Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

01a53007f9...68.exe

windows7_x64

10

01a53007f9...68.exe

windows10_x64

10

022e3c30a1...66.exe

windows7_x64

10

022e3c30a1...66.exe

windows10_x64

10

02ca2b5bb7...35.exe

windows7_x64

10

02ca2b5bb7...35.exe

windows10_x64

10

0d69cafe70...cd.exe

windows7_x64

10

0d69cafe70...cd.exe

windows10_x64

10

0df647f0a2...bc.exe

windows7_x64

10

0df647f0a2...bc.exe

windows10_x64

10

1df367eead...2c.exe

windows7_x64

10

1df367eead...2c.exe

windows10_x64

10

1e083736ae...33.exe

windows7_x64

10

1e083736ae...33.exe

windows10_x64

10

1e662d9025...7d.exe

windows7_x64

10

1e662d9025...7d.exe

windows10_x64

10

2010009ff5...59.exe

windows7_x64

10

2010009ff5...59.exe

windows10_x64

10

243379992d...93.exe

windows7_x64

10

243379992d...93.exe

windows10_x64

10

2d63a14e4a...1a.exe

windows7_x64

10

2d63a14e4a...1a.exe

windows10_x64

10

30e6815ae0...51.exe

windows7_x64

1

30e6815ae0...51.exe

windows10_x64

1

364d3b0e94...fa.exe

windows7_x64

10

364d3b0e94...fa.exe

windows10_x64

10

3a4e2dfbd7...00.exe

windows7_x64

10

3a4e2dfbd7...00.exe

windows10_x64

10

4a4a606501...75.exe

windows7_x64

10

4a4a606501...75.exe

windows10_x64

10

4d89b00768...c0.exe

windows7_x64

10

4d89b00768...c0.exe

windows10_x64

10

Resubmissions

10/11/2021, 14:52 UTC

211110-r84p8aedej 10

09/11/2021, 13:19 UTC

211109-qkrv3sfcg4 10

Analysis

  • max time kernel
    168s
  • max time network
    170s
  • platform
    windows7_x64
  • resource
    win7-en-20211104
  • submitted
    09/11/2021, 13:19 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe

  • Size

    8KB

  • MD5

    af6e236e2635e451927e7e99f159709a

  • SHA1

    ff5a827131c817a3bf95bb8b798b272101428618

  • SHA256

    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51

  • SHA512

    4b4fd1668211f7193c0b41bb014015f9502b2b75cb0237500c4754e3925d16f719e5154b5fe3cc328d867cfd3cd480802d6150140a48ba5a6ca407100b4b08e6

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    "C:\Users\Admin\AppData\Local\Temp\30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:524

Network

  • flag-us
    DNS
    cdn.discordapp.com
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    8.8.8.8:53
    Request
    cdn.discordapp.com
    IN A
    Response
    cdn.discordapp.com
    IN A
    162.159.135.233
    cdn.discordapp.com
    IN A
    162.159.134.233
    cdn.discordapp.com
    IN A
    162.159.130.233
    cdn.discordapp.com
    IN A
    162.159.133.233
    cdn.discordapp.com
    IN A
    162.159.129.233
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:22:45 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75a0b5d551e89-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:22:45 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdu5nrmMS1F2q6-D5RG5yAAEKQVCauTuJUqfLzfsBksdfhPD0JphS6IzT-zWd5fWLsemeI-l3kfZi1gVmsKiYc8
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzZxDkJnhptP9zstC6t%2BWsRx3EN56cgVDFgZVRKd2ncqYYIpn94kf32fV0MD%2Bh7o5Z36MK%2F8FyIU%2BIaq2QANqFszitKPyZyBj0j3qAgV6zRQte5FwOW3FEfrW3If7i%2F2d2zSWA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:22:51 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75a2dff241fd2-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:22:51 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycds6EByUxY2NXA_hYCTTq9mPxBlLBzTA0xQk6nQkNLVIzqucqSGNzOz7y_d1ekgByA_RaxakGvInHXDo-UwBc90
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpBuIfs%2F%2FfMR1oZhl1byuIiYLMnApNQMmzosy4Z2GdTkhgEzZDa7p58Q9tzXUL%2FxV8E8NvyU0tmrSNNV6emB1OTQFpQGAQItNFX2QVyDfLqUwHuse3npXP7vjIPd8X%2FFI2335g%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:22:56 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75a4ebca00b57-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:22:56 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdsF1AlDofeVs1NQ809j_Ql5_s8rgGoJKidWv10jdqGFThCz4BlQX0RrbdVP9NCrskOfMqZI6hRsSoI7CfacSrs
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNC5Nzlzwdg1IAd6MxI3PVEPVvSDwHgjhBLns2Jw4y8E5glsAXAeagQpZFFa7Mhe2jD4UFHoGz1yNXrK1FdwkOYrSRvJLKl0RBuZ%2F%2FaXQTCzcmQWb7zzzZhCcGTbI7Zkymd3LA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:01 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75a6fea36203b-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:01 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdvJXYgnZqvioCj-btwd8ksAJu0U4KUM0czTXjQBU9XOCbcla7betBYgbpB0lBVnmLfgpifFcu3urF_fPITro-g
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HxyvVtP1bM0BsR%2FdoIaBlZAQijRuuDy2NqmsrowdM%2FBo2P2biNVl%2F1vcNIr7hA21PyVxUOsPZfkqdYUmW1OsMMyxJ6gYRsnusq2QRDXIYIuVmYT%2BTbxm%2FhUnrukbm%2BkPwL4VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:07 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75a91092441a8-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:07 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdv2MGIw1Zqg9mxXi3Slayu-DGOy_8xe3t9lkaNU41lRH3MYRZvxEwyde1KVy8O6ipPM3Yvvr7lLMTeiioGNTos
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pLQfEULp2QDdzU9KVgHGHqRTQnYykqr4XcxA2hDOxuwgYJ8WmF7qu%2FV%2FetXaVWmvDXxOAZpaUWig4twkuLitJU%2BLo4gXSa5tlGlvfUz0Z0Cv0%2Bo1JLVWSe8pLl5VSnzbfD4hg%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:12 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75ab1f98b0b4b-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:12 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycduDzhJGZzk0_NDKtjb4ORlgNo5dm-dWNfrLQqVZwInN6sQGsZkksKJSlRYud3P_tPzcMztss--KBVqkf5CsonU
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXlDQJImAoeXbNrfOzt9kdapNcjL1cI5jkcUsSDgdNtaUZQMNlw9Am8xYZQkZLXDx9V9wN4aSZHKrHCafzW0RqBwvwI8NtmSeH8Rgw89fwdQ7%2FcMVYRVbeQICjHhnwcUT3Fwgg%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:17 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75ad2cbd14c79-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:17 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdu50r-cKyA66hje51kgWVZjt5JDjlfUgB8xS-PC2y0-An6RR31FbO3UP-q3rktPCF24xL0mNYV8DeBs78kYjGM
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2vgKH6S%2F6WdgliZ8%2FmaAL4jXpxNhkX4OmC%2FjzqvCnI%2BCwdaFDgHxTCO8kZZ0RWNLlUvnQATFI5lqlDIEKLGZ8b%2BRIGi7Rvz%2Bncyfe42HhPML7uI3fscVmJvDfbZAW9c%2FppaSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:22 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75af388b65989-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:22 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdvmo32AEAsbelpnvjgTisCPnO_icdNmUpJQkWVvNGrNfm9UKRRxuoIltYY0A4c_-6e6ecwtMj1ObgpxYTF91Jw
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMl34SgfTKv9HQGau5yAYxDRGzLXMbuLdBOYbv4en8bNxTHWMirr7ugSZxV4IeYpz7QLbk20jHEbwGhHLErLjme8oc7xAwpBx97bQq8Zhu1vOstgWPWwkEENto0ZGEMgIXHsyw%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:28 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75b145eb4fa34-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:28 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdurKnC2agROist6rZvF7LoxCU5Ev_gCzzQa-imn_Y8ZGdbiX9IlVtXCWCkhTUuJ8dL4oZ-RtNe03T6vdfM5aE4
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5OHdsnpI7pwusn4Bsg7u3XnzWQoBhDzXysK8RgCRk0cqEBfF93QGGC3jmNOB0Qnk0DgsCBgwNybC7q5KY7%2FZxrkxrGYpBQQZEII%2BqZgnO0GSOJ%2FddqQ3dXT2g9Nph5nmpVrgg%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:33 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75b352e830095-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:33 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdsl4Gkc0GsXYxzWQd-DGuWNzlwdoMsEc4YWsEc2KhUfeXe6hUteYWxgwlc9WlJToeznfNkVyTOy7Co6vfJlvtU
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IjLs9QipQRDmZOAom%2B5DBL8WoACfU5f82zYZioJoROaa2buW2CR7wDp6ZEHUiJ%2BP6%2B0s3Pg3bx1%2F9FgOpzG%2Bdtl48aB4A2cB%2BYnYQjk%2F0eTW5xYRkuRUkDjm3XbwA7eqh%2F9Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:38 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75b55fcb64c08-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:38 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdvenT54ppVCWJX-c0hNfjPo8OYlW8bc8erKnZBk1wALEZG_T49FzvBK1n_GzBVK1dybRNMQjcmgpFmnE6HK-MI
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCs3no4UcLYH%2FTjVc3Ak2CwAC9Y7vJ0icjlGO1trqK%2FBhV84mICUJcj%2FmaiDPzlgyhFwC%2FPLQDxN9PHFTH7ZvbcaP5p2LdtdaK%2FhcA3zwX6JL3ec4i5A1bdZ%2F5vPUyrA8aDqLA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:43 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75b76cca90b74-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:43 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdve5E_g-v4brTVFsu5eOvjkqjHUA0t2WAXUm6juUR6JSdvtz1YfsMmKp7YLt77pgWNwMVcA0eg2III1DOXHOuU
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMH%2BANnmvnNi61%2Bt9ThSceqijlPvq5NqsUx5rZY8XR8TeT7nAGrHVlDXqpGpbshCoYPsYpCXk4y%2BZMFrPbPGSeOG%2BVRAhN5t6Zx3I9ZZwaCeE9DHqBZCFyhq78u8CGoOH5%2BknA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:49 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75b977b3f4c0e-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:49 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdviFgMpKOOl3Q_3RZjBAl06u5AoE2Wm7u8jmCxzXn0MI6aEBw9wOOfTkR1wej2xFhwLD2Wevg33gl05n2RgbHU
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHNUrYoU6E%2BQ5MczIt6q5YaoJTuVU4nuXT6B%2FUftaFx9p8OvZx8ayInM3wMPQA3ypLKiaD5mKwSSvm7E51h%2BCmrvPorF3YLDxnL3f3VtyueyxI7BljDQ4zdkSjypHtvFDiGjbA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:54 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75bb84b274c73-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:54 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdseCML5wAt92zPR7Xnakw8l3MRtb1NhvsXRAP2pDuBHSb6a51Pbl3frR-IINYTBtNA7pj5ushkMwzSnsQerpJM
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D8qf5xN%2BEHk9QhwgE07lhc5fzKk%2FJU3OHMFYZ5mA8S1Aa5ZYWcNDst0Q4TcCbmuPXQan0ty83aCbya8ROJLowz6cROTbjLgmrTVEWIU%2BjT6Byhah3tX1%2BymQt4HV7dJjholww%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:23:59 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75bd918280100-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:23:59 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdus6aJs3-6kX914JgIbITrGPjDPZXP7DCnWmNUt3dN0IiLaR_V6HBgXg8PHlhLoKgr6hqZgFGHFhGW73Hkzc54
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLYw0sYGfZ2lwYCWzIhQP4zPqoYjv3y37kyOymNTemEWqmUles9OpIVjO5u%2BRlyWjUwiBqy4z%2Bzfu8E2fX5i8QPA6zt3S7cfOC%2B5P%2BTnl3QNfaNVibKBFurg2ukUfmds7iNrQA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:24:04 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75bf9cd615953-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:24:04 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycduhOtnORggBiT7GIabJLuJyA4NNoSCbWZ3Vytn9fxCaPcOd_O99u7OKVLYOE0hZfAUM3WVBf59vVVXROymfS-c
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6N4EXzw8NvO0acWeaoZ7yy6ZMS93KY1BbtR6gXWoU9apCD5%2BicDnZBKIOXcQt0Jg7nthgk2UO%2BLm6A8JpjrCrp83bsmbiwjS%2F8sY%2FeLp%2Bsa4EWjW1qKB7tyIf91LkHuw3U5sdg%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:24:10 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75c1afed34c6d-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:24:10 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdukgoumvefLQ6O7KGK3sAg8nNwf4qNpH5coY9_UgJJB9HLckUHoCoCW3-hZgS7tTPzNHk2aV4XxU1UsSY31AvE
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWmAY70CkrHSTVd1nvhjPMn4OzuYsAsdSpFQdWjSks9yxeNBW9WzbJYpFmYnlz3YC6BS%2B0tzhzBLIjbwrzRFJrtMVm1ZgUMGrqRDRkuAct9lDOYV%2ByxBAjZa2ku5rY9qtu83kg%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:24:15 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75c3bbf03422a-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:24:15 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycduqIe1jsyL7AVor8UE1XQVIIrPnX3HdbXdlO6z01pkm32EKJKdG-sX9GVXIrtqsv8O_N8VPSCcY09Ug9FFdmaA
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQ5Jc7A51KKdzElZgD5Oal2OR5DvfWT%2Bnvbc%2F8noicUWsqdN9FW6E3bdph%2BWQU2RjUKLz2b8rapZPJxlIrwo4NKQZWpRoNnWQF6Kp8WQzTUowLUIaXmxTUZBeNvcVymDRoMVgw%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:24:20 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75c5c59559c4b-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:24:20 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycduM92qcr6Tl-h47l6gZp_Xzl67ZyJT1iHn2Rp5VTfpdko4vMvgzzJ9UQ0P2CvYbbzpHJ7vBR-4s_9HoAaC3DfY
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg7AaBnP%2BS5ehOZ5cdF0tmGBThLqnkjlxj0XQxiY%2FLljkbR%2FMV5CO02cfxdTbDRiaeCutLaavzvp8AbFm4BZHC4nSDMzDJ%2FEpH7VLuNkDnFFPX4hpFMvAvSNECU7lkTiKwIrJA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:24:25 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75c7d0fddfa78-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:24:25 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdtyLWcKMNDLao3J2rY8Zjc2-X3m__7diD3MyIu32T-k_jzkhAzqtk-tWIPhpOE1xhPB_d93DjSpZXFZOcFHmcg
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMZ%2BUPDP9CJoYaw40dXjzhLGC%2BKw7KO6koq5btTC%2FbFV9CR4ywYI%2BME2EZW9A6Zz%2Fx2Em0DI6npK2yFLklu2RG0%2FimmS0oDDEuGL08lLRDfsWHtUDCa%2Fz1FBdyAt3b%2BpaDO4UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:24:31 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75c9daaf74200-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:24:31 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdtXnaHgEeK_GZiOdfo5FrueGlSf5IP7bbCpuZCK6UYZYSjtKmWi1PLgQI-Qt5fxzEepD0vA4ZnAUU_YZxC2iw4
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zov8jLbvTv3p1G2T2UpiLRDWOoMpNMJjbwS2aZtthx0H4ppoUIdb1v%2Bc1VkG8zerLisEmYdWEgMas7lAAQvX%2FpPzVSA8LuHNiQ94LhwXaQ2ZwvSc4UsnGZZsRfvAR7%2BICf%2Fr2g%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:24:36 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75cbe7d950c21-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:24:36 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdsz4U7B-NKFdBPwkYT5CAFt-muyQ8lacgkCNthJO5JDe6fNUF1rSuRrcN5dweqSn56Bi0hDo1diCvAqE4O1NPc
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voAJR86tJx6Pchjzsgo4SLoWPt8MMbqwpsP8Ths0PZ7JERCu1xgDfD7xmU4ok2zQz4PDI7hAUueqUAcYP0Ipi1gZBVSjxVx1GJ%2ByYHgLN7YymrMJ02XFnFVB1Ol8u1fBaMOwxw%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:24:41 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75cdf4f1f0c85-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:24:41 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdsM1n0BYDb5x2VvyWKHSD4WZFUhVYeD3Y0sLt4MzZZ0szqpJZdj8G4I9qzRb3UneU6dE65i2QMGl70eFdWhzPI
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tu18UHRfq%2FZQW8%2F1BfvJtGkWclpRHJLR4IOqsgZYISGqsUEqQTPx%2FqqpkhySlt0%2FZfg%2B4rzJ6l7PfSFM1LVTh5PduZJ0JkixLup7Uf%2FY%2BruezZvJJMnQJ1DRqkmB1im9MjYs%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:24:46 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75cfff87d4c68-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:24:46 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdtF_UmmAKEjV_lRaaVNHHDKbdU20mg9U8g_En6Pi7RpHZLF6Xze9JbHrZB_QCNN3lqtGijIwb0012Mk1MCcCOg
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Te0bMT2aSnlc8H8BvzlqfHCg764eX4wfD5imp9R1aLMdiWDxnWpmNPiVVboNlYXskebJev1NwJ1T2LwoEA5uLNN1wBVm2KwClmIUz8uFRWMrsynO8t03rxcBqSiWwbIrZ2I7rA%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • flag-us
    GET
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    Remote address:
    162.159.135.233:443
    Request
    GET /attachments/897184039432257628/897734227108450314/Wetsetup.exe HTTP/1.1
    Host: cdn.discordapp.com
    Response
    HTTP/1.1 403 Forbidden
    Date: Tue, 09 Nov 2021 13:24:52 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 223
    Connection: keep-alive
    CF-Ray: 6ab75d20fe3300b6-AMS
    Cache-Control: private, max-age=0
    Expires: Tue, 09 Nov 2021 13:24:52 GMT
    Vary: Accept-Encoding
    CF-Cache-Status: MISS
    Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    X-GUploader-UploadID: ADPycdtapZe6B07tAV1Tb2zq6aWTDa3il2vtPLWjNcHLW62zQlo6AXewNuIa7fKA-iZgiuPIzqpfJUltxc58LqBkJp4
    X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BASTRpgb%2BjKjcMY73w0nEGGUXDfAjLwEzicJRWbhIIgC%2BNZ3h1FlPfujL6Bs6OeZ980Tcj%2F3dcuhDFRkRfljfc0vjzAZVPiYWSRhCxsFDCwtyDVMA0RI46XVjs3k%2BouKVW6TCw%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    801 B
     4.2kB
     8
    9

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    700 B
     1.9kB
     7
    7

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    694 B
     1.8kB
     7
    7

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 162.159.135.233:443
    https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe
    tls, http
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    648 B
     1.7kB
     6
    6

    HTTP Request

    GET https://cdn.discordapp.com/attachments/897184039432257628/897734227108450314/Wetsetup.exe

    HTTP Response

    403
  • 8.8.8.8:53
    cdn.discordapp.com
    dns
    30e6815ae008a8638c5b30460098904121e0b98c7e87784d950f1dc55aafec51.exe
    64 B
     144 B
     1
    1

    DNS Request

    cdn.discordapp.com

    DNS Response

    162.159.135.233
    162.159.134.233
    162.159.130.233
    162.159.133.233
    162.159.129.233

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/524-55-0x0000000000C40000-0x0000000000C41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/524-57-0x000000001A680000-0x000000001A682000-memory.dmp

    Filesize

    8KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.