Report - github.com/pxlbit228/albion-radar-deatheye-2pc/releases/download/1.2.20250328/1.2.zip

Report Overview

Visited public
2025-05-06 20:42:33
Tags
URL
github.com/pxlbit228/albion-radar-deatheye-2pc/releases/download/1.2.20250328/1.2.zip
Finishing URL
about:privatebrowsing
IP / ASN
4.225.11.194
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
about:privatebrowsing

Detections

urlquery

0

Network Intrusion Detection

0

Threat Detection Systems

2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	unknown	No data	No data	553 B	11 MB	140.82.121.4
objects.githubusercontent.com	134060	unknown	No data	No data	964 B	11 MB	185.199.108.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/908498065/0bd88709-c130-4221-90ff-08824edd419d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250506T204155Z&X-Amz-Expires=300&X-Amz-Signature=88c3be7bd85b7f380db1831bea9af4edefe819f6107d0f788454c4bd53459adb&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D1.2.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
11 MB (11046513 bytes)
Hash
95c730f7ee4f96e371a65fc4ab562453
62adeaa61ee86aaca714e84afff507328a1af43a
cd763c794ab83eb3c3cb635fcd85bef859f4310c27eb9e6d569e3835308a6cd4

Archive (35)

Filename

Md5

File type

readme.txt

b32b349135ec8a6c6674b550a92b1b21

ASCII text, with no line terminators

Albion.Network.dll

8ce619c683fb661bc024bf92bcd0d75f

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

GameOverlay.dll

f826a14995334a76be9f499d571e48eb

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Newtonsoft.Json.dll

195ffb7167db3219b217c4fd439eedd6

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Newtonsoft.Json.xml

d398ffe9fdac6a53a8d8bb26f29bbb3c

XML 1.0 document, ASCII text, with CRLF line terminators

PacketDotNet.dll

dd4a17d727867a1034d79e7f19f7fc58

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

PhotonPackageParser.dll

dcbeb1c3672f723e778abb92a2bcf7aa

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

PrecisionTimer.NET.dll

d5824624e58e1f95963bd57a85d53341

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

PrecisionTimer.NET.xml

45160b8fa1e9ceb0f6d48d4e253a5cf7

XML 1.0 document, ASCII text, with CRLF line terminators

Protocol16.dll

9254dbac2b26d57b2cb3804af42e1708

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

SharpDX.Direct2D1.dll

b992dfabf27b4c32c57d5cc2960cd8e3

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

SharpDX.dll

c52a44933d17d576d4c97b4cb0545841

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

SharpDX.DXGI.dll

d2edde626c241549eab636aa87fb5d38

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

SharpPcap.dll

d0a0c81b66b2f36da6020b963301683f

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Buffers.dll

ecdfe8ede869d2ccc6bf99981ea96400

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Buffers.xml

1c55860dd93297a6ea2fad2974834c3a

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (727), with CRLF line terminators

System.Drawing.Common.dll

3c2445d3095f82ec8a526e7843a98ba9

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Memory.dll

f09441a1ee47fb3e6571a3a448e05baf

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Memory.xml

add19745a43b2515280ce24671863114

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

System.Numerics.Vectors.dll

aaa2cbf14e06e9d3586d8a4ed455db33

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Numerics.Vectors.xml

95dd29ca17b63843ad787d3bc9c8c933

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

System.Runtime.CompilerServices.Unsafe.dll

c610e828b54001574d86dd2ed730e392

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Runtime.CompilerServices.Unsafe.xml

c782e92abbfc0531226f735c6ac56498

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

System.Text.Encoding.CodePages.dll

4c12c76415a3d8af9c3cbcf0a3cb52dd

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Text.Encoding.CodePages.xml

c1bed46594fd83112d7e77050eb0e874

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

Wpf.Ui.dll

66b933f127473bd33d8c85cb19220a99

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

X975.exe.config

6e2e44bb242ca93164e66a43aa4b4bc0

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

harvestables.xml

fb8458d7ebd48eaeb0b14242188c9fb5

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

items.xml

2229f3d2b0e8d2856bb37de3c38e730e

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (813), with CRLF line terminators

mobs.xml

ce77cf88051537c8b5d007aca50da62f

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (1312), with CRLF line terminators

readme.txt

6b7a5efea267452e9dc7df2b8bdd41e6

ASCII text, with no line terminators

clusters.json

daaf156a4b4794330ccd8149cb9f0621

JSON text data

indexes.json

f812b87c2a70164f4146f73683bd9323

JSON text data

offsets.json

316a759b96ee4109dbfb82d466a97e60

JSON text data

X975.exe

6dd37486ed25cf54b091883ab396787c

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 22/67

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

GET github.com/pxlbit228/albion-radar-deatheye-2pc/releases/download/1.2.20250328/1.2.zip

140.82.121.4

302 Found

11 MB

URL User Request GET
github.com/pxlbit228/albion-radar-deatheye-2pc/releases/download/1.2.20250328/1.2.zip
IP
140.82.121.4:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE4:33:71:DD:D6:91:4A:75:B6:1F:9E:4F:74:6D:9B:F0:DD:26:FC:3A
ValidityWed, 05 Feb 2025 00:00:00 GMT - Thu, 05 Feb 2026 23:59:59 GMT

File type

Size
11 MB (11046513 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pxlbit228/albion-radar-deatheye-2pc/releases/download/1.2.20250328/1.2.zip HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 06 May 2025 20:41:55 GMT
content-type: text/html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/908498065/0bd88709-c130-4221-90ff-08824edd419d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250506T204155Z&X-Amz-Expires=300&X-Amz-Signature=88c3be7bd85b7f380db1831bea9af4edefe819f6107d0f788454c4bd53459adb&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D1.2.zip&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
x-github-request-id: 68D3:1309:60C09C9:632F0DA:681A7413
X-Firefox-Spdy: h2

GET objects.githubusercontent.com/github-production-release-asset-2e65be/908498065/0bd88709-c130-4221-90ff-08824edd419d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250506T204155Z&X-Amz-Expires=300&X-Amz-Signature=88c3be7bd85b7f380db1831bea9af4edefe819f6107d0f788454c4bd53459adb&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D1.2.zip&response-content-type=application%2Foctet-stream

185.199.108.133

200 OK

11 MB

URL User Request GET
objects.githubusercontent.com/github-production-release-asset-2e65be/908498065/0bd88709-c130-4221-90ff-08824edd419d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250506T204155Z&X-Amz-Expires=300&X-Amz-Signature=88c3be7bd85b7f380db1831bea9af4edefe819f6107d0f788454c4bd53459adb&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D1.2.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133:443
ASN
#54113 FASTLY

Certificate
IssuerSectigo Limited
Subject*.github.io
Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91
ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
11 MB (11046513 bytes)
Hash
95c730f7ee4f96e371a65fc4ab562453
62adeaa61ee86aaca714e84afff507328a1af43a
cd763c794ab83eb3c3cb635fcd85bef859f4310c27eb9e6d569e3835308a6cd4

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 22/67

HTTP Headers

GET /github-production-release-asset-2e65be/908498065/0bd88709-c130-4221-90ff-08824edd419d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250506T204155Z&X-Amz-Expires=300&X-Amz-Signature=88c3be7bd85b7f380db1831bea9af4edefe819f6107d0f788454c4bd53459adb&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3D1.2.zip&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Fri, 28 Mar 2025 16:41:59 GMT
etag: "0x8DD6E177604484E"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fd433323-801e-0069-43b9-bbd819000000
x-ms-version: 2025-05-05
x-ms-creation-time: Fri, 28 Mar 2025 16:41:59 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=1.2.zip
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
fastly-restarts: 1
accept-ranges: bytes
age: 0
date: Tue, 06 May 2025 20:41:56 GMT
x-served-by: cache-iad-kiad7000128-IAD, cache-hel1410029-HEL
x-cache: HIT, MISS
x-cache-hits: 9, 0
x-timer: S1746564116.940724,VS0,VE98
content-length: 11046513
X-Firefox-Spdy: h2