1dddbe512e4398988c8de81ca270a2

Archive (40)

Filename

Md5

File type

AssetBundleExtractor.exe

4b4a95cc250b63651d079c372989be16

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

AssetsTools.dll

7b11cb22ecb0ad4ab6e9a2dcafa07b72

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

classdata.tpk

53a535ae8fa3f78609e02cb8c23134ca

data

CrnlibWrapLegacy.dll

27212bd81469e81ac47911881358e820

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

CrnlibWrapUnity.dll

4c7ca65f1c1dd082655bef11f37bc33c

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

fmod64.dll

040775e1731b377212be1b3afbecdda8

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections

ispc_texcomp.dll

25d5c386ed5f94c8ef30ade870ba4070

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

assimp_license.txt

14b3fb6767ddb6f19f066be94a11d2c2

ASCII text, with CRLF line terminators

astcenc_license.txt

a30530f41e752d4ced7cae5cbb7f52a0

ASCII text, with CRLF line terminators

cecil_license.txt

4cc72ae97c8b623bd69a4de2539f9728

ASCII text, with CRLF line terminators

crunch-unity-license.txt

4df7a0e9b4515a07be7cbeeec06651fc

ASCII text, with CRLF line terminators

half_license.txt

29145b8f7e16d6308bba008fcf9050ee

ASCII text, with CRLF line terminators

ispc_texcomp_license.txt

986c2507331c13ba7562b35a1152f1fe

ASCII text, with CRLF line terminators

jsmn_license.txt

d676c1cb46eb5062bb161695c3e81305

ASCII text, with CRLF line terminators

libfgen_lgpl.txt

38138baa100d7259934590850bc0406e

ASCII text, with CRLF line terminators

libfgen_license.txt

efcb6875753c8f3e6061efd61f2912f5

ASCII text, with CRLF line terminators

libsquish_license.txt

6665e479f71feb92d590ea9ae9b9f6d5

ASCII text

license.txt

d9fc0efef5228704e7f5b37f27192723

ASCII text

LodePNG_license.txt

bd6dfcbee33ef692f4051bccca8464a2

ASCII text, with CRLF line terminators

lz4_license.txt

3fcf5351804945b31bf666cb044ce1e7

ASCII text, with CRLF line terminators

mctrl_license.txt

7ec7420ba5152e532d9ebb1c25ee92c2

ASCII text, with CRLF line terminators

pthreads_license.txt

f14599a2f089f6ff8c97e2baa4e3d575

ASCII text, with CRLF line terminators

texgenpack_license.txt

e2ce092130488a87260df8e41f73e112

ASCII text, with CRLF line terminators

vgmstream_license.txt

70f3cf1348553d92fab941ed7086f69e

ASCII text, with CRLF line terminators

mCtrl.dll

8c08b19b777de3f1164bf50485163186

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

ModInstaller.dll

668dad5d6887b5fbda8694c3d8ecaf78

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

AudioClip.bep

f11e22671f6a45d4df0b1357d328c964

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Mesh.bep

5f917514b0cc7e1629b0ae268300e0e9

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

TextAsset.bep

08341f38e08d5c276fcb9642032862ec

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Texture.bep

219e2dfac6720290e5679d775fa55a71

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Utility.bep

57a911c43843bb80a886d49a3159c0e5

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

PVRTexLib.dll

ce70b7e50cde35396af8b488da24e343

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

Readme.License.txt

d027d557bb874a482e4a07743ec60942

ISO-8859 text, with CRLF line terminators

texgenpack.dll

9b79437e3a1222fdd1e3dcfb03d2e592

PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections

TexToolWrap.dll

ff542ac31de72b28abbc4120195ebf00

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Mono.Cecil.dll

de69bb29d6a9dfb615a90df3580d63b1

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Mono.Cecil.Rocks.dll

6e7f0f4fff6c49e3f66127c23b7f1a53

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

TypeTreeGenerator.exe

435bd42ea77344ab3a6d0ad559fbbde2

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

UABE_Generic.dll

67c833d897cda250f7f9fe71e6c57b72

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

UABE_Win32.dll

3f407da12bb2b03ffbd81852aa2d15f3

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	malicious	VirusTotal - Scan result 14/65

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

github.com/SeriousCache/UABE/releases/download/v3.0-beta1/AssetBundleExtractor_3.0beta1_64bit.zip

140.82.121.3

302 Found

0 B

URL User Request GET HTTP/2
github.com/SeriousCache/UABE/releases/download/v3.0-beta1/AssetBundleExtractor_3.0beta1_64bit.zip
IP
140.82.121.3:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /SeriousCache/UABE/releases/download/v3.0-beta1/AssetBundleExtractor_3.0beta1_64bit.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Wed, 17 Apr 2024 16:54:43 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/42009172/b19d4f3e-ca98-4451-abf6-bfb20ec6da0f?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240417%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240417T165443Z&X-Amz-Expires=300&X-Amz-Signature=9caa04fb4380000d8901522890a556ba310578b0d1a505403752596c6d23ab65&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=42009172&response-content-disposition=attachment%3B%20filename%3DAssetBundleExtractor_3.0beta1_64bit.zip&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 5538:29BC17:12F8AF8E:1324C411:661FFED3
X-Firefox-Spdy: h2

objects.githubusercontent.com/github-production-release-asset-2e65be/42009172/b19d4f3e-ca98-4451-abf6-bfb20ec6da0f?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240417%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240417T165443Z&X-Amz-Expires=300&X-Amz-Signature=9caa04fb4380000d8901522890a556ba310578b0d1a505403752596c6d23ab65&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=42009172&response-content-disposition=attachment%3B%20filename%3DAssetBundleExtractor_3.0beta1_64bit.zip&response-content-type=application%2Foctet-stream

185.199.109.133

200 OK

5.5 MB

URL User Request GET HTTP/2
objects.githubusercontent.com/github-production-release-asset-2e65be/42009172/b19d4f3e-ca98-4451-abf6-bfb20ec6da0f?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240417%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240417T165443Z&X-Amz-Expires=300&X-Amz-Signature=9caa04fb4380000d8901522890a556ba310578b0d1a505403752596c6d23ab65&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=42009172&response-content-disposition=attachment%3B%20filename%3DAssetBundleExtractor_3.0beta1_64bit.zip&response-content-type=application%2Foctet-stream
IP
185.199.109.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
5.5 MB (5492500 bytes)
Hash
094474d391d64d5400d89fbe22cd77b4
979eb588cb498cf5ac4c771d141fafe4ba44af3c
803384cfd183884a81fbb077d109b76c9a1dddbe512e4398988c8de81ca270a2

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 14/65

HTTP Headers

GET /github-production-release-asset-2e65be/42009172/b19d4f3e-ca98-4451-abf6-bfb20ec6da0f?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240417%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240417T165443Z&X-Amz-Expires=300&X-Amz-Signature=9caa04fb4380000d8901522890a556ba310578b0d1a505403752596c6d23ab65&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=42009172&response-content-disposition=attachment%3B%20filename%3DAssetBundleExtractor_3.0beta1_64bit.zip&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-md5: CUR005HWTVQA2J++Is13tA==
last-modified: Mon, 25 Apr 2022 12:34:06 GMT
etag: "0x8DA26B7E3728F07"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0b394608-801e-001b-60c1-8adf56000000
x-ms-version: 2020-10-02
x-ms-creation-time: Mon, 25 Apr 2022 12:34:06 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=AssetBundleExtractor_3.0beta1_64bit.zip
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 17 Apr 2024 16:54:44 GMT
age: 0
x-served-by: cache-iad-kjyo7100063-IAD, cache-hel1410033-HEL
x-cache: HIT, MISS
x-cache-hits: 2083, 0
x-timer: S1713372884.870352,VS0,VE502
content-length: 5492500
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (40)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers