Report - raw.githubusercontent.com/Suwie0011/Harmless-Malwares/refs/heads/main/Harmless%20Virus.zip

Report Overview

Visited public
2025-05-05 09:25:52
Tags
URL
raw.githubusercontent.com/Suwie0011/Harmless-Malwares/refs/heads/main/Harmless%20Virus.zip
Finishing URL
about:privatebrowsing
IP / ASN
185.199.109.133
#54113 FASTLY
Title
about:privatebrowsing

Detections

urlquery

0

Network Intrusion Detection

0

Threat Detection Systems

11

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
raw.githubusercontent.com	35802	2014-02-06	2014-03-01	2025-04-30	558 B	520 kB	185.199.111.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
raw.githubusercontent.com/Suwie0011/Harmless-Malwares/refs/heads/main/Harmless%20Virus.zip
IP
185.199.111.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
519 kB (519303 bytes)
Hash
f82bb10bf0c7a05222814438832d5cac
5db6d8b74bf99f4f21c81965ea39d589efb24269
6367c30d93f00e54ddb9078cc68e1bd9645b79cda39791f355fe743771cb5364

Archive (11)

Filename

Md5

File type

salinewin-safety.exe

601283c004aa6e4bcebfb6e844eb653c

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

Phallolysin-safety.exe

c57652ef3cbf3e42e50195e59e2728bf

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

trichloromethane-safety.exe

1453f56916c0ea96b9ba5b49f09757e2

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

Heptoxide-safety.exe

56f7bc7dd9ac24ee6496dc5e4e8910e6

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

Triphenylarsine-Safety.exe

5c785506cf50f5d6efc0d981eedf0b17

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

hydrogen.peaceful.exe

0771772e2401bc2d16f58f09f8f00036

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

Monoxidex86.harmless.exe

bd65d387482def1fe00b50406f731763

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

DETTAMROFNIW-safety.exe

df29abf4eecff30ce3dd8a89345803d0

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

Holmium-safety.exe

20ef502eaa541a94e9cb4d51ed5a0b89

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

Technetium-safety.exe

f1fe8b17b6ba2ebb8c9679f21a39d83c

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

README.txt

c73807f2298945715ac396aa2c0b665f

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 55/68

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

raw.githubusercontent.com/Suwie0011/Harmless-Malwares/refs/heads/main/Harmless%20Virus.zip

185.199.111.133

200 OK

519 kB

URL User Request GET
raw.githubusercontent.com/Suwie0011/Harmless-Malwares/refs/heads/main/Harmless%20Virus.zip
IP
185.199.111.133:443
ASN
#54113 FASTLY

Certificate
IssuerSectigo Limited
Subject*.github.io
Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91
ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
519 kB (519303 bytes)
Hash
f82bb10bf0c7a05222814438832d5cac
5db6d8b74bf99f4f21c81965ea39d589efb24269
6367c30d93f00e54ddb9078cc68e1bd9645b79cda39791f355fe743771cb5364

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 55/68

HTTP Headers

GET /Suwie0011/Harmless-Malwares/refs/heads/main/Harmless%20Virus.zip HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/zip
etag: W/"391ed64be4840dc52647f9d9fec94f88dda5da45f0f95ae101e6ebd4afee51c5"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 8EEC:25E3B:12676CD:155F562:68188400
accept-ranges: bytes
date: Mon, 05 May 2025 09:25:20 GMT
via: 1.1 varnish
x-served-by: cache-hel1410027-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1746437120.248768,VS0,VE126
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 1ce4251521cc1fbac8f75315f96df71e9af6a7d7
expires: Mon, 05 May 2025 09:30:20 GMT
source-age: 0
content-length: 519303
X-Firefox-Spdy: h2