Report - cdn.discordapp.com/attachments/1370498676702580879/1370501160674529451/GenP.v3.5.0-CGP.zip?ex=681fba2b&is=681e68ab&hm=ca93e8f7ec62a393e359ee424939923e8558aa987765fcab9b4ff58ed7c42461&

Report Overview

Visited public
2025-05-09 20:43:19
Tags
URL
cdn.discordapp.com/attachments/1370498676702580879/1370501160674529451/GenP.v3.5.0-CGP.zip?ex=681fba2b&is=681e68ab&hm=ca93e8f7ec62a393e359ee424939923e8558aa987765fcab9b4ff58ed7c42461&
Finishing URL
about:privatebrowsing
IP / ASN
162.159.133.233
#13335 CLOUDFLARENET
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.discordapp.com	2474	2015-02-26	2015-08-24	2025-05-07	651 B	747 kB	162.159.133.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
cdn.discordapp.com/attachments/1370498676702580879/1370501160674529451/GenP.v3.5.0-CGP.zip?ex=681fba2b&is=681e68ab&hm=ca93e8f7ec62a393e359ee424939923e8558aa987765fcab9b4ff58ed7c42461&
IP
162.159.133.233
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
746 kB (745545 bytes)
Hash
c6c5d8125aadedbd2dc78ed8ba237582
f9b45604b3513e03d0d80de6498d4ba2cce7c2c3
e54094a4b0cb56e1c2c76d358990b2543d12421fc26e4cef112905264f5a3891

Archive (5)

Filename

Md5

File type

config.ini

3d6ace120bb21ef7661f9baa3a828ba0

Generic INItialization configuration [TargetFiles]

GenP 3.5.0.exe

362a9b5ab6c70aff8c686fd35602e999

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

AdobeGenP-3.5.0.au3

4607b85345742b5f6913a88802c138d7

C source, ASCII text, with CRLF line terminators

config.ini

3d6ace120bb21ef7661f9baa3a828ba0

Generic INItialization configuration [TargetFiles]

Skull.ico

c37b537e533890560fe52664a7f1c1a0

MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel

Detections

Analyzer	Verdict	Alert
Public InfoSec YARA rules	malware	Identifies compiled AutoIT script (as EXE).
VirusTotal	malicious	VirusTotal - Scan result 21/67

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

cdn.discordapp.com/attachments/1370498676702580879/1370501160674529451/GenP.v3.5.0-CGP.zip?ex=681fba2b&is=681e68ab&hm=ca93e8f7ec62a393e359ee424939923e8558aa987765fcab9b4ff58ed7c42461&

162.159.133.233

200 OK

746 kB

URL User Request GET
cdn.discordapp.com/attachments/1370498676702580879/1370501160674529451/GenP.v3.5.0-CGP.zip?ex=681fba2b&is=681e68ab&hm=ca93e8f7ec62a393e359ee424939923e8558aa987765fcab9b4ff58ed7c42461&
IP
162.159.133.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdiscordapp.com
Fingerprint2F:5F:0F:47:D0:0D:C1:87:16:29:BB:8D:62:E7:94:21:38:2D:16:5F
ValiditySat, 15 Mar 2025 04:05:12 GMT - Fri, 13 Jun 2025 05:05:09 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
746 kB (745545 bytes)
Hash
c6c5d8125aadedbd2dc78ed8ba237582
f9b45604b3513e03d0d80de6498d4ba2cce7c2c3
e54094a4b0cb56e1c2c76d358990b2543d12421fc26e4cef112905264f5a3891

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 21/67

HTTP Headers

GET /attachments/1370498676702580879/1370501160674529451/GenP.v3.5.0-CGP.zip?ex=681fba2b&is=681e68ab&hm=ca93e8f7ec62a393e359ee424939923e8558aa987765fcab9b4ff58ed7c42461& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 May 2025 20:42:47 GMT
content-type: application/zip
content-length: 745545
cf-ray: 93d406786edbb4f9-OSL
cf-cache-status: MISS
accept-ranges: bytes, bytes
cache-control: public, max-age=31536000
content-disposition: attachment; filename="GenP.v3.5.0-CGP.zip"
etag: "c6c5d8125aadedbd2dc78ed8ba237582"
expires: Sat, 09 May 2026 20:42:46 GMT
last-modified: Fri, 09 May 2025 20:42:19 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1746823339465598
x-goog-hash: crc32c=+MFPQQ==, md5=xsXYElqt7b0tx47YuiN1gg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 745545
x-guploader-uploadid: AAO2Vwrgi8076U_HS9qVWSnebeor6146Qmyx56PMgFGM9CdpctBk43xuzEj_TbEwta263Hym
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djqmKOFjyV83fLyAkMTMNtWWvorednvt9924a3ujMt51o3dncAHY2b0zMuCyb8qvszkCmqwuIkqCf62uTXyinEQ%2BBf7UnJ%2BYiOL9hstXKwaDT%2FKK3iIkv%2BP0TtwNZgqs%2BKoaCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=DebyhozjStubQvmOU4b2JGqBlM_w2F9SAoGggFu6VD8-1746823367-1.0.1.1-I6blVwQLayextvH.tYOo2xOoRkBTtqqOg9GiOh0PdetFizSrSS_kbIpjeVchcZQBGR4su4TvNCUeMX8uMN3GRGM9oQKRiBcC7UO63xVYx9c; path=/; expires=Fri, 09-May-25 21:12:47 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=7UiigOC7gJTuwY39Y5bsK4YjkWptK_NvlZybofwRRtg-1746823367200-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (5)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers