Report - raw.githubusercontent.com/OrzScript/RC7-Executor/refs/heads/main/RC7Blue.zip

Report Overview

Visited public
2025-05-08 15:32:02
Tags
URL
raw.githubusercontent.com/OrzScript/RC7-Executor/refs/heads/main/RC7Blue.zip
Finishing URL
about:privatebrowsing
IP / ASN
185.199.111.133
#54113 FASTLY
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
raw.githubusercontent.com	35802	2014-02-06	2014-03-01	2025-05-07	544 B	7.7 MB	185.199.110.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
raw.githubusercontent.com/OrzScript/RC7-Executor/refs/heads/main/RC7Blue.zip
IP
185.199.110.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
7.7 MB (7721639 bytes)
Hash
2319e2b07a6c7c73c9e6d9b63b4d14b5
e83f3058517358506bf4215333d62c626d099d4b
af2a5dc53f4f8c9fea7daf4efd402062c87fcc6483876556f01e7587c84a511b

Archive (29)

Filename

Md5

File type

Auto_In.bmp

9f07eb5ac04d49b394bc94104b6acc5a

PC bitmap, Windows 3.x format, 30 x 30 x 32, image size 3600, resolution 2834 x 2834 px/m, cbSize 3654, bits offset 54

libcrypto-3-x64.dll

be0f6d1d60e149cedaca33a04963e05f

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

libssl-3-x64.dll

733e3b58ee1760a442fec4712848c3ad

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

xxhash.dll

70c514826d9428f184d27f0c8f397404

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

zstd.dll

5b96fb0d4e6453680da278f5b7e51a29

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Button_Clicked.bmp

8759f845318b489aff36165644bf8137

PC bitmap, Windows 3.x format, 100 x 23 x 24, image size 6900, resolution 2834 x 2834 px/m, cbSize 6954, bits offset 54

Button_Hover.bmp

ed334aedea57b65dca00b5f1ba986bb0

PC bitmap, Windows 3.x format, 100 x 23 x 24, image size 6900, resolution 2834 x 2834 px/m, cbSize 6954, bits offset 54

Button_Idle.bmp

3c8984ad92bad20ba68b4f48f69bca6b

PC bitmap, Windows 3.x format, 100 x 23 x 24, image size 6900, resolution 2834 x 2834 px/m, cbSize 6954, bits offset 54

FastColoredTextBox.dll

896e676b61d15acec71bc4c485671c80

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Google_Drive_In.bmp

1ae4f60c0a13638d3cfaffe6bc2abc56

PC bitmap, Windows 3.x format, 30 x 30 x 32, image size 3600, resolution 2834 x 2834 px/m, cbSize 3654, bits offset 54

Hide_Save.bmp

e05249b657dbeefe92757f2fabccc0d2

PC bitmap, Windows 3.x format, 39 x 328 x 24, image size 39360, resolution 2834 x 2834 px/m, cbSize 39414, bits offset 54

Hide_Side.bmp

e05249b657dbeefe92757f2fabccc0d2

PC bitmap, Windows 3.x format, 39 x 328 x 24, image size 39360, resolution 2834 x 2834 px/m, cbSize 39414, bits offset 54

Injector.exe

f30930e1e01e44a73ffa6077d48d9fef

PE32+ executable (console) x86-64, for MS Windows, 10 sections

Krystal_In.bmp

6c7ed9d60ffeedaebea4fe2a085b6681

PC bitmap, Windows 3.x format, 30 x 30 x 32, image size 3600, resolution 2834 x 2834 px/m, cbSize 3654, bits offset 54

MainUI.bmp

3eaefdfb19287629348295c14cc7c8d2

PC bitmap, Windows 98/2000 and newer format, 339 x 328 x 32, cbSize 444906, bits offset 138

RC7Executor.deps.json

db0b912e550766e0ff764986d5037f4a

JSON text data

RC7Executor.dll

6cab6f780666097fb44a3eef7e07d619

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

RC7Executor.exe

d8d5e7dffabf89ae6601dab2ddca1210

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

RC7Executor.pdb

250937a1fcbfabb9b0dfac14d05ae6b0

Microsoft Roslyn C# debugging symbols version 1.0

RC7Executor.runtimeconfig.json

e0f6f18f9b152bc2d8c710b0214805d6

JSON text data

Save_In.bmp

a41c69985152925a91e105323ce0277c

PC bitmap, Windows 3.x format, 30 x 30 x 32, image size 3600, resolution 2834 x 2834 px/m, cbSize 3654, bits offset 54

S_Button_Click.bmp

ad70b99c9a861ebd16ff54254d20fa3b

PC bitmap, Windows 3.x format, 95 x 25 x 32, image size 9500, resolution 2834 x 2834 px/m, cbSize 9554, bits offset 54

S_Button_Hover.bmp

bdb036cd54ff291e3193edf460587bb5

PC bitmap, Windows 3.x format, 95 x 25 x 32, image size 9500, resolution 2834 x 2834 px/m, cbSize 9554, bits offset 54

S_Button_Idle.bmp

85b62f3297228256b13668ca2fb3f1e2

PC bitmap, Windows 3.x format, 95 x 25 x 32, image size 9500, resolution 2834 x 2834 px/m, cbSize 9554, bits offset 54

TextBox.bmp

3d9fb26550a36867be46862587faf3b1

PC bitmap, Windows 3.x format, 156 x 24 x 32, image size 14978, resolution 2834 x 2834 px/m, cbSize 15032, bits offset 54

Vanity.dll

4d46530581c85171f6a8cafee4114e0f

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

VanityAPI.dll

0d0915cd4570ca53951491ce93f6ec2d

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Wofly_In.bmp

36633e5febc8075f1af181eb5b3a601b

PC bitmap, Windows 3.x format, 30 x 30 x 32, image size 3600, resolution 2834 x 2834 px/m, cbSize 3654, bits offset 54

WordWrap_In.bmp

e1c9ad4741f1529680e7c226e5723640

PC bitmap, Windows 3.x format, 30 x 30 x 32, image size 3600, resolution 2834 x 2834 px/m, cbSize 3654, bits offset 54

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 13/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

raw.githubusercontent.com/OrzScript/RC7-Executor/refs/heads/main/RC7Blue.zip

185.199.110.133

200 OK

7.7 MB

URL User Request GET
raw.githubusercontent.com/OrzScript/RC7-Executor/refs/heads/main/RC7Blue.zip
IP
185.199.110.133:443
ASN
#54113 FASTLY

Certificate
IssuerSectigo Limited
Subject*.github.io
Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91
ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
7.7 MB (7721639 bytes)
Hash
2319e2b07a6c7c73c9e6d9b63b4d14b5
e83f3058517358506bf4215333d62c626d099d4b
af2a5dc53f4f8c9fea7daf4efd402062c87fcc6483876556f01e7587c84a511b

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 13/65

HTTP Headers

GET /OrzScript/RC7-Executor/refs/heads/main/RC7Blue.zip HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
etag: W/"216f0c152d6ff07924664e15171689c4d8378637c17375819560a318ec1daf2a"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 8CBE:141E12:250BE0:286790:681CCA9B
accept-ranges: bytes
date: Thu, 08 May 2025 15:31:27 GMT
via: 1.1 varnish
x-served-by: cache-hel1410031-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1746718287.474185,VS0,VE181
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 5d5c4855089b3ed3b9b3b4a195f63afef70e25d7
expires: Thu, 08 May 2025 15:36:27 GMT
source-age: 0
content-length: 7721639
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (29)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers