Report - github.com/Nilsen84/lunar-client-qt/releases/download/v1.2.7/windows.zip

Report Overview

Submitted URL
github.com/Nilsen84/lunar-client-qt/releases/download/v1.2.7/windows.zip
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-03-28 19:45:19
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2024-03-28	990 B	16 MB	185.199.111.133
github.com	1423	2007-10-09	2016-07-13	2024-03-24	526 B	3.9 kB	140.82.121.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/429190157/45366d2b-5027-4ce5-84c9-02b4eced16f4?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T194443Z&X-Amz-Expires=300&X-Amz-Signature=a30a3f8e1a4405b5a44c3a935ae7326c072c414ac9a7dc256a5dd76a02463e2a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=429190157&response-content-disposition=attachment%3B%20filename%3Dwindows.zip&response-content-type=application%2Foctet-stream
IP
185.199.111.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
16 MB (16451999 bytes)
Hash
7263952072d4873ddd045a87fdd049ae
fea6a528a73a160863ce83fa3782c7dcab5a80ec
2df9fa2901dc512c26236deb8132d420297a70d4397fbc7b5e8fd47dadbc0e8d

Archive (30)

Filename

Md5

File type

Lunar Client Qt\libcrypto-3-x64.dll

848b4d3db422863762f2a67ca8855098

PE32+ executable (DLL) (console) x86-64, for MS Windows, 18 sections

Lunar Client Qt\libgcc_s_seh-1.dll

534b365361004828059600f05b34006d

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 11 sections

Lunar Client Qt\libssl-3-x64.dll

14bacf1cefcff8e8387f275d5cf58cf2

PE32+ executable (DLL) (console) x86-64, for MS Windows, 18 sections

Lunar Client Qt\libstdc++-6.dll

58f1c3e85a3714b9f5441c9b513e08bb

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 11 sections

Lunar Client Qt\libwinpthread-1.dll

db18b7ec5f93127e6099744ea9568c1b

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 12 sections

Lunar Client Qt\lunar-client-qt.exe

0ac54b702fc18ad15b7de0675b27e473

PE32+ executable (GUI) x86-64, for MS Windows, 15 sections

Lunar Client Qt\Qt5Core.dll

f38f9d503157c6b2401801f9572fd048

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\Qt5Gui.dll

fc7d92feb89f055f7f19169e7a1f3621

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 13 sections

Lunar Client Qt\Qt5Network.dll

94da65cb700658388a9cc3478abee446

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 13 sections

Lunar Client Qt\Qt5Svg.dll

7b80103c5e287dc427a6e9435ab05f35

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 13 sections

Lunar Client Qt\Qt5Widgets.dll

f4cf06dedf04a732be32acd1291cf032

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 13 sections

Lunar Client Qt\agents (DON'T TOUCH)\CustomAutoGG

6f4b88d359c766aa634563db694acbd7

Zip archive data, at least v1.0 to extract, compression method=deflate

Lunar Client Qt\agents (DON'T TOUCH)\CustomLevelHead

d5c5b318d3b859cef36bc2b10b281b45

Zip archive data, at least v1.0 to extract, compression method=deflate

Lunar Client Qt\agents (DON'T TOUCH)\NickLevel

9d70c13eb95144ab91ea16b195fad7f0

Zip archive data, at least v1.0 to extract, compression method=deflate

Lunar Client Qt\agents (DON'T TOUCH)\UnlockCosmetics

5900976c3375435e3b463fdc12f9d9f3

Zip archive data, at least v2.0 to extract, compression method=deflate

Lunar Client Qt\bearer\qgenericbearer.dll

d3df6e5210541f5e719ce2691a79f203

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\iconengines\qsvgicon.dll

4f717969032d4cb764a58a88b69c9389

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\imageformats\qgif.dll

6643793ba0c0d45dd5cccde0a5b25d33

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\imageformats\qicns.dll

6cad5fde4760196bef345ba4aaf8b921

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\imageformats\qico.dll

7da403414b84b57eaee35fef9a907152

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\imageformats\qjpeg.dll

5efa4cbf69cea6e2e5db46492b6fb31a

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\imageformats\qsvg.dll

0cf17da428a03ff8825abca5405da38a

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\imageformats\qtga.dll

86ee3c496d61bfc93bbad3c1234d8710

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\imageformats\qtiff.dll

c073546b7fcfb2541cd3da1542542388

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\imageformats\qwbmp.dll

226ac86d3401242f3ef518adbaacb4e7

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\imageformats\qwebp.dll

5c71d226462237ca2d3e9773360bc82f

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\libs (DON'T TOUCH)\asm-9

8f184dce9b1bedc675d4a3640d43ddf0

Java archive data (JAR)

Lunar Client Qt\libs (DON'T TOUCH)\asm-tree-9

9c45524e94b19cc8b614b9e81ad544e2

Java archive data (JAR)

Lunar Client Qt\platforms\qwindows.dll

7c0f42ae64400b354ce7ea9bcaba32c5

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Lunar Client Qt\styles\qwindowsvistastyle.dll

feb4726f427184278dc3f5cf001429df

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 14 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/59

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

github.com/Nilsen84/lunar-client-qt/releases/download/v1.2.7/windows.zip

140.82.121.4

302 Found

0 B

URL User Request GET HTTP/2
github.com/Nilsen84/lunar-client-qt/releases/download/v1.2.7/windows.zip
IP
140.82.121.4:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /Nilsen84/lunar-client-qt/releases/download/v1.2.7/windows.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Thu, 28 Mar 2024 19:44:43 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/429190157/45366d2b-5027-4ce5-84c9-02b4eced16f4?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T194443Z&X-Amz-Expires=300&X-Amz-Signature=a30a3f8e1a4405b5a44c3a935ae7326c072c414ac9a7dc256a5dd76a02463e2a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=429190157&response-content-disposition=attachment%3B%20filename%3Dwindows.zip&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: BB51:B81B8:1A3D54D:1A79196:6605C8AA
X-Firefox-Spdy: h2

objects.githubusercontent.com/github-production-release-asset-2e65be/429190157/45366d2b-5027-4ce5-84c9-02b4eced16f4?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T194443Z&X-Amz-Expires=300&X-Amz-Signature=a30a3f8e1a4405b5a44c3a935ae7326c072c414ac9a7dc256a5dd76a02463e2a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=429190157&response-content-disposition=attachment%3B%20filename%3Dwindows.zip&response-content-type=application%2Foctet-stream

185.199.111.133

200 OK

16 MB

URL User Request GET HTTP/2
objects.githubusercontent.com/github-production-release-asset-2e65be/429190157/45366d2b-5027-4ce5-84c9-02b4eced16f4?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T194443Z&X-Amz-Expires=300&X-Amz-Signature=a30a3f8e1a4405b5a44c3a935ae7326c072c414ac9a7dc256a5dd76a02463e2a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=429190157&response-content-disposition=attachment%3B%20filename%3Dwindows.zip&response-content-type=application%2Foctet-stream
IP
185.199.111.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
16 MB (16451999 bytes)
Hash
7263952072d4873ddd045a87fdd049ae
fea6a528a73a160863ce83fa3782c7dcab5a80ec
2df9fa2901dc512c26236deb8132d420297a70d4397fbc7b5e8fd47dadbc0e8d

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/59

HTTP Headers

GET /github-production-release-asset-2e65be/429190157/45366d2b-5027-4ce5-84c9-02b4eced16f4?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T194443Z&X-Amz-Expires=300&X-Amz-Signature=a30a3f8e1a4405b5a44c3a935ae7326c072c414ac9a7dc256a5dd76a02463e2a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=429190157&response-content-disposition=attachment%3B%20filename%3Dwindows.zip&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-md5: cmOVIHLUhz3dBFqH/dBJrg==
last-modified: Mon, 06 Jun 2022 23:08:42 GMT
etag: "0x8DA48117FF9B269"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f4a8713d-201e-002d-4748-815226000000
x-ms-version: 2020-10-02
x-ms-creation-time: Mon, 06 Jun 2022 23:08:42 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=windows.zip
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 0
date: Thu, 28 Mar 2024 19:44:43 GMT
x-served-by: cache-iad-kcgs7200093-IAD, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 4, 0
x-timer: S1711655083.183106,VS0,VE511
content-length: 16451999
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (30)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers