hxxps://github[.]com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000[.]exe

Resubmissions

19/08/2024, 02:23 UTC

240819-cvbd7asfkr 8

19/08/2024, 02:22 UTC

240819-ctq39ayhle 8

19/08/2024, 02:19 UTC

240819-cr16fasdrq 3

19/08/2024, 02:17 UTC

240819-cq1hhsyfrf 8

Analysis

max time kernel
24s
max time network
34s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19/08/2024, 02:22 UTC

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe

Score

8^/10

discovery evasion persistence ransomware

Malware Config

Signatures

Disables Task Manager via registry modification
evasion
Downloads MZ/PE file

Executes dropped EXE 1 IoCs

pid	Process
2128	000.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\B:	000.exe
File opened (read-only)	\??\P:	000.exe
File opened (read-only)	\??\R:	000.exe
File opened (read-only)	\??\V:	000.exe
File opened (read-only)	\??\X:	000.exe
File opened (read-only)	\??\Y:	000.exe
File opened (read-only)	\??\K:	000.exe
File opened (read-only)	\??\M:	000.exe
File opened (read-only)	\??\O:	000.exe
File opened (read-only)	\??\Q:	000.exe
File opened (read-only)	\??\S:	000.exe
File opened (read-only)	\??\T:	000.exe
File opened (read-only)	\??\U:	000.exe
File opened (read-only)	\??\A:	000.exe
File opened (read-only)	\??\H:	000.exe
File opened (read-only)	\??\I:	000.exe
File opened (read-only)	\??\J:	000.exe
File opened (read-only)	\??\N:	000.exe
File opened (read-only)	\??\W:	000.exe
File opened (read-only)	\??\Z:	000.exe
File opened (read-only)	\??\E:	000.exe
File opened (read-only)	\??\G:	000.exe
File opened (read-only)	\??\L:	000.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
55	raw.githubusercontent.com
54	raw.githubusercontent.com

Modifies WinLogon 2 TTPs 1 IoCs

persistence

Winlogon Helper DLL

T1547.004

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoRestartShell = "0"	000.exe

Sets desktop wallpaper using registry 2 TTPs 1 IoCs

ransomware

Defacement

T1491

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\Desktop\Wallpaper	000.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 6 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WMIC.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WMIC.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	000.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskkill.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskkill.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Kills process with taskkill 2 IoCs

evasion

pid	Process
5208	taskkill.exe
5288	taskkill.exe

Modifies registry class 2 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\txtfile\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\icon.ico"	000.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2392887640-1187051047-2909758433-1000\{E24C01BF-123D-48F3-9F6F-DA45367A947C}	000.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 710008.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
2580	msedge.exe
2580	msedge.exe
4064	msedge.exe
4064	msedge.exe
4640	identity_helper.exe
4640	identity_helper.exe
3840	msedge.exe
3840	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	5208	taskkill.exe
Token: SeShutdownPrivilege	2128	000.exe
Token: SeCreatePagefilePrivilege	2128	000.exe
Token: SeDebugPrivilege	5288	taskkill.exe
Token: SeIncreaseQuotaPrivilege	5512	WMIC.exe
Token: SeSecurityPrivilege	5512	WMIC.exe
Token: SeTakeOwnershipPrivilege	5512	WMIC.exe
Token: SeLoadDriverPrivilege	5512	WMIC.exe
Token: SeSystemProfilePrivilege	5512	WMIC.exe
Token: SeSystemtimePrivilege	5512	WMIC.exe
Token: SeProfSingleProcessPrivilege	5512	WMIC.exe
Token: SeIncBasePriorityPrivilege	5512	WMIC.exe
Token: SeCreatePagefilePrivilege	5512	WMIC.exe
Token: SeBackupPrivilege	5512	WMIC.exe
Token: SeRestorePrivilege	5512	WMIC.exe
Token: SeShutdownPrivilege	5512	WMIC.exe
Token: SeDebugPrivilege	5512	WMIC.exe
Token: SeSystemEnvironmentPrivilege	5512	WMIC.exe
Token: SeRemoteShutdownPrivilege	5512	WMIC.exe
Token: SeUndockPrivilege	5512	WMIC.exe
Token: SeManageVolumePrivilege	5512	WMIC.exe
Token: 33	5512	WMIC.exe
Token: 34	5512	WMIC.exe
Token: 35	5512	WMIC.exe
Token: 36	5512	WMIC.exe
Token: SeIncreaseQuotaPrivilege	5512	WMIC.exe
Token: SeSecurityPrivilege	5512	WMIC.exe
Token: SeTakeOwnershipPrivilege	5512	WMIC.exe
Token: SeLoadDriverPrivilege	5512	WMIC.exe
Token: SeSystemProfilePrivilege	5512	WMIC.exe
Token: SeSystemtimePrivilege	5512	WMIC.exe
Token: SeProfSingleProcessPrivilege	5512	WMIC.exe
Token: SeIncBasePriorityPrivilege	5512	WMIC.exe
Token: SeCreatePagefilePrivilege	5512	WMIC.exe
Token: SeBackupPrivilege	5512	WMIC.exe
Token: SeRestorePrivilege	5512	WMIC.exe
Token: SeShutdownPrivilege	5512	WMIC.exe
Token: SeDebugPrivilege	5512	WMIC.exe
Token: SeSystemEnvironmentPrivilege	5512	WMIC.exe
Token: SeRemoteShutdownPrivilege	5512	WMIC.exe
Token: SeUndockPrivilege	5512	WMIC.exe
Token: SeManageVolumePrivilege	5512	WMIC.exe
Token: 33	5512	WMIC.exe
Token: 34	5512	WMIC.exe
Token: 35	5512	WMIC.exe
Token: 36	5512	WMIC.exe
Token: SeShutdownPrivilege	2128	000.exe
Token: SeCreatePagefilePrivilege	2128	000.exe
Token: SeIncreaseQuotaPrivilege	5672	WMIC.exe
Token: SeSecurityPrivilege	5672	WMIC.exe
Token: SeTakeOwnershipPrivilege	5672	WMIC.exe
Token: SeLoadDriverPrivilege	5672	WMIC.exe
Token: SeSystemProfilePrivilege	5672	WMIC.exe
Token: SeSystemtimePrivilege	5672	WMIC.exe
Token: SeProfSingleProcessPrivilege	5672	WMIC.exe
Token: SeIncBasePriorityPrivilege	5672	WMIC.exe
Token: SeCreatePagefilePrivilege	5672	WMIC.exe
Token: SeBackupPrivilege	5672	WMIC.exe
Token: SeRestorePrivilege	5672	WMIC.exe
Token: SeShutdownPrivilege	5672	WMIC.exe
Token: SeDebugPrivilege	5672	WMIC.exe
Token: SeSystemEnvironmentPrivilege	5672	WMIC.exe
Token: SeRemoteShutdownPrivilege	5672	WMIC.exe
Token: SeUndockPrivilege	5672	WMIC.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe
4064	msedge.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2128	000.exe
2128	000.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4064 wrote to memory of 3080	4064	msedge.exe	84
PID 4064 wrote to memory of 3080	4064	msedge.exe	84
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 3372	4064	msedge.exe	85
PID 4064 wrote to memory of 2580	4064	msedge.exe	86
PID 4064 wrote to memory of 2580	4064	msedge.exe	86
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87
PID 4064 wrote to memory of 636	4064	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7fff6c0f46f8,0x7fff6c0f4708,0x7fff6c0f4718
  2⤵
  PID:3080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2276 /prefetch:2
  2⤵
  PID:3372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2816 /prefetch:8
  2⤵
  PID:636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
  2⤵
  PID:1492
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5532 /prefetch:8
  2⤵
  PID:1668
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5532 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
  2⤵
  PID:940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
  2⤵
  PID:3448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
  2⤵
  PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4764 /prefetch:8
  2⤵
  PID:1176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
  2⤵
  PID:1680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6268 /prefetch:8
  2⤵
  PID:472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2268,13849842372644944847,77264608736844003,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5528 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3840
- C:\Users\Admin\Downloads\000.exe
  "C:\Users\Admin\Downloads\000.exe"
  2⤵
  - Executes dropped EXE
  - Enumerates connected drives
  - Modifies WinLogon
  - Sets desktop wallpaper using registry
  - System Location Discovery: System Language Discovery
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of SetWindowsHookEx
  PID:2128
- - C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\windl.bat""
    3⤵
    - System Location Discovery: System Language Discovery
    PID:5144
  - - C:\Windows\SysWOW64\taskkill.exe
      taskkill /f /im explorer.exe
      4⤵
      System Location Discovery: System Language Discovery
      Kills process with taskkill
      Suspicious use of AdjustPrivilegeToken
      PID:5208
  - - C:\Windows\SysWOW64\taskkill.exe
      taskkill /f /im taskmgr.exe
      4⤵
      System Location Discovery: System Language Discovery
      Kills process with taskkill
      Suspicious use of AdjustPrivilegeToken
      PID:5288
  - - C:\Windows\SysWOW64\Wbem\WMIC.exe
      wmic useraccount where name='Admin' set FullName='UR NEXT'
      4⤵
      System Location Discovery: System Language Discovery
      Suspicious use of AdjustPrivilegeToken
      PID:5512
  - - C:\Windows\SysWOW64\Wbem\WMIC.exe
      wmic useraccount where name='Admin' rename 'UR NEXT'
      4⤵
      System Location Discovery: System Language Discovery
      Suspicious use of AdjustPrivilegeToken
      PID:5672
  - - C:\Windows\SysWOW64\shutdown.exe
      shutdown /f /r /t 0
      4⤵
      PID:6088

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3400

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4352

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3969055 /state1:0x41c64e6d
1⤵
PID:6100

Network

DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: GitHub.com
date: Mon, 19 Aug 2024 02:22:35 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"4da0e02eb4a9e30a2cf0a8d9f6a35de7"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
set-cookie: _gh_sess=HF9v3MK9bW57a%2BZW6toaTpRXKrs2Nb7bnvX%2F%2FjYz%2F6J7AW%2Fotu3dFkdEYoAkqxutveS1qwJGttRvXjzuTJGaUExRaoPUDQ6SV1GFOMpmpiVe8%2FSUEdPgpu0MhvHJobRrLocC5a%2F%2BnCCTdjybsTPN6Li%2F66OA5dqT6b9UEK7JUc71Q%2BN4qn9Ug48Qx1SPO5wHCQGbrB8bPgoNl8iJnGozMSygWy45BPfIV3up7kek0%2B0mpjw3NFBGLoT3fQ3eXKfhC5af5b5BZVA0gybkscgJpg%3D%3D--v5wXf6SJ0yBOr4RA--xh8j1Xn1OkAVq5zaQKA2kw%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.1582405412.1724034154; Path=/; Domain=github.com; Expires=Tue, 19 Aug 2025 02:22:34 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Tue, 19 Aug 2025 02:22:34 GMT; HttpOnly; Secure; SameSite=Lax
accept-ranges: bytes
x-github-request-id: D6DC:370F05:7F23BF:93953C:66C2AC6A
GET

https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/security/overall-count HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=HF9v3MK9bW57a%2BZW6toaTpRXKrs2Nb7bnvX%2F%2FjYz%2F6J7AW%2Fotu3dFkdEYoAkqxutveS1qwJGttRvXjzuTJGaUExRaoPUDQ6SV1GFOMpmpiVe8%2FSUEdPgpu0MhvHJobRrLocC5a%2F%2BnCCTdjybsTPN6Li%2F66OA5dqT6b9UEK7JUc71Q%2BN4qn9Ug48Qx1SPO5wHCQGbrB8bPgoNl8iJnGozMSygWy45BPfIV3up7kek0%2B0mpjw3NFBGLoT3fQ3eXKfhC5af5b5BZVA0gybkscgJpg%3D%3D--v5wXf6SJ0yBOr4RA--xh8j1Xn1OkAVq5zaQKA2kw%3D%3D
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no

Response

HTTP/2.0 200

server: GitHub.com
date: Mon, 19 Aug 2024 02:22:36 GMT
content-type: text/fragment+html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: D6DC:370F05:7F2430:9395C4:66C2AC6B
GET

https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=HF9v3MK9bW57a%2BZW6toaTpRXKrs2Nb7bnvX%2F%2FjYz%2F6J7AW%2Fotu3dFkdEYoAkqxutveS1qwJGttRvXjzuTJGaUExRaoPUDQ6SV1GFOMpmpiVe8%2FSUEdPgpu0MhvHJobRrLocC5a%2F%2BnCCTdjybsTPN6Li%2F66OA5dqT6b9UEK7JUc71Q%2BN4qn9Ug48Qx1SPO5wHCQGbrB8bPgoNl8iJnGozMSygWy45BPfIV3up7kek0%2B0mpjw3NFBGLoT3fQ3eXKfhC5af5b5BZVA0gybkscgJpg%3D%3D--v5wXf6SJ0yBOr4RA--xh8j1Xn1OkAVq5zaQKA2kw%3D%3D
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Mon, 19 Aug 2024 02:22:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 79
x-github-request-id: D6DC:370F05:7F247F:939620:66C2AC6C
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/000.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/000.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=HF9v3MK9bW57a%2BZW6toaTpRXKrs2Nb7bnvX%2F%2FjYz%2F6J7AW%2Fotu3dFkdEYoAkqxutveS1qwJGttRvXjzuTJGaUExRaoPUDQ6SV1GFOMpmpiVe8%2FSUEdPgpu0MhvHJobRrLocC5a%2F%2BnCCTdjybsTPN6Li%2F66OA5dqT6b9UEK7JUc71Q%2BN4qn9Ug48Qx1SPO5wHCQGbrB8bPgoNl8iJnGozMSygWy45BPfIV3up7kek0%2B0mpjw3NFBGLoT3fQ3eXKfhC5af5b5BZVA0gybkscgJpg%3D%3D--v5wXf6SJ0yBOr4RA--xh8j1Xn1OkAVq5zaQKA2kw%3D%3D
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Mon, 19 Aug 2024 02:22:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: D6DC:370F05:7F247F:939622:66C2AC6D
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/000.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/000.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=HF9v3MK9bW57a%2BZW6toaTpRXKrs2Nb7bnvX%2F%2FjYz%2F6J7AW%2Fotu3dFkdEYoAkqxutveS1qwJGttRvXjzuTJGaUExRaoPUDQ6SV1GFOMpmpiVe8%2FSUEdPgpu0MhvHJobRrLocC5a%2F%2BnCCTdjybsTPN6Li%2F66OA5dqT6b9UEK7JUc71Q%2BN4qn9Ug48Qx1SPO5wHCQGbrB8bPgoNl8iJnGozMSygWy45BPfIV3up7kek0%2B0mpjw3NFBGLoT3fQ3eXKfhC5af5b5BZVA0gybkscgJpg%3D%3D--v5wXf6SJ0yBOr4RA--xh8j1Xn1OkAVq5zaQKA2kw%3D%3D
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Mon, 19 Aug 2024 02:22:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"f47e091871151af30afb8d366303ce47"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 439
x-github-request-id: D6DC:370F05:7F247F:939621:66C2AC6D
GET

https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=HF9v3MK9bW57a%2BZW6toaTpRXKrs2Nb7bnvX%2F%2FjYz%2F6J7AW%2Fotu3dFkdEYoAkqxutveS1qwJGttRvXjzuTJGaUExRaoPUDQ6SV1GFOMpmpiVe8%2FSUEdPgpu0MhvHJobRrLocC5a%2F%2BnCCTdjybsTPN6Li%2F66OA5dqT6b9UEK7JUc71Q%2BN4qn9Ug48Qx1SPO5wHCQGbrB8bPgoNl8iJnGozMSygWy45BPfIV3up7kek0%2B0mpjw3NFBGLoT3fQ3eXKfhC5af5b5BZVA0gybkscgJpg%3D%3D--v5wXf6SJ0yBOr4RA--xh8j1Xn1OkAVq5zaQKA2kw%3D%3D
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
if-none-match: W/"adc2c0d060742993a54f31416bc951e3"

Response

HTTP/2.0 304

server: GitHub.com
date: Mon, 19 Aug 2024 02:22:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-github-request-id: D6DC:370F05:7F248F:939630:66C2AC6D
GET

https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=HF9v3MK9bW57a%2BZW6toaTpRXKrs2Nb7bnvX%2F%2FjYz%2F6J7AW%2Fotu3dFkdEYoAkqxutveS1qwJGttRvXjzuTJGaUExRaoPUDQ6SV1GFOMpmpiVe8%2FSUEdPgpu0MhvHJobRrLocC5a%2F%2BnCCTdjybsTPN6Li%2F66OA5dqT6b9UEK7JUc71Q%2BN4qn9Ug48Qx1SPO5wHCQGbrB8bPgoNl8iJnGozMSygWy45BPfIV3up7kek0%2B0mpjw3NFBGLoT3fQ3eXKfhC5af5b5BZVA0gybkscgJpg%3D%3D--v5wXf6SJ0yBOr4RA--xh8j1Xn1OkAVq5zaQKA2kw%3D%3D
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC
if-none-match: W/"adc2c0d060742993a54f31416bc951e3"

Response

HTTP/2.0 304

server: GitHub.com
date: Mon, 19 Aug 2024 02:22:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-github-request-id: D6DC:370F05:7F2493:939637:66C2AC6D
GET

https://github.com/manifest.json

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /manifest.json HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: manifest
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=HF9v3MK9bW57a%2BZW6toaTpRXKrs2Nb7bnvX%2F%2FjYz%2F6J7AW%2Fotu3dFkdEYoAkqxutveS1qwJGttRvXjzuTJGaUExRaoPUDQ6SV1GFOMpmpiVe8%2FSUEdPgpu0MhvHJobRrLocC5a%2F%2BnCCTdjybsTPN6Li%2F66OA5dqT6b9UEK7JUc71Q%2BN4qn9Ug48Qx1SPO5wHCQGbrB8bPgoNl8iJnGozMSygWy45BPfIV3up7kek0%2B0mpjw3NFBGLoT3fQ3eXKfhC5af5b5BZVA0gybkscgJpg%3D%3D--v5wXf6SJ0yBOr4RA--xh8j1Xn1OkAVq5zaQKA2kw%3D%3D
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Mon, 19 Aug 2024 02:22:38 GMT
content-type: application/manifest+json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=604800, public
etag: W/"c75e05794d72230a695e880f1a6c83a4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 474
x-github-request-id: D6DC:370F05:7F249E:939649:66C2AC6E
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/master/Trojan/000.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/master/Trojan/000.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=HF9v3MK9bW57a%2BZW6toaTpRXKrs2Nb7bnvX%2F%2FjYz%2F6J7AW%2Fotu3dFkdEYoAkqxutveS1qwJGttRvXjzuTJGaUExRaoPUDQ6SV1GFOMpmpiVe8%2FSUEdPgpu0MhvHJobRrLocC5a%2F%2BnCCTdjybsTPN6Li%2F66OA5dqT6b9UEK7JUc71Q%2BN4qn9Ug48Qx1SPO5wHCQGbrB8bPgoNl8iJnGozMSygWy45BPfIV3up7kek0%2B0mpjw3NFBGLoT3fQ3eXKfhC5af5b5BZVA0gybkscgJpg%3D%3D--v5wXf6SJ0yBOr4RA--xh8j1Xn1OkAVq5zaQKA2kw%3D%3D
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Mon, 19 Aug 2024 02:22:40 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/master/Trojan/000.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: D6DC:370F05:7F2577:939743:66C2AC6E
DNS

217.106.137.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.106.137.52.in-addr.arpa

IN PTR

Response
DNS

215.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

215.156.26.20.in-addr.arpa

IN PTR

Response
DNS

20.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

20.160.190.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

github.githubassets.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.111.154

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.110.154

github.githubassets.com

IN A

185.199.108.154
DNS

avatars.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.111.133

avatars.githubusercontent.com

IN A

185.199.108.133

avatars.githubusercontent.com

IN A

185.199.110.133

avatars.githubusercontent.com

IN A

185.199.109.133
GET

https://github.githubassets.com/assets/light-efd2f2257c96.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/light-efd2f2257c96.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 08 Aug 2024 21:36:12 GMT
etag: 0x8DCB7F21FCA1034
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 555511
x-served-by: cache-iad-kiad7000142-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 35, 14134
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 48350375003fce1e3a1b5a0af8b5520f6a85ff81
content-length: 21610
GET

https://github.githubassets.com/assets/dark-6b1e37da2254.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/dark-6b1e37da2254.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 24 Jun 2024 14:52:43 GMT
etag: 0x8DC945D4D8528F9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 3352709
x-served-by: cache-iad-kcgs7200050-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 6499
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 49f6909453ade6efc31e9da274c761240e4cdcc6
content-length: 583
GET

https://github.githubassets.com/assets/primer-primitives-8500c2c7ce5f.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/primer-primitives-8500c2c7ce5f.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 15 Aug 2024 23:18:36 GMT
etag: 0x8DCBD8096EDFA83
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 205431
x-served-by: cache-iad-kiad7000127-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 78, 4173
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 069391aab0e780a0b217210d0822f75cc484e210
content-length: 38590
GET

https://github.githubassets.com/assets/primer-bbda46ca867f.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/primer-bbda46ca867f.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 20 Jun 2024 15:04:38 GMT
etag: 0x8DC913A4DF23CAF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 2661387
x-served-by: cache-iad-kcgs7200155-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 121, 22844
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f037ac7431154ea38c68a5daaa6546c02061558b
content-length: 6751
GET

https://github.githubassets.com/assets/global-fe6db6dfddd1.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/global-fe6db6dfddd1.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 21 Jun 2024 00:59:32 GMT
etag: 0x8DC918D6979838D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 3517359
x-served-by: cache-iad-kiad7000026-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 42, 18061
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5cc6de429362a400f0fe9d343ca746b36eba1e26
content-length: 476
GET

https://github.githubassets.com/assets/github-cf4e90581e80.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/github-cf4e90581e80.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 01 Aug 2024 23:26:57 GMT
etag: 0x8DCB2816FEAB4CD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 963937
x-served-by: cache-iad-kjyo7100146-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 71, 22944
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ae47202eb0905c5ab395d7e0f57ce11375fd6e94
content-length: 38563
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu.572fff1cb5c3caef1ac9.module.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/notifications-subscriptions-menu.572fff1cb5c3caef1ac9.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 20 Jun 2024 15:04:39 GMT
etag: 0x8DC913A4EE7222B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 1858377
x-served-by: cache-iad-kjyo7100087-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 92, 22716
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6a807435ae01434aa06c68a47c7a0d1793f2dba0
content-length: 6777
GET

https://github.githubassets.com/assets/react-code-view.234ae39ff1fa1232236c.module.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/react-code-view.234ae39ff1fa1232236c.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 20 Jun 2024 15:04:40 GMT
etag: 0x8DC913A4F6C3759
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 4184793
x-served-by: cache-iad-kiad7000133-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 100, 22973
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c866e5e62a17de18dc60d434e96d5e17591c9281
content-length: 1554
GET

https://github.githubassets.com/assets/code-34406d39e629.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/code-34406d39e629.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 05 Aug 2024 16:06:17 GMT
etag: 0x8DCB56889BF04A0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 1157303
x-served-by: cache-iad-kcgs7200041-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 16672
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8f0041ae0413a31c286ae20f029fa1efe1b5b8a0
content-length: 5605
GET

https://github.githubassets.com/assets/repository-992e95451f25.css

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/repository-992e95451f25.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 02 Aug 2024 19:20:41 GMT
etag: 0x8DCB32832D35CCA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 1157307
x-served-by: cache-iad-kcgs7200168-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 18, 20657
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7cd26d314f637680034ddd5ef22a72dff666d258
content-length: 5040
GET

https://github.githubassets.com/assets/wp-runtime-c8b1adfad968.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/wp-runtime-c8b1adfad968.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 16 Aug 2024 23:10:21 GMT
etag: 0x8DCBE4899FC1578
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 168333
x-served-by: cache-iad-kiad7000178-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 60, 227
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5438802c1e4e3690a7610f10fa5ba969a432a3a2
content-length: 14075
GET

https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-89a69c248502.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_dompurify_dist_purify_js-89a69c248502.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9F23A95
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:35 GMT
age: 2174618
x-served-by: cache-iad-kjyo7100027-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 23739
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 79e23c43a524f3f72fa1b7e61b4e4e3b80addb86
content-length: 7912
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9F1513E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174619
x-served-by: cache-iad-kcgs7200102-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 23642
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 12196760a59e50fc9939318d97ad2bd2e73d0708
content-length: 4939
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_smoothscroll-polyfill_di-75db2e-686488490524.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_smoothscroll-polyfill_di-75db2e-686488490524.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA15C92E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1650337
x-served-by: cache-iad-kiad7000050-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 84, 23918
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 387bf1f83f61e57324afa013a9346ba910dedaba
content-length: 3320
GET

https://github.githubassets.com/assets/environment-cd098098ff2e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/environment-cd098098ff2e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 20:42:25 GMT
etag: 0x8DCBB0F4621C4B2
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 298784
x-served-by: cache-iad-kcgs7200023-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 7185
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1874c191b7afb2db8758bea3ffbe9c6fc4dde676
content-length: 6574
GET

https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 31 Jul 2024 16:17:44 GMT
etag: 0x8DCB17C4F94A6D1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1585594
x-served-by: cache-iad-kcgs7200173-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 52, 24192
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 573a5d16833b070b67373d00a62e68aa2f53f859
content-length: 4754
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-c9086a4fb62b.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-c9086a4fb62b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA2435F4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174619
x-served-by: cache-iad-kjyo7100033-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 23490
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ac7bf257032a9f429f5f32d4a42ffee2cefd0986
content-length: 3070
GET

https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f9b958f5f2df.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_relative-time-element_dist_index_js-f9b958f5f2df.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:36 GMT
etag: 0x8DCB587514BBE51
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064310
x-served-by: cache-iad-kjyo7100173-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 24740
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ec6be9602661e799c88090b9c0fba37feeb2fb08
content-length: 5255
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_fzy_js_index-05960a-797b1227c4b8.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_fzy_js_index-05960a-797b1227c4b8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA2435F4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174618
x-served-by: cache-iad-kiad7000168-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 23516
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 95e963505dbcdc1e5c2366b3c3d95d66e926f8a1
content-length: 3284
GET

https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_details-d-ed9a97-841122a1e9d4.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_details-d-ed9a97-841122a1e9d4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 18:51:29 GMT
etag: 0x8DCB648C82ABBBA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1045430
x-served-by: cache-iad-kjyo7100030-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 76, 24460
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 409116cdd6265db4b40d6c1c79439c33e5724b16
content-length: 5015
GET

https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-cd48220d74d5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_text-expander-element_dist_index_js-cd48220d74d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA245CD8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1521330
x-served-by: cache-iad-kiad7000129-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 23624
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 974a10858dcb4ae3dbdd2667f5fc92b7636bdfb2
content-length: 4301
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-3efda3-701acb69193f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-3efda3-701acb69193f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 07:38:23 GMT
etag: 0x8DCB6B3EAF9522C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1014456
x-served-by: cache-iad-kiad7000069-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 24216
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 02d55581ec57f97c91fdf42331cff7bf458abdfe
content-length: 7283
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-2e8678-34feeec9c894.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-2e8678-34feeec9c894.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 20:42:24 GMT
etag: 0x8DCBB0F4594EFF2
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 298784
x-served-by: cache-iad-kcgs7200083-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 7209
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8f6085a55dd134e76ee3160c9bb03d210054fec1
content-length: 4932
GET

https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_clipboard-copy-element_-782ca5-54763cd55b96.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_clipboard-copy-element_-782ca5-54763cd55b96.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9EF7E8A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174618
x-served-by: cache-iad-kiad7000146-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 23598
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 43afea3ebcfb2629f040c3ce14b1b89e386e052b
content-length: 3000
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-3959a9-5779869d7165.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-3959a9-5779869d7165.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 17:14:38 GMT
etag: 0x8DCB7046B3F5B20
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 963937
x-served-by: cache-iad-kiad7000038-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 70, 22951
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 094d57ea3b2a660f74ff3789969197aa8ec5c51c
content-length: 21433
GET

https://github.githubassets.com/assets/app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-9d50d6f10c3d.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-9d50d6f10c3d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F4CB0D8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kcgs7200163-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 24749
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 859722cdb24523eeb0b48d179db4ea9431f42b77
content-length: 3595
GET

https://github.githubassets.com/assets/github-elements-074e91131d8f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/github-elements-074e91131d8f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 20:42:18 GMT
etag: 0x8DCBB0F41FBAFC1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 298785
x-served-by: cache-iad-kiad7000111-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 7214
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bb71faa80482e784d0db794c5b78958c5ce402bb
content-length: 11062
GET

https://github.githubassets.com/assets/element-registry-696ae17bfa1e.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/element-registry-696ae17bfa1e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 16 Aug 2024 18:09:37 GMT
etag: 0x8DCBE1E96FE33EC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 168334
x-served-by: cache-iad-kcgs7200033-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 61, 230
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dd77d710e22e86a19c4165d07b3951f2c2c90c89
content-length: 7899
GET

https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-7901e7-dc88587c14ed.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-7901e7-dc88587c14ed.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 18:51:29 GMT
etag: 0x8DCB648C80E530C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1045430
x-served-by: cache-iad-kjyo7100038-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 76, 24740
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e52a77f1c508408789e4475211960efcf12c26ad
content-length: 5415
GET

https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_stack-68835d-a18220f1db8d.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_stack-68835d-a18220f1db8d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9B32E84
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2147124
x-served-by: cache-iad-kjyo7100048-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 23878
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 32a7404ffb79b7c7d9b10349ee08d26168350859
content-length: 6921
GET

https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA245CD8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174618
x-served-by: cache-iad-kiad7000173-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 23668
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 88382ed3173fb3ba2321e1f16e9b156a3a644d08
content-length: 3911
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA1D5FD6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174619
x-served-by: cache-iad-kjyo7100087-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 23710
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 43dac35ee52d61d1feb33cf9bc5b5c80a2dc460e
content-length: 2385
GET

https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA2E15EB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1678574
x-served-by: cache-iad-kjyo7100041-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 24490
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bf2742d21bd5a5bc0d45c9da9ed85bbeff379a71
content-length: 18641
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA1E2257
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174619
x-served-by: cache-iad-kcgs7200153-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 23694
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: aa8b18f1bb1a6ca3acef70ddfed48c834c453a5b
content-length: 3816
GET

https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_hotkey-1a1d91-fa9f29a8514b.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_hotkey-1a1d91-fa9f29a8514b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:54 GMT
etag: 0x8DCAB55CAE50665
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1777054
x-served-by: cache-iad-kcgs7200053-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 23788
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4e08b2ebf1443d97737f3c1fc0c4c5159cfa9ae7
content-length: 4582
GET

https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9E02677
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174619
x-served-by: cache-iad-kjyo7100169-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 23839
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ebeb21f842d24793d97fe86616859b9b9a4fc0ab
content-length: 4852
GET

https://github.githubassets.com/assets/vendors-node_modules_github_session-resume_dist_index_js-node_modules_primer_behaviors_dist_e-ac74c6-5e03381c44b5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_session-resume_dist_index_js-node_modules_primer_behaviors_dist_e-ac74c6-5e03381c44b5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 20:42:25 GMT
etag: 0x8DCBB0F4602044F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 298784
x-served-by: cache-iad-kcgs7200141-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 7192
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b5adfc36cd4f1658a7eca36afaf8709705870e9c
content-length: 3567
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-53b423ede32a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-53b423ede32a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA6B9D0E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174619
x-served-by: cache-iad-kcgs7200046-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 23743
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0e3c0e28e220803a458f37b3d945638c838d8b18
content-length: 3001
GET

https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_textarea-autosi-9e0349-ab4976fc78a6.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_textarea-autosi-9e0349-ab4976fc78a6.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA265673
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2037484
x-served-by: cache-iad-kcgs7200156-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 24077
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c1e8bb8d64de82e25e1ca64a6c7c036213f4951b
content-length: 9804
GET

https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-e15463ecf7e6.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_updatable-content_updatable-content_ts-e15463ecf7e6.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:42 GMT
etag: 0x8DCB58754D2266A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kjyo7100077-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 25157
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2453efcb5425c5bc8f78650cf6eea68c41103304
content-length: 7745
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-f0e1d31bff9a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-f0e1d31bff9a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 16 Aug 2024 14:10:22 GMT
etag: 0x8DCBDFD2ACDA645
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 205432
x-served-by: cache-iad-kcgs7200163-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 78, 4335
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e720e126b971e6c2515a4d5a65b9f87eeec3afcd
content-length: 58567
GET

https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F6AEC62
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kjyo7100078-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 24805
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 36d601a3a21491a9eda73ccfc470153370e3aeb0
content-length: 3364
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-467754-8b1a4442f9b3.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-467754-8b1a4442f9b3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9E07445
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1761746
x-served-by: cache-iad-kiad7000133-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 1653, 23733
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 98031d667c599ed6f1aaf0fa306d90d61c68db2e
content-length: 4125
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-4accd4baf37d.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-4accd4baf37d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F49A6FE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kcgs7200149-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 24938
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 78d9f5a94ab8bfda49cd97bd2e5d6b1f3da49b07
content-length: 5032
GET

https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-6deafe-fc95155e233a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-6deafe-fc95155e233a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F49A6FE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kcgs7200065-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 24983
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6c625eee060314ada03a3b180269f7f84de1f445
content-length: 2401
GET

https://github.githubassets.com/assets/behaviors-3b4c83250375.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/behaviors-3b4c83250375.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F4A4292
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kcgs7200022-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 24825
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e973bf20d566f4876ef4d208502f3e54ce4adc98
content-length: 3079
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:39 GMT
etag: 0x8DCB58752FDC79F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kiad7000035-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 24845
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3f8cb4503954ec6e0e03cd72ae26e26e2c283fd3
content-length: 3088
GET

https://github.githubassets.com/assets/notifications-global-3ddac678adaf.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/notifications-global-3ddac678adaf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F4CFEA0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kjyo7100054-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 24968
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 828325d93b2d5c32f63a1e227bd7f24d95e2f063
content-length: 5693
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-e73b311a14f1.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-e73b311a14f1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA1E2257
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174619
x-served-by: cache-iad-kiad7000080-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 40, 15227
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5e6908e6e6e5802d36965f8f2e0746acae14df05
content-length: 2607
GET

https://github.githubassets.com/assets/app_assets_modules_github_repositories_get-repo-element_ts-4fc152f40452.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/app_assets_modules_github_repositories_get-repo-element_ts-4fc152f40452.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:33 GMT
etag: 0x8DCB5874F4AB741
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kcgs7200159-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 84, 17645
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d8f2ee614cd913ad7eec623a7f0b2b171d178f57
content-length: 3272
GET

https://github.githubassets.com/assets/code-menu-a8d08997ac4f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/code-menu-a8d08997ac4f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB5875099B15B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kcgs7200030-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 85, 18027
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2c71a7136a3529edb0e6ba4c0bcc7333807e8032
content-length: 238
GET

https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/react-lib-7b7b5264f6c1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:50 GMT
etag: 0x8DCAB55C856ACEA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174619
x-served-by: cache-iad-kjyo7100029-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 26309
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4288543e2cf216edaf0bdfab4c435da9cea0a760
content-length: 54857
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 02 Aug 2024 22:13:06 GMT
etag: 0x8DCB34048D4C780
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 981517
x-served-by: cache-iad-kcgs7200055-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 25851
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7d941adf6605207a04ce2f865fb22b4bdfed74c3
content-length: 140777
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:54 GMT
etag: 0x8DCAB55CAB9BA4E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1771849
x-served-by: cache-iad-kjyo7100061-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 24916
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 64d9bd7b0dae339c2f4ae1da0c4a19b08b021944
content-length: 4777
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 20:29:19 GMT
etag: 0x8DCB65673021528
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 981516
x-served-by: cache-iad-kcgs7200073-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 23991
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2c646616642c19f23c6da1527d9b74ce2bdbcecc
content-length: 4499
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 30 Jul 2024 14:28:35 GMT
etag: 0x8DCB0A3E5A62F1C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 981516
x-served-by: cache-iad-kiad7000160-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 24103
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0fc14d91df6d96938717c5186a717fdd3b174f82
content-length: 4950
GET

https://github.githubassets.com/assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9B32E84
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174619
x-served-by: cache-iad-kiad7000030-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 24938
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5400bcfed35d2083de2846add59e35081e62f417
content-length: 7009
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-f646728c385c.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-f646728c385c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 13 Aug 2024 15:42:40 GMT
etag: 0x8DCBBAE9084D01F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 288577
x-served-by: cache-iad-kcgs7200121-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 27, 7150
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fc266da2889646f371e117e0b69cbd5ac0284194
content-length: 8542
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA172CCD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1650339
x-served-by: cache-iad-kiad7000058-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 78, 19975
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3168ee5008e08881048d669e2a6eaa16e1654c10
content-length: 3763
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Text_Text_js-node_modules_primer_react_lib-esm_Text-7845da-adcc76ee8848.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Text_Text_js-node_modules_primer_react_lib-esm_Text-7845da-adcc76ee8848.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 13 Aug 2024 15:42:41 GMT
etag: 0x8DCBBAE91253D6E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 288577
x-served-by: cache-iad-kcgs7200082-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 25, 5524
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dcaa5bb876fc2d195c227c89443da4bf26ed9dbd
content-length: 4414
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_FormControl_FormControl_js-1f51ab2bdcca.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_FormControl_FormControl_js-1f51ab2bdcca.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 16:47:13 GMT
etag: 0x8DCB7C9C13EEA03
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 288577
x-served-by: cache-iad-kcgs7200175-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 25, 5497
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bc46544718f445a7c44306815e28c7e790bf5e11
content-length: 10693
GET

https://github.githubassets.com/assets/vendors-node_modules_react-router-dom_dist_index_js-c5568c29d405.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_react-router-dom_dist_index_js-c5568c29d405.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:54 GMT
etag: 0x8DCAB55CAE5A1FC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 2174618
x-served-by: cache-iad-kiad7000156-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 14993
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8faff9007c84dfb83cdb267564be457b086403cf
content-length: 3475
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ConfirmationDialog_ConfirmationDialog_js-099e8bfead83.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ConfirmationDialog_ConfirmationDialog_js-099e8bfead83.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 02:43:54 GMT
etag: 0x8DCAD1CCA43FDD0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1650338
x-served-by: cache-iad-kjyo7100091-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 48, 7129
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 302f8de90ad6f845a6bcf47ebdb1e7468862e93c
content-length: 4904
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Heading_Heading_js-node_modules_primer_react_lib-es-96435f-69dda7b301fe.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Heading_Heading_js-node_modules_primer_react_lib-es-96435f-69dda7b301fe.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 16:47:13 GMT
etag: 0x8DCB7C9C13E2790
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 288578
x-served-by: cache-iad-kcgs7200050-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 1954
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 868d3b0d488a5e86a8cd4de9626b6c1d1c369a8c
content-length: 6286
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TreeView_TreeView_js-163f241772cf.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_TreeView_TreeView_js-163f241772cf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 31 Jul 2024 19:26:39 GMT
etag: 0x8DCB196B3463A39
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 288578
x-served-by: cache-iad-kjyo7100081-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 50, 1802
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b34fb4198e9c383927272b08d8cdb4d6bc896d5e
content-length: 6466
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_primer_react-4d507b-85f1dac4ce7d.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_primer_react-4d507b-85f1dac4ce7d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 12 Aug 2024 20:42:25 GMT
etag: 0x8DCBB0F46240C17
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 298781
x-served-by: cache-iad-kcgs7200075-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 4667
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0ac083bf7b38e9035df20c661c8cbc74c2be454e
content-length: 6758
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_AvatarStack_AvatarStack_js-node_modules_primer_reac-cd52f5-34ef2ba7726b.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_AvatarStack_AvatarStack_js-node_modules_primer_reac-cd52f5-34ef2ba7726b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 23:53:05 GMT
etag: 0x8DCBD8568181DFD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 202011
x-served-by: cache-iad-kiad7000114-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 42, 2639
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e36cf5d7614d97c86a7a462f43e339b2bbe64f5b
content-length: 5607
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_scroll-into-view_js-node_modules_primer_react_-3602e6-08dffc43caa6.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_scroll-into-view_js-node_modules_primer_react_-3602e6-08dffc43caa6.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 23:53:05 GMT
etag: 0x8DCBD8567DB595B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 202004
x-served-by: cache-iad-kjyo7100070-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 32, 1022
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a64b9e6dcd5e505b2ee58da2bfdc52078120313a
content-length: 8108
GET

https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:42 GMT
etag: 0x8DCB58754CF6A56
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064311
x-served-by: cache-iad-kcgs7200158-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 26297
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8d494b78a4b291dbc13e70fb5121d7c456e1b9a7
content-length: 4229
GET

https://github.githubassets.com/assets/ui_packages_react-core_register-app_ts-d92f692cd90a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_react-core_register-app_ts-d92f692cd90a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 16:51:51 GMT
etag: 0x8DCB63811FB8BAC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 1064312
x-served-by: cache-iad-kcgs7200069-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 12, 7912
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0b8726e52e067d4ec8898f5d6811ede2c7616eeb
content-length: 7462
GET

https://github.githubassets.com/assets/ui_packages_paths_index_ts-9eb3412d85a7.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_paths_index_ts-9eb3412d85a7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 18:49:09 GMT
etag: 0x8DCB7119F758818
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 298781
x-served-by: cache-iad-kcgs7200142-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 4659
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 20f00970c8fca4eb45b1dabd391d768b4ec2c9a0
content-length: 6196
GET

https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-7b0796d1324c.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_ref-selector_RefSelector_tsx-7b0796d1324c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 13 Aug 2024 11:07:25 GMT
etag: 0x8DCBB881CFBD575
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:36 GMT
age: 472061
x-served-by: cache-iad-kiad7000055-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 2, 11428
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5ced1450a92a1da5ac3bacd17a7a6fae2d7d9881
content-length: 4871
GET

https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-f45efb-a5bb4a693481.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-f45efb-a5bb4a693481.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB587506CB977
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 1064311
x-served-by: cache-iad-kiad7000124-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 22946
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f52342b0b8a30b77c8c55bc7605387686bf21565
content-length: 2950
GET

https://github.githubassets.com/assets/ui_packages_copy-to-clipboard_index_ts-ui_packages_react-core_use-feature-flag_ts-ui_packages-9fa6b6-6e8c63eb2d15.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_copy-to-clipboard_index_ts-ui_packages_react-core_use-feature-flag_ts-ui_packages-9fa6b6-6e8c63eb2d15.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB587506DC9BB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 1064311
x-served-by: cache-iad-kjyo7100167-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 22953
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e37a6e59c5dd11636c73c253480e08b2cf2a98a2
content-length: 3184
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-9a3d65-c2af6875bd6f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-9a3d65-c2af6875bd6f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 21:39:04 GMT
etag: 0x8DCB66031D4ABE1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 1045431
x-served-by: cache-iad-kcgs7200071-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 74, 21829
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7fcd9301b852323a2318e21d307d2ce73e0519e5
content-length: 9899
GET

https://github.githubassets.com/assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-ec5225-9dd7225109c4.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-ec5225-9dd7225109c4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB5875084BA53
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 1064311
x-served-by: cache-iad-kcgs7200147-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 23017
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8649e58fd51c40e25bd47241c6847b1a06c8df9c
content-length: 2790
GET

https://github.githubassets.com/assets/react-code-view-299b1fa0c14c.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/react-code-view-299b1fa0c14c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 19:40:19 GMT
etag: 0x8DCB8AB19CDED40
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 298773
x-served-by: cache-iad-kiad7000083-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 7, 2005
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2b5201fe09be3dc9b2cf5bb34c3709200fdec68d
content-length: 7445
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_FilteredActionList_FilteredActionList_js-5a52bf212e2b.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_FilteredActionList_FilteredActionList_js-5a52bf212e2b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 13 Aug 2024 15:42:41 GMT
etag: 0x8DCBBAE90FF6972
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 288577
x-served-by: cache-iad-kcgs7200165-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 27, 6576
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b6d7ff0a68eccced5c04704630ff3d443c931692
content-length: 12888
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_js-node_modules_primer_react_lib-esm_Feature-cdf735-892e8f58058f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Dialog_js-node_modules_primer_react_lib-esm_Feature-cdf735-892e8f58058f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:41 GMT
etag: 0x8DCB5875408B427
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 1064189
x-served-by: cache-iad-kjyo7100128-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 20119
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fe969a2fbfb5fe6019f40c7fd98f622e8a62f768
content-length: 4078
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu-be1efa498152.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/notifications-subscriptions-menu-be1efa498152.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:53 GMT
etag: 0x8DCAB55CA240F10
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 1973058
x-served-by: cache-iad-kcgs7200022-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 20190
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: aa0afaf7cbda52b94c3e59210e5c10268c2d1fb4
content-length: 5219
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_Dialog_js-node_modules_primer_react_lib-esm_-bd7638-683c833a31df.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Dialog_Dialog_js-node_modules_primer_react_lib-esm_-bd7638-683c833a31df.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 16 Aug 2024 14:05:20 GMT
etag: 0x8DCBDFC76D3579A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 215925
x-served-by: cache-iad-kjyo7100062-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 9, 4815
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8cee6b2979d08c3237e61773017255b50d34b219
content-length: 10082
GET

https://github.githubassets.com/assets/keyboard-shortcuts-dialog-15a4cf222dbb.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/keyboard-shortcuts-dialog-15a4cf222dbb.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 14 Aug 2024 02:25:23 GMT
etag: 0x8DCBC085A33A46C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 202011
x-served-by: cache-iad-kiad7000081-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 53, 3349
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f1c41d729a4ccb9770e1f21c288b5da58936b6b7
content-length: 6236
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 14:54:45 GMT
etag: 0x8DCBD3A338CB046
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 298773
x-served-by: cache-iad-kcgs7200124-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 7, 1944
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b147f9250b8022112d5a6b00b6d20f96858a2eff
content-length: 13894
GET

https://github.githubassets.com/assets/sessions-b81e688feb0f.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/sessions-b81e688feb0f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 14 Aug 2024 02:25:29 GMT
etag: 0x8DCBC085D52BD97
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 202011
x-served-by: cache-iad-kjyo7100166-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 70, 3375
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b756e6d30826f473278f99bda3099aea32f84e3d
content-length: 4472
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_memoi-4b0bd5-b63d4c76d546.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_memoi-4b0bd5-b63d4c76d546.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 23:53:05 GMT
etag: 0x8DCBD85683E18EE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 202011
x-served-by: cache-iad-kjyo7100142-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 53, 3357
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4987df035bd148b1aa17377ea6e5e644626c6e40
content-length: 9644
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-72e65e1a9e50.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_primer_experimental_select-panel-element_ts-72e65e1a9e50.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:35 GMT
etag: 0x8DCB587503F7682
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 1064311
x-served-by: cache-iad-kjyo7100172-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 21887
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ae2cba6bf5cb9445f50f66961ad6f81b917b58e0
content-length: 6620
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 16 Aug 2024 21:23:17 GMT
etag: 0x8DCBE39A582B326
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 188459
x-served-by: cache-iad-kjyo7100173-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 3340
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4301761134b90fcc4fc25b2f8ef640aa6016acb3
content-length: 5102
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-04fb8f0-1620a267eab5.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-04fb8f0-1620a267eab5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 18:04:05 GMT
etag: 0x8DCB64229585E43
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 1064311
x-served-by: cache-iad-kcgs7200042-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 23378
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3a5427b421eea69c35ca456277da321f2a85defc
content-length: 5556
GET

https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-3a568db843b2.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_search_custom-scopes-element_ts-3a568db843b2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 16:49:48 GMT
etag: 0x8DCB7CA1D5BA687
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 893555
x-served-by: cache-iad-kjyo7100130-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 102, 18364
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1698c802ce337099a72f857510259a2db2c12f69
content-length: 9292
GET

https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-ui_packages_safe-storage_safe-storage_ts-90c65e701241.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/ui_packages_query-builder-element_query-builder-element_ts-ui_packages_safe-storage_safe-storage_ts-90c65e701241.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 16 Aug 2024 19:20:30 GMT
etag: 0x8DCBE287E7B3F46
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 195356
x-served-by: cache-iad-kjyo7100035-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 35, 998
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a400cd40b82d0baf1801b4e8acda2752cf8e4448
content-length: 68633
GET

https://github.githubassets.com/assets/chunk-app_assets_modules_github_jump-to_ts-0decd35df3b4.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_assets_modules_github_jump-to_ts-0decd35df3b4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 14:54:44 GMT
etag: 0x8DCBD3A336702FB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 298781
x-served-by: cache-iad-kiad7000164-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 4677
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 81f8f10fc16475d89f7b671f2e056dab2682d62f
content-length: 16889
GET

https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_form-utils_form-utils_ts-ui_packa-cd5fe9-2993ae65b9a8.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_form-utils_form-utils_ts-ui_packa-cd5fe9-2993ae65b9a8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:44 GMT
etag: 0x8DCAB55C4C09E55
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 2174619
x-served-by: cache-iad-kcgs7200172-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 3757, 22178
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f259f3ac9a9be8acd837bccc687aa1f6747f6211
content-length: 3734
GET

https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-a30501e51b3a.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-a30501e51b3a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 05 Aug 2024 19:46:34 GMT
etag: 0x8DCB58750224B38
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 1064311
x-served-by: cache-iad-kjyo7100141-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 23093
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c10e0dbd61162a028d7e2d30b27e45eadf9ad1e1
content-length: 543
GET

https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-b8a0d9bc2ed9.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-b8a0d9bc2ed9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 07 Aug 2024 11:58:07 GMT
etag: 0x8DCB6D833BE9C72
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 831352
x-served-by: cache-iad-kiad7000101-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 15, 17654
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c116777931a039114b429ae40ac7e38b55849b8a
content-length: 23705
GET

https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-ui_packages_trusted-types-policies_policy_ts--77a9d9-5febadf19308.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-node_modules_github_mini-throttle_dist_index_js-ui_packages_trusted-types-policies_policy_ts--77a9d9-5febadf19308.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 18:51:24 GMT
etag: 0x8DCB648C553CC3E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 1045431
x-served-by: cache-iad-kcgs7200066-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 72, 21668
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0cc6ca01ebdbf4e5b227c26580590737be540048
content-length: 5941
GET

https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 14 Aug 2024 14:32:26 GMT
etag: 0x8DCBC6DEB51D543
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 298781
x-served-by: cache-iad-kjyo7100036-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 4664
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d58b89cc9634978fc3cb2c38a7849aef8de1624a
content-length: 4850
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:43 GMT
etag: 0x8DCAB55C4A09029
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:37 GMT
age: 2174618
x-served-by: cache-iad-kcgs7200110-IAD, cache-lcy-eglc8600086-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 21534
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b6a435591ae641dff307daedcd8b07042317bf99
content-length: 9412
DNS

github-cloud.s3.amazonaws.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

3.5.20.10

s3-w.us-east-1.amazonaws.com

IN A

52.217.124.137

s3-w.us-east-1.amazonaws.com

IN A

3.5.12.95

s3-w.us-east-1.amazonaws.com

IN A

3.5.28.193

s3-w.us-east-1.amazonaws.com

IN A

54.231.135.81

s3-w.us-east-1.amazonaws.com

IN A

52.217.170.129

s3-w.us-east-1.amazonaws.com

IN A

3.5.20.16

s3-w.us-east-1.amazonaws.com

IN A

52.217.123.177
GET

https://avatars.githubusercontent.com/u/63458929?v=4&size=40

msedge.exe

Remote address:

185.199.111.133:443

Request

GET /u/63458929?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Sat, 02 Aug 2014 03:43:57 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 37E5:AF5B9:462FA1:5772B6:66A9C936
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:38 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600061-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1724034158.243067,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 61cbc29df9f6cfe765c54a28a42dac8be5e650d3
expires: Mon, 19 Aug 2024 02:27:38 GMT
source-age: 1631030
vary: Authorization,Accept-Encoding
content-length: 1505
DNS

user-images.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

user-images.githubusercontent.com

IN A

Response

user-images.githubusercontent.com

IN A

185.199.111.133

user-images.githubusercontent.com

IN A

185.199.108.133

user-images.githubusercontent.com

IN A

185.199.109.133

user-images.githubusercontent.com

IN A

185.199.110.133
DNS

154.111.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.111.199.185.in-addr.arpa

IN PTR

Response

154.111.199.185.in-addr.arpa

IN PTR

cdn-185-199-111-154githubcom
DNS

133.111.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.111.199.185.in-addr.arpa

IN PTR

Response

133.111.199.185.in-addr.arpa

IN PTR

cdn-185-199-111-133githubcom
DNS

collector.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.112.21
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1071
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Mon, 19 Aug 2024 02:22:38 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003843
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: DFBB:39212B:96D5BC:106483C:66C2AC6D
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1037
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Mon, 19 Aug 2024 02:22:38 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.011955
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: DFBB:39212B:96D5BC:106483D:66C2AC6E
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1007
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Mon, 19 Aug 2024 02:22:38 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.001736
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: DFBB:39212B:96D5D5:1064856:66C2AC6E
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1505
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Mon, 19 Aug 2024 02:22:38 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002647
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: DFBB:39212B:96D5FC:106489A:66C2AC6E
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1377
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Mon, 19 Aug 2024 02:22:40 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002633
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: DFBB:39212B:96D7FA:1064BAD:66C2AC6E
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1384
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Mon, 19 Aug 2024 02:22:40 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003642
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: DFBB:39212B:96D805:1064BC9:66C2AC70
DNS

21.112.82.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.112.82.140.in-addr.arpa

IN PTR

Response

21.112.82.140.in-addr.arpa

IN PTR

lb-140-82-112-21-iadgithubcom
GET

https://github.githubassets.com/favicons/favicon.svg

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /favicons/favicon.svg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/png
last-modified: Thu, 19 Oct 2023 22:56:17 GMT
etag: 0x8DBD0F69A3B5496
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:38 GMT
age: 2308368
x-served-by: cache-iad-kiad7000023-IAD, cache-lon4236-LON
x-cache: HIT, HIT
x-cache-hits: 1299, 1773
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2df67bfc1432bac8668ba1edbc79f8c0982f76ba
content-length: 14426
GET

https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /assets/apple-touch-icon-144x144-b882e354c005.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
last-modified: Thu, 19 Oct 2023 22:56:36 GMT
etag: 0x8DBD0F6A5D50EA4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:38 GMT
age: 132
x-served-by: cache-iad-kiad7000081-IAD, cache-lon4236-LON
x-cache: HIT, HIT
x-cache-hits: 3134360, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 36f20936b3843dde647ac54b14ae580ab0bb11bb
content-length: 959
GET

https://github.githubassets.com/favicons/favicon.png

msedge.exe

Remote address:

185.199.111.154:443

Request

GET /favicons/favicon.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
last-modified: Thu, 19 Oct 2023 22:56:36 GMT
etag: 0x8DBD0F6A5D47312
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:38 GMT
age: 103
x-served-by: cache-iad-kiad7000070-IAD, cache-lon4236-LON
x-cache: HIT, HIT
x-cache-hits: 1540542, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e8f86b96ada672829a54bfbc5e806a19428dfeb6
content-length: 958
DNS

api.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 1556
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Mon, 19 Aug 2024 02:22:38 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 48
x-ratelimit-reset: 1724035797
x-ratelimit-used: 12
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: F1EC:338723:AB3E67:B7A53E:66C2AC6E
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 576
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1582405412.1724034154
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Mon, 19 Aug 2024 02:22:45 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 48
x-ratelimit-reset: 1724035797
x-ratelimit-used: 12
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: F1EC:338723:AB405B:B7A74B:66C2AC6E
DNS

210.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.156.26.20.in-addr.arpa

IN PTR

Response
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR

Response
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR
DNS

raw.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.111.133

raw.githubusercontent.com

IN A

185.199.109.133

raw.githubusercontent.com

IN A

185.199.110.133

raw.githubusercontent.com

IN A

185.199.108.133
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/master/Trojan/000.exe

msedge.exe

Remote address:

185.199.111.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/master/Trojan/000.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"8d5d382c5da63f42719200d7a37448d3abac78bae18f993d695524774be6dddc"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: BA0A:3EEE13:252E60:2FA1E1:66C2AC70
accept-ranges: bytes
date: Mon, 19 Aug 2024 02:22:41 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600059-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1724034161.219302,VS0,VE313
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: d421a2e9a910f84b5b438557dee47e6b4a00ffde
expires: Mon, 19 Aug 2024 02:27:41 GMT
source-age: 0
content-length: 6983680
DNS

209.205.72.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.205.72.20.in-addr.arpa

IN PTR

Response
DNS

211.143.182.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

211.143.182.52.in-addr.arpa

IN PTR

Response

20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/raw/master/Trojan/000.exe

tls, http2

msedge.exe

4.9kB
78.2kB
53
72

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/000.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Trojan/000.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Trojan/000.exe

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

HTTP Response

304

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

HTTP Response

304

HTTP Request

GET https://github.com/manifest.json

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/master/Trojan/000.exe

HTTP Response

302
185.199.111.154:443

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

tls, http2

msedge.exe

47.9kB
1.0MB
702
838

HTTP Request

GET https://github.githubassets.com/assets/light-efd2f2257c96.css

HTTP Request

GET https://github.githubassets.com/assets/dark-6b1e37da2254.css

HTTP Request

GET https://github.githubassets.com/assets/primer-primitives-8500c2c7ce5f.css

HTTP Request

GET https://github.githubassets.com/assets/primer-bbda46ca867f.css

HTTP Request

GET https://github.githubassets.com/assets/global-fe6db6dfddd1.css

HTTP Request

GET https://github.githubassets.com/assets/github-cf4e90581e80.css

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu.572fff1cb5c3caef1ac9.module.css

HTTP Request

GET https://github.githubassets.com/assets/react-code-view.234ae39ff1fa1232236c.module.css

HTTP Request

GET https://github.githubassets.com/assets/code-34406d39e629.css

HTTP Request

GET https://github.githubassets.com/assets/repository-992e95451f25.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/wp-runtime-c8b1adfad968.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-89a69c248502.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_smoothscroll-polyfill_di-75db2e-686488490524.js

HTTP Request

GET https://github.githubassets.com/assets/environment-cd098098ff2e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-c9086a4fb62b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f9b958f5f2df.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_fzy_js_index-05960a-797b1227c4b8.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_details-d-ed9a97-841122a1e9d4.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-cd48220d74d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-3efda3-701acb69193f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-2e8678-34feeec9c894.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_clipboard-copy-element_-782ca5-54763cd55b96.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-3959a9-5779869d7165.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-9d50d6f10c3d.js

HTTP Request

GET https://github.githubassets.com/assets/github-elements-074e91131d8f.js

HTTP Request

GET https://github.githubassets.com/assets/element-registry-696ae17bfa1e.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-7901e7-dc88587c14ed.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_stack-68835d-a18220f1db8d.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_hotkey-1a1d91-fa9f29a8514b.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_session-resume_dist_index_js-node_modules_primer_behaviors_dist_e-ac74c6-5e03381c44b5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-53b423ede32a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_textarea-autosi-9e0349-ab4976fc78a6.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-e15463ecf7e6.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-f0e1d31bff9a.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-112600808cf9.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-467754-8b1a4442f9b3.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-4accd4baf37d.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-6deafe-fc95155e233a.js

HTTP Request

GET https://github.githubassets.com/assets/behaviors-3b4c83250375.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-global-3ddac678adaf.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-e73b311a14f1.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_repositories_get-repo-element_ts-4fc152f40452.js

HTTP Request

GET https://github.githubassets.com/assets/code-menu-a8d08997ac4f.js

HTTP Request

GET https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_primer_octicons-react_di-b40d97-06881c63f955.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-55a9038b54f0.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-b0edbfb6a9e5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-4d5019830e3c.js

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_primer_react_node_modules_primer_octico-c56103-e91295e60abd.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-f646728c385c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionMenu_ActionMenu_js-node_modules_primer_react_-5b2420-048f91dcedb3.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Text_Text_js-node_modules_primer_react_lib-esm_Text-7845da-adcc76ee8848.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_FormControl_FormControl_js-1f51ab2bdcca.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_react-router-dom_dist_index_js-c5568c29d405.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ConfirmationDialog_ConfirmationDialog_js-099e8bfead83.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Heading_Heading_js-node_modules_primer_react_lib-es-96435f-69dda7b301fe.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TreeView_TreeView_js-163f241772cf.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_primer_react-4d507b-85f1dac4ce7d.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_AvatarStack_AvatarStack_js-node_modules_primer_reac-cd52f5-34ef2ba7726b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_scroll-into-view_js-node_modules_primer_react_-3602e6-08dffc43caa6.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7a1e99981675.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_react-core_register-app_ts-d92f692cd90a.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_paths_index_ts-9eb3412d85a7.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-7b0796d1324c.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_commit-attribution_index_ts-ui_packages_commit-checks-status_index_ts-ui_packages-f45efb-a5bb4a693481.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_copy-to-clipboard_index_ts-ui_packages_react-core_use-feature-flag_ts-ui_packages-9fa6b6-6e8c63eb2d15.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-9a3d65-c2af6875bd6f.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-ec5225-9dd7225109c4.js

HTTP Request

GET https://github.githubassets.com/assets/react-code-view-299b1fa0c14c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_FilteredActionList_FilteredActionList_js-5a52bf212e2b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_js-node_modules_primer_react_lib-esm_Feature-cdf735-892e8f58058f.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu-be1efa498152.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Dialog_Dialog_js-node_modules_primer_react_lib-esm_-bd7638-683c833a31df.js

HTTP Request

GET https://github.githubassets.com/assets/keyboard-shortcuts-dialog-15a4cf222dbb.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js

HTTP Request

GET https://github.githubassets.com/assets/sessions-b81e688feb0f.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_memoi-4b0bd5-b63d4c76d546.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-72e65e1a9e50.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-04fb8f0-1620a267eab5.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-3a568db843b2.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-ui_packages_safe-storage_safe-storage_ts-90c65e701241.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_assets_modules_github_jump-to_ts-0decd35df3b4.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_form-utils_form-utils_ts-ui_packa-cd5fe9-2993ae65b9a8.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-a30501e51b3a.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-b8a0d9bc2ed9.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-ui_packages_trusted-types-policies_policy_ts--77a9d9-5febadf19308.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

1.1kB
5.3kB
10
9
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

1.1kB
5.3kB
10
9
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

1.1kB
5.3kB
10
9
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

1.1kB
5.3kB
10
9
185.199.111.154:443

github.githubassets.com

tls

msedge.exe

1.1kB
5.3kB
10
9
185.199.111.133:443

https://avatars.githubusercontent.com/u/63458929?v=4&size=40

tls, http2

msedge.exe

1.8kB
7.4kB
14
15

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?v=4&size=40

HTTP Response

200
140.82.112.21:443

collector.github.com

tls

msedge.exe

1.0kB
4.6kB
10
8
140.82.112.21:443

https://collector.github.com/github/collect

tls, http2

msedge.exe

10.5kB
8.7kB
32
30

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204
185.199.111.154:443

https://github.githubassets.com/favicons/favicon.png

tls, http2

msedge.exe

2.4kB
22.2kB
24
26

HTTP Request

GET https://github.githubassets.com/favicons/favicon.svg

HTTP Request

GET https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/favicons/favicon.png

HTTP Response

200
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

4.3kB
6.4kB
18
17

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
185.199.111.133:443

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/master/Trojan/000.exe

tls, http2

msedge.exe

222.6kB
7.2MB
3981
5176

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/master/Trojan/000.exe

HTTP Response

200

8.8.8.8:53

github.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

217.106.137.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

217.106.137.52.in-addr.arpa
8.8.8.8:53

215.156.26.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

215.156.26.20.in-addr.arpa
8.8.8.8:53

20.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

20.160.190.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

github.githubassets.com

dns

msedge.exe

69 B
133 B
1
1

DNS Request

github.githubassets.com

DNS Response

185.199.111.154

185.199.109.154

185.199.110.154

185.199.108.154
8.8.8.8:53

avatars.githubusercontent.com

dns

msedge.exe

75 B
139 B
1
1

DNS Request

avatars.githubusercontent.com

DNS Response

185.199.111.133

185.199.108.133

185.199.110.133

185.199.109.133
8.8.8.8:53

github-cloud.s3.amazonaws.com

dns

msedge.exe

75 B
253 B
1
1

DNS Request

github-cloud.s3.amazonaws.com

DNS Response

3.5.20.10

52.217.124.137

3.5.12.95

3.5.28.193

54.231.135.81

52.217.170.129

3.5.20.16

52.217.123.177
8.8.8.8:53

user-images.githubusercontent.com

dns

msedge.exe

79 B
143 B
1
1

DNS Request

user-images.githubusercontent.com

DNS Response

185.199.111.133

185.199.108.133

185.199.109.133

185.199.110.133
8.8.8.8:53

154.111.199.185.in-addr.arpa

dns

74 B
118 B
1
1

DNS Request

154.111.199.185.in-addr.arpa
8.8.8.8:53

133.111.199.185.in-addr.arpa

dns

74 B
118 B
1
1

DNS Request

133.111.199.185.in-addr.arpa
8.8.8.8:53

collector.github.com

dns

msedge.exe

66 B
115 B
1
1

DNS Request

collector.github.com

DNS Response

140.82.112.21
8.8.8.8:53

21.112.82.140.in-addr.arpa

dns

72 B
117 B
1
1

DNS Request

21.112.82.140.in-addr.arpa
8.8.8.8:53

api.github.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

api.github.com

DNS Response

20.26.156.210
8.8.8.8:53

210.156.26.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

210.156.26.20.in-addr.arpa
8.8.8.8:53

26.35.223.20.in-addr.arpa

dns

142 B
157 B
2
1

DNS Request

26.35.223.20.in-addr.arpa

DNS Request

26.35.223.20.in-addr.arpa
224.0.0.251:5353

602 B
9
8.8.8.8:53

raw.githubusercontent.com

dns

msedge.exe

71 B
135 B
1
1

DNS Request

raw.githubusercontent.com

DNS Response

185.199.111.133

185.199.109.133

185.199.110.133

185.199.108.133
8.8.8.8:53

209.205.72.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

209.205.72.20.in-addr.arpa
8.8.8.8:53

211.143.182.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

211.143.182.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Winlogon Helper DLL

T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Winlogon Helper DLL

T1547.004

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Defacement

T1491

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
996bc79fc2ede0f44aca0b3918889a85

SHA1
9146e717f47d0739041ab81a81f3cd7d96d382b6

SHA256
b2b180aeb2ec899e1cff504f2fd6710449dbbcf80bab9e4f7023a6e21ef88d02

SHA512
f30a0495cb3fe8456282b7d10ce6b157b3fe9eb66520c30e1ca9fb45dece5b4881df91c04cbc5e134d67aa415481d9d90d9801ca8e80472b943f3d34a99656ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
042881126237e9016e8cc38615eece04

SHA1
474c5ee80e3328da12623757e809717ec26b3844

SHA256
46b94768bc7c313a52bad73fcaa5b04fccf269722dcdfce5bf04514540187322

SHA512
3c7b1ae30ff2cee7a47bb949c804e0c514222a34e4d3861b3a1c4bf1ee17d90c0c50e330211f12493e62514393a833b0deedeabe053abfcf51c9777234f7e851

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5f3d7aef9c37c2bc9fd32db735b6bff4

SHA1
b5d20c62d6b639968a826ee310704c0f132631c6

SHA256
b14abe160931bfa41a7984461deeb5e0071876cdc8db4d7b5fc3275907379fb3

SHA512
6443ee5bf4cb5867881dedecaca282c4ae128e75fab631ea4b58bfed2d73d12c73edea02fa640484bc0c6bcd0ec903db2c13aa597a7602c92283dc51249457f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6779977f0721c36ef98fb4c29f33e071

SHA1
9c1fca3a76ca6c05195eaefcc52e85e4a33761d2

SHA256
4e12244a9320ba0d7f104145f79156797b6532e2384f3d6d44fe073c623012dd

SHA512
a74a96cf5a0b20e5432a1641df0315192d90b1c12f7c55bf6e94226400bd3c2862872afb7940b502b921399b9910eb51b0001d3c0f876a75891daf1d0b4fdd26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
0a2b558384953906cbbe67a814e23299

SHA1
a960c084cdaab69fdcd2a7542ebb4cb95a7c009a

SHA256
f7ec9bc4340a8777fce628f24799c46997a7e0527647339c673c44a9970632b9

SHA512
cea5900491c2eb5595022d1e6e7421704332253225119adb83c361c709979bc9b5065cd92fd089e9de494ef2f70374d3ef78f6c47c7fae8a888b97a1250b5e84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57eb89.TMP

Filesize
1KB

MD5
2e58a8959a8b6adc3413597aa30f060d

SHA1
a56ca7faff6eadb21a6e0c9e3a538c778537baee

SHA256
d5881d8b234f6f534ee271aa8d3b0de5c200d10b1ffd4cfa14918b1a94edaf94

SHA512
abc07618846b7274f20cd52090997612c478b923ffa809ce681dd9b41c79160448f710617adf6abdfcbbf9e921e942b7f5ff877d011c631e37a849e647766db8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c55c39e088857ecf102ca2294eb7f97c

SHA1
232ca86e01f05cdd885c9fc1498b06c4a74954c6

SHA256
f1d113c156cfd68c77b27915d14a2863d2b1cacb78293f21d942458e99cb3b6a

SHA512
2ce91c53db69ec063559a27f483a5c00927aaa28185346ceb4ca97afcca84b0af05907867f00d58a4591cbb3c7ed271750485ea2f34b53083a8bbc011f6bf25b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f9c4390d502534f40de287d2879cce42

SHA1
9504aa5d3bfecbac21465ad614f947c8c825a6f1

SHA256
8f8aad101106df2bf3ca4706a1c46dcdcea9e98fb91c4e0a727e534a230bb093

SHA512
ab68a45c9cc5ebdd9cadb475485721fc98b0e3c36a0277adb50c72e4ecfe2fb77e94952e4713e3396bcbf5ca36baba90ac969facfb1ef7b890c37e488cdcf2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

Filesize
896KB

MD5
810ec618390f80c4731c3183454fef0e

SHA1
66ae5d0de8fd82cfbb35dd30b09217f4ec196fac

SHA256
f0757fe17bc53bf782ef5f9a6fce4fcdba20236f764f723b551f27c09872213c

SHA512
4a6723c3b5934cab9571673d145f8d8e62a824fbb9aff37611e84c9f9ae481a43e5982d3aecb59140d7af9b244942f9cc9e0e549d49f957405f9d90e08ff3b3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML

Filesize
9KB

MD5
7050d5ae8acfbe560fa11073fef8185d

SHA1
5bc38e77ff06785fe0aec5a345c4ccd15752560e

SHA256
cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b

SHA512
a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

Download Submit
C:\Users\Admin\AppData\Local\Temp\one.rtf

Filesize
403B

MD5
6fbd6ce25307749d6e0a66ebbc0264e7

SHA1
faee71e2eac4c03b96aabecde91336a6510fff60

SHA256
e152b106733d9263d3cf175f0b6197880d70acb753f8bde8035a3e4865b31690

SHA512
35a0d6d91178ec10619cf4d2fd44d3e57aa0266e1779e15b1eef6e9c359c77c384e0ffe4edb2cde980a6847e53f47733e6eacb72d46762066b3541dee3d29064

Download Submit
C:\Users\Admin\AppData\Local\Temp\rniw.exe

Filesize
76KB

MD5
9232120b6ff11d48a90069b25aa30abc

SHA1
97bb45f4076083fca037eee15d001fd284e53e47

SHA256
70faa0e1498461731f873d3594f20cbf2beaa6f123a06b66f9df59a9cdf862be

SHA512
b06688a9fc0b853d2895f11e812c48d5871f2793183fda5e9638ded22fc5dc1e813f174baedc980a1f0b6a7b0a65cd61f29bb16acc6dd45da62988eb012d6877

Download Submit
C:\Users\Admin\AppData\Local\Temp\windl.bat

Filesize
771B

MD5
a9401e260d9856d1134692759d636e92

SHA1
4141d3c60173741e14f36dfe41588bb2716d2867

SHA256
b551fba71dfd526d4916ae277d8686d83fff36d22fcf6f18457924a070b30ef7

SHA512
5cbe38cdab0283b87d9a9875f7ba6fa4e8a7673d933ca05deddddbcf6cf793bd1bf34ac0add798b4ed59ab483e49f433ce4012f571a658bc0add28dd987a57b6

Download Submit
C:\Users\Admin\Desktop\UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR N1XT.txt

Filesize
396B

MD5
9037ebf0a18a1c17537832bc73739109

SHA1
1d951dedfa4c172a1aa1aae096cfb576c1fb1d60

SHA256
38c889b5d7bdcb79bbcb55554c520a9ce74b5bfc29c19d1e4cb1419176c99f48

SHA512
4fb5c06089524c6dcd48b6d165cedb488e9efe2d27613289ef8834dbb6c010632d2bd5e3ac75f83b1d8024477ebdf05b9e0809602bbe1780528947c36e4de32f

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 710008.crdownload

Filesize
6.7MB

MD5
f2b7074e1543720a9a98fda660e02688

SHA1
1029492c1a12789d8af78d54adcb921e24b9e5ca

SHA256
4ea1f2ecf7eb12896f2cbf8683dae8546d2b8dc43cf7710d68ce99e127c0a966

SHA512
73f9548633bc38bab64b1dd5a01401ef7f5b139163bdf291cc475dbd2613510c4c5e4d7702ecdfa74b49f3c9eaed37ed23b9d8f0064c66123eb0769c8671c6ff

Download Submit
memory/2128-251-0x000000000C960000-0x000000000C970000-memory.dmp

Filesize
64KB

Download
memory/2128-255-0x000000000C960000-0x000000000C970000-memory.dmp

Filesize
64KB

Download
memory/2128-256-0x000000000CB20000-0x000000000CB30000-memory.dmp

Filesize
64KB

Download
memory/2128-253-0x000000000CB20000-0x000000000CB30000-memory.dmp

Filesize
64KB

Download
memory/2128-252-0x000000000CB20000-0x000000000CB30000-memory.dmp

Filesize
64KB

Download
memory/2128-250-0x000000000C960000-0x000000000C970000-memory.dmp

Filesize
64KB

Download
memory/2128-249-0x000000000C960000-0x000000000C970000-memory.dmp

Filesize
64KB

Download
memory/2128-248-0x000000000C960000-0x000000000C970000-memory.dmp

Filesize
64KB

Download
memory/2128-241-0x000000000C900000-0x000000000C938000-memory.dmp

Filesize
224KB

Download
memory/2128-242-0x000000000C8C0000-0x000000000C8CE000-memory.dmp

Filesize
56KB

Download
memory/2128-223-0x0000000006770000-0x0000000006D14000-memory.dmp

Filesize
5.6MB

Download
memory/2128-222-0x0000000000FE0000-0x000000000168E000-memory.dmp

Filesize
6.7MB

Download
memory/2128-254-0x000000000C960000-0x000000000C970000-memory.dmp

Filesize
64KB

Download

Resubmissions

Analysis

Sharing

Errors

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response