Report Overview
- Visited public2025-05-06 18:31:24Tags
- URL
cdn.discordapp.com/attachments/1271923659002482743/1369379689562374335/Better-CrewLink.lnk?ex=681ba5b7&is=681a5437&hm=077958bb0dafeaf3894b19c0954ca3d35d00bcedd07c2ced4599da14f4d66b9a&
- Finishing URL
about:privatebrowsing
- IP / ASN
162.159.135.233#13335 CLOUDFLARENET
Titleabout:privatebrowsing
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| cdn.discordapp.com | 2474 | unknown | No data | No data | 651 B | 4.2 kB | 162.159.129.233 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2025-05-06 | medium | cdn.discordapp.com/attachments/1271923659002482743/1369379689562374335/Better-CrewLink.lnk?ex=681ba5b7&is=681a5437&hm=077958bb0dafeaf3894b19c0954ca3d35d00bcedd07c2ced4599da14f4d66b9a& | Identifies executable artefacts in shortcut (LNK) files. |
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Windows Shortcut detected
- URL
cdn.discordapp.com/attachments/1271923659002482743/1369379689562374335/Better-CrewLink.lnk?ex=681ba5b7&is=681a5437&hm=077958bb0dafeaf3894b19c0954ca3d35d00bcedd07c2ced4599da14f4d66b9a&
IP / ASN162.159.129.233#13335 CLOUDFLARENET
File type
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Icon number=0, Unicoded, HasExpIcon "%USERPROFILE%\AppData\Local\Programs\bettercrewlink\Better-CrewLink.exe" KnownFolderID F3CE0F7C-4901-4ACC-8648-D5D44B04EF8F, Archive, ctime=Sun Jan 19 16:53:51 2025, atime=Sun Jan 19 16:53:55 2025, mtime=Wed Mar 29 01:14:20 2023, length=126435840, window=normal, IDListSize 0x0242, Root folder "59031A47-3F72-44A7-89C5-5595FE6B30EE", LocalBasePath "C:\Users\axell\AppData\Local\Programs\bettercrewlink\Better-CrewLink.exe"
Hash
MD5 f348e84de8e2cd3863afac9d62bc99cbSHA1 5a36f52cc2d714f8a75d62478b67c9d9c0924cc6SHA256 5d38c5b47cecebc3b9591154f5ca99c515e1d155514736b394777b69821237da
Timestamps
Created 2025-01-19 16:53:51Access 2023-03-29 01:14:20Write 2025-01-19 16:53:55Command-line data
Working DirectoryC:\Users\axell\AppData\Local\Programs\bettercrewlink
Relative Path..\..\AppData\Local\Programs\bettercrewlink\Better-CrewLink.exe
Command Line Arguments
| Analyzer | Verdict | Alert |
|---|---|---|
| Public InfoSec YARA rules | malware | Identifies executable artefacts in shortcut (LNK) files. |
JavaScript (0)
HTTP Transactions (1)
| URL | IP | Response | Size | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
cdn.discordapp.com/attachments/1271923659002482743/1369379689562374335/Better-CrewLink.lnk?ex=681ba5b7&is=681a5437&hm=077958bb0dafeaf3894b19c0954ca3d35d00bcedd07c2ced4599da14f4d66b9a& | 162.159.129.233 | 200 OK | 2.5 kB | |||||||
Detections
HTTP Headers
| ||||||||||