Report - smealum.github.io/ninjhax2/starter.zip

Report Overview

Visited public
2025-01-15 23:07:52
Tags
Submit Tags
URL
smealum.github.io/ninjhax2/starter.zip
Finishing URL
about:privatebrowsing
IP / ASN
185.199.110.153
#54113 FASTLY
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
smealum.github.io	unknown	2013-03-08	2014-11-27	2025-01-15	492 B	5.0 MB	185.199.110.153

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
smealum.github.io/ninjhax2/starter.zip
IP
185.199.110.153
ASN
#54113 FASTLY

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
5.0 MB (5009561 bytes)
Hash
09510d6da213193080093f2380a448ed
1ac928ba16179b910ed2382c251d05e07922c9ff
187ec66543499bd324f3e2f239eb4aa761363edf387320da12c591962453c901

Archive (37)

Filename

Md5

File type

boot.3dsx

0de027b0447b4470cb796afb94b4cdf2

Nintendo 3DS Homebrew Application (3DSX)

CHMM2.3dsx

bd1e50a3ea169cb255c6f1dc8cf4f382

Nintendo 3DS Homebrew Application (3DSX)

CHMM2.smdh

147f47ff12b67e22ea55482cd91eb9d8

Nintendo 3DS SMDH file: "CHMM2" by Rinnegatamante

CHMM2.xml

30225366e058c51bd6778b4fe81b3f18

ASCII text, with CRLF line terminators

ctr-httpwn.3dsx

869878a84b37f8063c4faa0a23ec86b1

Nintendo 3DS Homebrew Application (3DSX)

ctr-httpwn.xml

fe3fa64695a486d4576364bb9e5b69d3

ASCII text

eshop.smdh

3ac0f7465499a94c8c91fa27105f7488

Nintendo 3DS SMDH file: "eShop" by

eshop.xml

74e30cbc049688674c09adabae7ac01d

HTML document, ASCII text, with CRLF line terminators

ftpd.3dsx

9b28fca5e329f49c7c19c7392dc1fad6

Nintendo 3DS Homebrew Application (3DSX)

ftpd.xml

3f54c9fb3825e57394fc38615c0ea3ae

ASCII text, with CRLF line terminators

hans.3dsx

c67dc322926eb50e8547114fdbb1b18f

Nintendo 3DS Homebrew Application (3DSX)

hans.smdh

27024d173c84cac6074a7dcb9f675c85

Nintendo 3DS SMDH file: "HANS" by smea

hans.xml

d2b78d3e4f9a7ee787b5d490ff2800e2

ASCII text, with CRLF line terminators

eshop.txt

4c8873f2c19a5ed945b8ebb5728a68f0

ASCII text

ironhax.txt

4d33ff74cedd2dd6453472936dbfc2cc

ASCII text

install.3dsx

d12c5f932d2360a83a3d218d59f08a39

Nintendo 3DS Homebrew Application (3DSX)

install.smdh

da274180c23e2c62508bbfd84324b213

Nintendo 3DS SMDH file: "ironhax installer" by smea and yellows8

install.xml

ebadb1a715b05f5505e890626ce385be

HTML document, ASCII text, with CRLF line terminators

ironhax.smdh

6ccb29a99fc24474147c2e723af0832f

Nintendo 3DS SMDH file: "eShop - old version downloader" by

ironhax.xml

2f03b7a7418e7f4abe9037d021ef8178

HTML document, ASCII text, with CRLF line terminators

menuhax_manager.3dsx

be920b233b34572728afba603b5bdd73

Nintendo 3DS Homebrew Application (3DSX)

menuhax_manager.xml

a2837196c1dd9e932610015df2136f4b

HTML document, ASCII text

LICENSE.txt

cfd7d66d2864c38232ec1ef20b27c13a

ASCII text, with CRLF line terminators

mgba.3dsx

364a8e39d2db0fbc45ed940c3015d500

Nintendo 3DS Homebrew Application (3DSX)

mgba.smdh

1769b17b1862b2ba006e6a9f565f5eed

Nintendo 3DS SMDH file: "mGBA" by endrift

doom.wad

f0cefca49926d00903cf57551d901abe

doom main IWAD data containing 1264 lumps

prboom.3dsx

90402c018d2cd10cf9936b88900d8d85

Nintendo 3DS Homebrew Application (3DSX)

prboom.wad

23afd6143cb1ffec99a46755f9209ea6

doom patch PWAD data containing 166 lumps

qtm.3dsx

06552dee8dc3a1ad0c3b031ef837304c

Nintendo 3DS Homebrew Application (3DSX)

qtm.smdh

8ad693da86bbc17c56f1d97b06a7af04

Nintendo 3DS SMDH file: "Head tracking demo" by yellows8

qtm.xml

76cdc1f323bea6a79e7eacda4b83ba43

ASCII text, with CRLF line terminators

scrtool.3dsx

e518cbe63adc37f4feba160c360ba38e

Nintendo 3DS Homebrew Application (3DSX)

scrtool.smdh

5cb5977479fe503812a29d92011f4aed

Nintendo 3DS SMDH file: "Screenshot tool" by smea

sploit_installer_oot3dhax.smdh

4386e35739583a20884df38647d0632b

Nintendo 3DS SMDH file: "sploit_installer-oot3dhax" by smea and yellows8

sploit_installer_oot3dhax.xml

1593dc5be066b3c77a36a783d9b8f862

HTML document, ASCII text, with CRLF line terminators

sploit_installer_stickerhax.smdh

c02a95948a12b1ef52dea66cf88cbdfd

Nintendo 3DS SMDH file: "sploit_installer-stickerhax" by smea and yellows8

sploit_installer_stickerhax.xml

1e42c57603bf35537bdccf6439c2a1da

HTML document, ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
CAPEv2 YARA detection rules	malware	Cobalt Strike Beacon Payload

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	GET smealum.github.io/ninjhax2/starter.zip	185.199.110.153	200 OK	5.0 MB
URL User Request GET HTTP/2 smealum.github.io/ninjhax2/starter.zip IP 185.199.110.153:443 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subject.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 5.0 MB (5009561 bytes) Hash 09510d6da213193080093f2380a448ed 1ac928ba16179b910ed2382c251d05e07922c9ff 187ec66543499bd324f3e2f239eb4aa761363edf387320da12c591962453c901 HTTP Headers `GET /ninjhax2/starter.zip HTTP/1.1 Host: smealum.github.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: GitHub.com content-type: application/zip permissions-policy: interest-cohort=() last-modified: Tue, 19 Jun 2018 04:39:18 GMT access-control-allow-origin: etag: "5b2888f6-4c7099" expires: Wed, 15 Jan 2025 23:17:26 GMT cache-control: max-age=600 x-proxy-cache: MISS x-github-request-id: 6665:124EBF:AB7261:AD2B0D:67883FAD accept-ranges: bytes date: Wed, 15 Jan 2025 23:07:26 GMT via: 1.1 varnish age: 0 x-served-by: cache-hel1410034-HEL x-cache: MISS x-cache-hits: 0 x-timer: S1736982446.041658,VS0,VE346 vary: Accept-Encoding x-fastly-request-id: 3b36b59fc6aa209bf927da1bac3802630b026037 content-length: 5009561 X-Firefox-Spdy: h2

GET smealum.github.io/ninjhax2/starter.zip

185.199.110.153

200 OK

5.0 MB

URL User Request GET HTTP/2
smealum.github.io/ninjhax2/starter.zip
IP
185.199.110.153:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
5.0 MB (5009561 bytes)
Hash
09510d6da213193080093f2380a448ed
1ac928ba16179b910ed2382c251d05e07922c9ff
187ec66543499bd324f3e2f239eb4aa761363edf387320da12c591962453c901

HTTP Headers

GET /ninjhax2/starter.zip HTTP/1.1
Host: smealum.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: GitHub.com
content-type: application/zip
permissions-policy: interest-cohort=()
last-modified: Tue, 19 Jun 2018 04:39:18 GMT
access-control-allow-origin: *
etag: "5b2888f6-4c7099"
expires: Wed, 15 Jan 2025 23:17:26 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 6665:124EBF:AB7261:AD2B0D:67883FAD
accept-ranges: bytes
date: Wed, 15 Jan 2025 23:07:26 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410034-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1736982446.041658,VS0,VE346
vary: Accept-Encoding
x-fastly-request-id: 3b36b59fc6aa209bf927da1bac3802630b026037
content-length: 5009561
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (37)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers