Report Overview
Visitedpublic
2024-11-09 10:22:21
Tags
Submit Tags
URL
github.com/cagritaskn/GoodbyeDPI-Turkey/releases/download/release-0.2.3rc3-turkey/goodbyedpi-0.2.3rc3-turkey.zip
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.3
#36459 GITHUB
Title
about:privatebrowsing

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Host Summary

HostRankRegisteredFirst SeenLast Seen
github.com
14232007-10-092016-07-132024-11-06
objects.githubusercontent.com
1340602014-02-062021-11-012024-11-06

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Mnemonic Secure DNS

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


File detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/871120430/469e5713-0b61-42ce-a1cb-a8c9c7d4daad?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241109%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241109T102156Z&X-Amz-Expires=300&X-Amz-Signature=a50c2fcc4dece9eea935381c9cd94d59d76b1eb646e013907e3b3ff61d0adfe8&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dgoodbyedpi-0.2.3rc3-turkey.zip&response-content-type=application%2Foctet-stream
IP / ASN
185.199.110.133
#54113 FASTLY
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=store
Size301 kB (300596 bytes)
MD5f1c0c98533a0e83a907ece851cf10be0
SHA1cd6172b57ce6e4f6962f004b8b7b269da3670d0f
Archive (18)
FilenameMD5File type
LICENSE-getline.txt3a7edebc3612bcea2306f73b92342a44ASCII text, with CRLF line terminators
LICENSE-goodbyedpi.txtc4082b6c254c9fb71136710391d9728bASCII text, with CRLF line terminators
LICENSE-uthash.txt5cc1f1e4c71f19f580458586756c02b4ASCII text
LICENSE-windivert.txtb864fbb188a7c3a11cef80f3ee902d77ASCII text, with CRLF line terminators
service_install_dnsredir_turkey.cmd1d99e2f8732b9fd45976e6b04333dc5dDOS batch file, ASCII text
service_install_dnsredir_turkey_alternative2_superonline.cmd69dc962bacf97b8eb4b4dd1651d7c853DOS batch file, ASCII text
service_install_dnsredir_turkey_alternative_superonline.cmd94e9c3736782072573a2c7461cb4b9aeDOS batch file, ASCII text
service_remove.cmdc7408036de5b349c3526fd1ffabaad0aDOS batch file, ASCII text
turkey_dnsredir.cmd775a903331912fd9867a99b994e1b859DOS batch file, ASCII text
turkey_dnsredir_alternative2_superonline.cmd2e479250a2d20c6d2d5fc5171528694bDOS batch file, ASCII text
turkey_dnsredir_alternative_superonline.cmd0180ec1cb44c76a9a026e04f681ef354DOS batch file, ASCII text
goodbyedpi.exe9c3f16d5a0aff180f9d04ae6c0fe1f28PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 11 sections
WinDivert.dll1cb0efd60883b5637b31bf46c34ae199PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 7 sections
WinDivert32.syscd477ee96ff05cacda8ac3c0e9316d7aPE32 executable (native) Intel 80386, for MS Windows, 6 sections
WinDivert64.sys6a33620de63bccaf5e5314ee49cd58fbPE32+ executable (native) x86-64, for MS Windows, 8 sections
goodbyedpi.exeafa7f66231b9cec7237e738b622c0181PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 12 sections
WinDivert.dll88e1c19b978436258f7c938013408a8aPE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections
WinDivert64.sys6a33620de63bccaf5e5314ee49cd58fbPE32+ executable (native) x86-64, for MS Windows, 8 sections

Detections

AnalyzerVerdictAlert
Public Nextron YARA rulesmalware
Detects WinDivert User-Mode packet capturing driver
Public Nextron YARA rulesmalware
Detects WinDivert User-Mode packet capturing driver
VirusTotalsuspicious
VirusTotal - Scan result 2/66

JavaScript (0)

HTTP Transactions (2)

URLIPResponseSize