Report Overview

  1. Visited public
    2025-05-05 22:28:20
    Tags
  2. URL

    github.com/massgravel/Microsoft-Activation-Scripts/archive/refs/heads/master.zip

  3. Finishing URL

    about:privatebrowsing

  4. IP / ASN
    140.82.121.3

    #36459 GITHUB

    Title
    about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
github.com1423unknownNo dataNo data
codeload.github.com62359unknownNo dataNo data

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    codeload.github.com/massgravel/Microsoft-Activation-Scripts/zip/refs/heads/master

  2. IP

    140.82.121.9

  3. ASN

    #36459 GITHUB

  1. File type

    Zip archive data, at least v1.0 to extract, compression method=store

    Size

    468 kB (468015 bytes)

  2. Hash

    698edcbdc8d8dd876a222fe7ab25306a

    fe1ecd500fc9452296ff0565b696ccd1d50edab9

  1. Archive (15)

    2. FilenameMd5File type
    LICENSE
    1ebbd3e34237af26da5dc08a4e440464
    		ASCII text
    MAS_AIO.cmd
    024a2daaf69a70d6afc131fcba9a4462
    		ASCII text, with very long lines (348), with CRLF line terminators
    HWID_Activation.cmd
    45c224666a74587514820f9fd9941ea7
    		DOS batch file, ASCII text, with very long lines (376), with CRLF line terminators
    KMS38_Activation.cmd
    47ac3a96b5865642c225f8362b58e07c
    		DOS batch file, ASCII text, with very long lines (500), with CRLF line terminators
    Ohook_Activation_AIO.cmd
    63206323f888efd68cacfe3c478ddb02
    		DOS batch file, ASCII text, with very long lines (452), with CRLF line terminators
    Online_KMS_Activation.cmd
    09f8ee31582ca018ad76a4f54b2d34c7
    		DOS batch file, ASCII text, with very long lines (452), with CRLF line terminators
    TSforge_Activation.cmd
    02b0e0fbe9e2dfc9df5e204d296b47c5
    		DOS batch file, ASCII text, with very long lines (348), with CRLF line terminators
    _ReadMe.txt
    e699451ed0dfe4ebdd499666dc411c3c
    		ASCII text, with CRLF line terminators
    Change_Office_Edition.cmd
    32cf54077924ed7405954dcdd1abef33
    		DOS batch file, ASCII text, with very long lines (453), with CRLF line terminators
    Change_Windows_Edition.cmd
    4f60d72c2015c1dfb156f81334b16b39
    		DOS batch file, ASCII text, with very long lines (348), with CRLF line terminators
    Check_Activation_Status.cmd
    456851be659b8b759ce8b69e0e72312c
    		DOS batch file, ASCII text, with very long lines (379), with CRLF line terminators
    Extract_OEM_Folder.cmd
    589ffe8d95c59838c2ee616cdbe91999
    		DOS batch file, ASCII text, with very long lines (348), with CRLF line terminators
    Troubleshoot.cmd
    480f8acb42e3ebac8627d9afeec20cd1
    		DOS batch file, ASCII text, with very long lines (376), with CRLF line terminators
    _ReadMe.html
    574e18c1f9b32a47f988ac91588901ba
    		HTML document, ASCII text, with CRLF line terminators
    README.md
    4cf2df0bec7061577e6850f347c6b0c1
    		Unicode text, UTF-8 text

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    Detects suspicious PowerShell code that downloads from web sites
    Public Nextron YARA rulesmalware
    Detects suspicious PowerShell code that downloads from web sites

JavaScript (0)

HTTP Transactions (2)

URLIPResponseSize
github.com/massgravel/Microsoft-Activation-Scripts/archive/refs/heads/master.zip
140.82.121.4302 Found468 kB
codeload.github.com/massgravel/Microsoft-Activation-Scripts/zip/refs/heads/master
140.82.121.9200 OK468 kB