Report - github.com/AnonymousHacker20292/srcode/raw/main/goose.zip

Report Overview

Submitted URL
github.com/AnonymousHacker20292/srcode/raw/main/goose.zip
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-04-18 16:06:29
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-03-24	511 B	3.5 kB	140.82.121.3
raw.githubusercontent.com	35802	2014-02-06	2014-03-01	2024-04-18	522 B	4.3 MB	185.199.111.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
raw.githubusercontent.com/AnonymousHacker20292/srcode/main/goose.zip
IP
185.199.111.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
4.3 MB (4255210 bytes)
Hash
6831f20d54bdeeabba96f8a6b1fb0d8a
172f00b5424ba3a6a0bb3d26efa281474df5bb26
aeb44dd67514428f41a41ce9fd5e4297184278de06153181312fac98f8c237ff

Archive (33)

Filename

Md5

File type

MemeAttributions.txt

fc280867f6cf727ff169b24371019a93

ASCII text, with CRLF line terminators

GooseDance.gif

b89e8c268b06e14d2dacabadcc1b7bfc

GIF image data, version 89a, 500 x 375

Meme1.png

ec6a7941aa0d1c3cd0a7b724324fbb96

PNG image data, 640 x 620, 8-bit colormap, non-interlaced

Meme2.png

4f21b82bac2893afec41a77eb024e3bb

PNG image data, 640 x 479, 8-bit/color RGB, non-interlaced

Meme3.png

cef6b9818bc01655614fb969cffc155f

PNG image data, 828 x 817, 8-bit colormap, non-interlaced

Meme4.png

af4bef7b9f4f37ac62e782b5b59d02aa

PNG image data, 960 x 720, 8-bit colormap, non-interlaced

Meme5.png

01f620eda22ae06fbcc60500374fdd88

PNG image data, 538 x 447, 8-bit colormap, non-interlaced

Meme6.png

e46d6d7154cebf37d064c537f5d01f36

PNG image data, 960 x 960, 8-bit colormap, non-interlaced

Meme7.png

245f29e1e0905c497306c8f06f503244

PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced

DonatePage.png

2e137058fea9426215796ff5c341d4aa

PNG image data, 500 x 600, 8-bit/color RGB, non-interlaced

heart.png

76f468aa187e5c042c7ef5ae6a8a0753

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

Autumn.dll

ad4b80cc7ea519628734687452b8ac0e

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Rename me to just Music.mp3

3c954d9b4b6d739ef833fe72511f258b

Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo

BITE.mp3

5436e6aebabf071c1d832071a01b8bcd

MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Monaural

Honk1.mp3

db2b7cf36003b2b653df6f3ca986e007

Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural

Honk2.mp3

3b86bf25cd702a3a071590f088fabf64

Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural

Honk3.mp3

bcd1908ce864cb01a222b5cc791d7758

Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural

Honk4.mp3

9b24558524e7f3ec1dd7d123d10541fc

Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural

MudSquith.mp3

b2354d238829d09c54e272d8b4f60189

Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo

am goose.txt

9ce4fbca1e49909c6b3e2359a5dc07a8

Unicode text, UTF-8 (with BOM) text, with no line terminators

good work.txt

742d0427481d1a2c7171c4bd931bba03

Unicode text, UTF-8 (with BOM) text, with no line terminators

gooseASCII1.txt

dd50e283e56b85d013636d9672edbfec

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

hard to type.txt

2655615ac813249e7f1370309a34e898

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

i cause problems.txt

f2703993f83add3a0f08e784a32685da

Unicode text, UTF-8 (with BOM) text, with no line terminators

peace was never.txt

7bbce054f64616da370f0fc6cf661a6f

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Autumn.txt

1438ee5e893c01a0901e65184729dd7d

ASCII text, with CRLF line terminators

changelog.txt

a257892446bd4f88fe97f83dd26a3a01

ASCII text, with very long lines (306), with CRLF line terminators

config.ini

0288c130074a043df404ac331b9842b3

ASCII text

GooseDesktop.exe

c883e2c769ebe56240a71260b17f1b93

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

GooseModdingAPI.dll

9eb11041f2f11d939074e26b4b554088

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

MMQ.dll

e27e8063b337045e69dc37964db09e35

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

patrons.txt

5ec0126112248aea6de1d86200e7b28e

Hewlett-Packard Graphics Language, starting with "SPECIAL THANKS TO THE GLORIOUS PATRONS of patreon.com/" with " ========="

Read me! Honk.txt

e4d12d2f2d12b38252ec25e28757fe1d

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 10/66

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

github.com/AnonymousHacker20292/srcode/raw/main/goose.zip

140.82.121.3

302 Found

0 B

URL User Request GET HTTP/2
github.com/AnonymousHacker20292/srcode/raw/main/goose.zip
IP
140.82.121.3:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AnonymousHacker20292/srcode/raw/main/goose.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Thu, 18 Apr 2024 16:06:03 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin: 
location: https://raw.githubusercontent.com/AnonymousHacker20292/srcode/main/goose.zip
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: C9B6:337554:1FBFB063:200208C6:662144EB
X-Firefox-Spdy: h2

raw.githubusercontent.com/AnonymousHacker20292/srcode/main/goose.zip

185.199.111.133

200 OK

4.3 MB

URL User Request GET HTTP/2
raw.githubusercontent.com/AnonymousHacker20292/srcode/main/goose.zip
IP
185.199.111.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
4.3 MB (4255210 bytes)
Hash
6831f20d54bdeeabba96f8a6b1fb0d8a
172f00b5424ba3a6a0bb3d26efa281474df5bb26
aeb44dd67514428f41a41ce9fd5e4297184278de06153181312fac98f8c237ff

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 10/66

HTTP Headers

GET /AnonymousHacker20292/srcode/main/goose.zip HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
etag: W/"429e7ccf9ff38ea3959f91dcb4bf0521849e1b69084e3cf2489ea84964effe45"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 2EFE:2C0C22:2E8D6DA:31170A4:662144EB
accept-ranges: bytes
date: Thu, 18 Apr 2024 16:06:04 GMT
via: 1.1 varnish
x-served-by: cache-hel1410025-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713456364.019643,VS0,VE458
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 0b39b6ba4292cc38984fe4cde21c8ed60cd6f495
expires: Thu, 18 Apr 2024 16:11:04 GMT
source-age: 0
content-length: 4255210
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (33)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers