Report - github.com/Sombody101/APKognito/releases/download/v2.0.1/APKognito-v2.0.1.zip

Report Overview

Visited public
2025-05-10 05:05:46
Tags
URL
github.com/Sombody101/APKognito/releases/download/v2.0.1/APKognito-v2.0.1.zip
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.4
#36459 GITHUB
Title
about:privatebrowsing

Detections

urlquery

0

Network Intrusion Detection

0

Threat Detection Systems

3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2025-05-07	545 B	7.1 MB	140.82.121.3
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2025-05-07	977 B	7.1 MB	185.199.108.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/864304677/6a0ddc29-524d-40b2-8c78-b2d2561f9d0b?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250510%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250510T050513Z&X-Amz-Expires=300&X-Amz-Signature=5983ffda2788fc242bcab83462cb6609d8455aeffbf03c40e1b7f68d6d208bb7&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DAPKognito-v2.0.1.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
7.1 MB (7088680 bytes)
Hash
82bc8fd47e6d1fd84826b25bb916ca55
a269d3aa872a70177dc3e596f73faeb10a8752ce
93afc03f321b3d9f76a89e7dd84fb0b23fd6c0815b008cbf23e87dad9f5f15ab

Archive (9)

Filename

Md5

File type

APKognito.deps.json

051341e7e464daf8a6e3f6a75000ae5d

JSON text data

APKognito.dll

b651649c7d4c14af46b2d4dd4ce208be

PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows, 2 sections

APKognito.exe

8ea4ae89dcb786858eb8e0e3387144f4

PE32+ executable (GUI) x86-64, for MS Windows, 6 sections

APKognito.runtimeconfig.json

6acedb2465ab37838b02a92fc5e2e345

JSON text data

System.Diagnostics.EventLog.dll

c2fca477e228801d910579c9da4c014f

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Diagnostics.EventLog.Messages.dll

b98dc97a3052a03b3b03e9941712ad47

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Management.dll

858a25ba1400cc4d4d333fbb58432a92

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Text.Encoding.CodePages.dll

9c1c86679e0125d8c64003f94ba9c98a

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

System.Windows.Extensions.dll

eba8b4e8b7cf13f8ef8dd5e2174cf429

PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects suspicious file path pointing to the root of a folder easily accessible via environment variables
YARAhub by abuse.ch	malware	Detect pe file that no import table

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	github.com/Sombody101/APKognito/releases/download/v2.0.1/APKognito-v2.0.1.zip	140.82.121.3	302 Found	7.1 MB
URL User Request GET github.com/Sombody101/APKognito/releases/download/v2.0.1/APKognito-v2.0.1.zip IP 140.82.121.3:443 ASN #36459 GITHUB Certificate IssuerSectigo Limited Subjectgithub.com FingerprintE4:33:71:DD:D6:91:4A:75:B6:1F:9E:4F:74:6D:9B:F0:DD:26:FC:3A ValidityWed, 05 Feb 2025 00:00:00 GMT - Thu, 05 Feb 2026 23:59:59 GMT File type Size 7.1 MB (7088680 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /Sombody101/APKognito/releases/download/v2.0.1/APKognito-v2.0.1.zip HTTP/1.1 Host: github.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Sat, 10 May 2025 05:05:13 GMT content-type: text/html; charset=utf-8 content-length: 0 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame,Accept-Encoding, Accept, X-Requested-With location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/864304677/6a0ddc29-524d-40b2-8c78-b2d2561f9d0b?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250510%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250510T050513Z&X-Amz-Expires=300&X-Amz-Signature=5983ffda2788fc242bcab83462cb6609d8455aeffbf03c40e1b7f68d6d208bb7&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DAPKognito-v2.0.1.zip&response-content-type=application%2Foctet-stream cache-control: no-cache strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: no-referrer-when-downgrade content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com .rel.tunnels.api.visualstudio.com wss://.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com .actions.githubusercontent.com wss://.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/ server: github.com x-github-request-id: D35F:26EC5D:DD641:E69EA:681EDE88 X-Firefox-Spdy: h2

	objects.githubusercontent.com/github-production-release-asset-2e65be/864304677/6a0ddc29-524d-40b2-8c78-b2d2561f9d0b?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250510%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250510T050513Z&X-Amz-Expires=300&X-Amz-Signature=5983ffda2788fc242bcab83462cb6609d8455aeffbf03c40e1b7f68d6d208bb7&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DAPKognito-v2.0.1.zip&response-content-type=application%2Foctet-stream	185.199.108.133	200 OK	7.1 MB
URL User Request GET objects.githubusercontent.com/github-production-release-asset-2e65be/864304677/6a0ddc29-524d-40b2-8c78-b2d2561f9d0b?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250510%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250510T050513Z&X-Amz-Expires=300&X-Amz-Signature=5983ffda2788fc242bcab83462cb6609d8455aeffbf03c40e1b7f68d6d208bb7&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DAPKognito-v2.0.1.zip&response-content-type=application%2Foctet-stream IP 185.199.108.133:443 ASN #54113 FASTLY Certificate IssuerSectigo Limited Subject.github.io Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91 ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 7.1 MB (7088680 bytes) Hash 82bc8fd47e6d1fd84826b25bb916ca55 a269d3aa872a70177dc3e596f73faeb10a8752ce 93afc03f321b3d9f76a89e7dd84fb0b23fd6c0815b008cbf23e87dad9f5f15ab HTTP Headers GET /github-production-release-asset-2e65be/864304677/6a0ddc29-524d-40b2-8c78-b2d2561f9d0b?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250510%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250510T050513Z&X-Amz-Expires=300&X-Amz-Signature=5983ffda2788fc242bcab83462cb6609d8455aeffbf03c40e1b7f68d6d208bb7&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DAPKognito-v2.0.1.zip&response-content-type=application%2Foctet-stream HTTP/1.1 Host: objects.githubusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/octet-stream last-modified: Wed, 07 May 2025 21:59:39 GMT etag: "0x8DD8DB276DED290" server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 86aff743-001e-002a-4ab6-c03e45000000 x-ms-version: 2025-05-05 x-ms-creation-time: Wed, 07 May 2025 21:59:39 GMT x-ms-blob-content-md5: gryP1H5tH9hIJrJbuRbKVQ== x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob content-disposition: attachment; filename=APKognito-v2.0.1.zip x-ms-server-encrypted: true via: 1.1 varnish, 1.1 varnish fastly-restarts: 1 accept-ranges: bytes age: 0 date: Sat, 10 May 2025 05:05:13 GMT x-served-by: cache-iad-kjyo7100163-IAD, cache-hel1410026-HEL x-cache: HIT, MISS x-cache-hits: 5, 0 x-timer: S1746853513.363077,VS0,VE97 content-length: 7088680 X-Firefox-Spdy: h2