hxxps://github[.]com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke[.]98[.]exe

max time kernel
144s
max time network
149s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241023-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
10/11/2024, 10:05 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe

Score

8^/10

discovery persistence

Malware Config

Signatures

Downloads MZ/PE file

Drops startup file 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9dbd133b.exe	explorer.exe

Executes dropped EXE 3 IoCs

pid	Process
4412	CryptoWall.exe
3648	CryptoWall.exe
4756	CryptoWall.exe

Adds Run key to start application 2 TTPs 2 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9dbd133b = "C:\\Users\\Admin\\AppData\\Roaming\\9dbd133b.exe"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9dbd133 = "C:\\9dbd133b\\9dbd133b.exe"	explorer.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
97	raw.githubusercontent.com
98	raw.githubusercontent.com

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
103	ip-addr.es
105	ip-addr.es

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\369567ff-d2df-48fe-9357-33ab48e52c70.tmp	setup.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241110100539.pma	setup.exe

Drops file in Windows directory 4 IoCs

description	ioc	Process
File opened for modification	C:\Windows\Panther\UnattendGC\setupact.log	UserOOBEBroker.exe
File opened for modification	C:\Windows\Panther\UnattendGC\setuperr.log	UserOOBEBroker.exe
File opened for modification	C:\Windows\Panther\UnattendGC\diagerr.xml	UserOOBEBroker.exe
File opened for modification	C:\Windows\Panther\UnattendGC\diagwrn.xml	UserOOBEBroker.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 4 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	FileCoAuth.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	CryptoWall.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	explorer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	svchost.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings	msedge.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
3600	msedge.exe
3600	msedge.exe
2552	msedge.exe
2552	msedge.exe
1516	identity_helper.exe
1516	identity_helper.exe
2900	msedge.exe
2900	msedge.exe
1316	msedge.exe
1316	msedge.exe
5964	msedge.exe
5964	msedge.exe
5964	msedge.exe
5964	msedge.exe

Suspicious behavior: MapViewOfSection 2 IoCs

pid	Process
4412	CryptoWall.exe
2512	explorer.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe

Suspicious use of FindShellTrayWindow 53 IoCs

pid	Process
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe
2552	msedge.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
5800	SecHealthUI.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2552 wrote to memory of 3436	2552	msedge.exe	81
PID 2552 wrote to memory of 3436	2552	msedge.exe	81
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 984	2552	msedge.exe	83
PID 2552 wrote to memory of 3600	2552	msedge.exe	84
PID 2552 wrote to memory of 3600	2552	msedge.exe	84
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85
PID 2552 wrote to memory of 3348	2552	msedge.exe	85

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x124,0x134,0x7ff9bbaf46f8,0x7ff9bbaf4708,0x7ff9bbaf4718
  2⤵
  PID:3436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8
  2⤵
  PID:3348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
  2⤵
  PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5892 /prefetch:8
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
  2⤵
  - Drops file in Program Files directory
  PID:4720
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x24c,0x250,0x254,0x248,0x258,0x7ff7a5995460,0x7ff7a5995470,0x7ff7a5995480
    3⤵
    PID:1412
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5892 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:5944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:5876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
  2⤵
  PID:5212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:2944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5024 /prefetch:8
  2⤵
  PID:5828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1948 /prefetch:1
  2⤵
  PID:5936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6404 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5672 /prefetch:8
  2⤵
  PID:5436
- C:\Users\Admin\Downloads\CryptoWall.exe
  "C:\Users\Admin\Downloads\CryptoWall.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: MapViewOfSection
  PID:4412
- - C:\Windows\SysWOW64\explorer.exe
    "C:\Windows\syswow64\explorer.exe"
    3⤵
    - Drops startup file
    - Adds Run key to start application
    - System Location Discovery: System Language Discovery
    - Suspicious behavior: MapViewOfSection
    PID:2512
  - - C:\Windows\SysWOW64\svchost.exe
      -k netsvcs
      4⤵
      System Location Discovery: System Language Discovery
      PID:3768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6404 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,7048381488073576776,6603278940076264168,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6116 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5964

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2336

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2540

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
1⤵
PID:1392

C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
1⤵
- Drops file in Windows directory
PID:5256

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
1⤵
- System Location Discovery: System Language Discovery
PID:5288

C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
"C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe" -ServerName:SecHealthUI.AppXep4x2tbtjws1v9qqs0rmb3hxykvkpqtn.mca
1⤵
- Suspicious use of SetWindowsHookEx
PID:5800

C:\Windows\System32\SecurityHealthHost.exe
C:\Windows\System32\SecurityHealthHost.exe {E041C90B-68BA-42C9-991E-477B73A75C90} -Embedding
1⤵
PID:5980

C:\Windows\System32\SecurityHealthHost.exe
C:\Windows\System32\SecurityHealthHost.exe {E041C90B-68BA-42C9-991E-477B73A75C90} -Embedding
1⤵
PID:6036

C:\Windows\System32\SecurityHealthHost.exe
C:\Windows\System32\SecurityHealthHost.exe {E041C90B-68BA-42C9-991E-477B73A75C90} -Embedding
1⤵
PID:4612

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2400

C:\Users\Admin\Downloads\CryptoWall.exe
"C:\Users\Admin\Downloads\CryptoWall.exe"
1⤵
- Executes dropped EXE
PID:3648

C:\Users\Admin\Downloads\CryptoWall.exe
"C:\Users\Admin\Downloads\CryptoWall.exe"
1⤵
- Executes dropped EXE
PID:4756

Network

DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:05:35 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"f5195a55ed7f5c56484e63a20796dc84"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
set-cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.1620697693.1731233135; Path=/; Domain=github.com; Expires=Mon, 10 Nov 2025 10:05:35 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Mon, 10 Nov 2025 10:05:35 GMT; HttpOnly; Secure; SameSite=Lax
accept-ranges: bytes
x-github-request-id: D600:2B0DC3:629F2A:70A23D:6730856E
GET

https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/security/overall-count HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:05:37 GMT
content-type: text/fragment+html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: D600:2B0DC3:629FD7:70A2FB:6730856F
GET

https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:05:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 79
x-github-request-id: D600:2B0DC3:629FE0:70A309:67308571
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/WinNuke.98.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/WinNuke.98.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:05:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: D600:2B0DC3:629FE0:70A30B:67308571
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/WinNuke.98.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/WinNuke.98.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:05:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"413669063bf1c291e252618e3eb3f2a5"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 441
x-github-request-id: D600:2B0DC3:629FE0:70A30A:67308571
GET

https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
if-none-match: W/"adc2c0d060742993a54f31416bc951e3"

Response

HTTP/2.0 304

server: GitHub.com
date: Sun, 10 Nov 2024 10:05:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-github-request-id: D600:2B0DC3:629FF5:70A319:67308571
GET

https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
if-none-match: W/"adc2c0d060742993a54f31416bc951e3"

Response

HTTP/2.0 304

server: GitHub.com
date: Sun, 10 Nov 2024 10:05:37 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
x-github-request-id: D600:2B0DC3:629FF9:70A327:67308571
GET

https://github.com/manifest.json

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /manifest.json HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: manifest
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:05:35 GMT
content-type: application/manifest+json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=604800, public
etag: W/"c75e05794d72230a695e880f1a6c83a4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 474
x-github-request-id: D600:2B0DC3:62A016:70A342:67308571
DNS

88.210.23.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.210.23.2.in-addr.arpa

IN PTR

Response

88.210.23.2.in-addr.arpa

IN PTR

a2-23-210-88deploystaticakamaitechnologiescom
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

215.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

215.156.26.20.in-addr.arpa

IN PTR

Response
DNS

nav.smartscreen.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

nav.smartscreen.microsoft.com

IN A

Response

nav.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-nav.trafficmanager.net

prod-atm-wds-nav.trafficmanager.net

IN CNAME

prod-agic-uw-2.ukwest.cloudapp.azure.com

prod-agic-uw-2.ukwest.cloudapp.azure.com

IN A

51.140.244.186
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/actions

msedge.exe

Remote address:

51.140.244.186:443

Request

POST /api/browser/edge/actions HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiR0F0MEVNUWdSNUU9Iiwia2V5IjoicHlLclN0Z2VUR0ZWaW5xTExldFFEZz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1272
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:05:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 705
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

msedge.exe

Remote address:

51.140.244.186:443

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiVVRRZC92NmU5M0E9Iiwia2V5IjoiKzJnYWdFUndFdERjL2NnM2ttbkp0QT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1709
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:05:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1613
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

msedge.exe

Remote address:

51.140.244.186:443

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiK214V1JzSE15Zjg9Iiwia2V5IjoiNXJDdjhzRDdXTzAvUzA4VmN6R0NoUT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1756
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:06:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 967
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

msedge.exe

Remote address:

51.140.244.186:443

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiV2dmSXg5dEJteDg9Iiwia2V5IjoiOTVEbW5TZVdJdEh3MGpDZFMxcUphdz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1979
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:07:02 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1044
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

msedge.exe

Remote address:

51.140.244.186:443

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoib2RRYWJVaGxaRmc9Iiwia2V5IjoiaEJnVEIwenI1eFJsaGNaZTdTSEJlQT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2095
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:07:02 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1129
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/download/2

msedge.exe

Remote address:

51.140.244.186:443

Request

POST /api/browser/edge/download/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoidWQ3WkVDVjhycm89Iiwia2V5IjoicmNYdE1SMThmOE5iOFVKRC94cWp6QT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1886
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:07:02 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1128
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/downloadcomplete/1

msedge.exe

Remote address:

51.140.244.186:443

Request

POST /api/browser/edge/downloadcomplete/1 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiSFBrWGdhWjZjMUE9Iiwia2V5IjoiTVZRY0x0L09EclVJcVRZSjdXanhGdz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1447
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:07:02 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 584
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

msedge.exe

Remote address:

51.140.244.186:443

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiaXVzTDVqTDB0R3M9Iiwia2V5IjoiRFlMOE5Db2ZXaGpPMUdOU3Y5bkcydz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1979
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:07:23 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1044
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/downloadcomplete/1

msedge.exe

Remote address:

51.140.244.186:443

Request

POST /api/browser/edge/downloadcomplete/1 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiU0duTDJBUmJIR1U9Iiwia2V5IjoiZE5HM01XeFNHL3d4OEloMVRrM2FkUT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1447
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:07:23 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 584
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=0, private
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
DNS

avatars.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.108.133

avatars.githubusercontent.com

IN A

185.199.111.133

avatars.githubusercontent.com

IN A

185.199.109.133

avatars.githubusercontent.com

IN A

185.199.110.133
DNS

github.githubassets.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.108.154

github.githubassets.com

IN A

185.199.110.154

github.githubassets.com

IN A

185.199.111.154

github.githubassets.com

IN A

185.199.109.154
GET

https://avatars.githubusercontent.com/u/63458929?v=4&size=40

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /u/63458929?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Tue, 04 Nov 2014 12:11:21 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 8AFD:291D8F:1454CE:1A1C52:67270DB4
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:37 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600047-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1731233138.616528,VS0,VE4
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: d54bb6fb909ee582853703975448e73a7d879ea6
expires: Sun, 10 Nov 2024 10:10:37 GMT
source-age: 620471
vary: Authorization,Accept-Encoding
content-length: 1505
GET

https://avatars.githubusercontent.com/u/123590232?v=4&size=40

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /u/123590232?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'
content-type: image/jpeg
etag: "7092780138ee29ef74ab07ab33208aed411686853b3bcef4814b6c7687153094"
last-modified: Thu, 20 Jul 2023 19:54:24 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 64B9:2A9677:3AABBF:48A288:6729CACF
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:06:39 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600047-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1731233199.265407,VS0,VE1
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 3a9bf06cd4402160b193794b8dd2662d1d7edacd
expires: Sun, 10 Nov 2024 10:11:39 GMT
source-age: 441053
vary: Authorization,Accept-Encoding
content-length: 1014
GET

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

GET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe HTTP/2.0
host: raw.githubusercontent.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"cd25c5defa71d302cf30ddf83a8bcf17f79cfc07e52596064a5636d4ef9c08d0"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: D3D6:292FA7:DCB5A:118FD4:673085C6
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:07:02 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600047-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1731233222.235610,VS0,VE151
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 661de6f5b6d2701d17a66548b46d43eb772d2ace
expires: Sun, 10 Nov 2024 10:12:02 GMT
source-age: 0
content-length: 135168
GET

https://github.githubassets.com/assets/light-3e154969b9f9.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/light-3e154969b9f9.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 27 Aug 2024 20:36:01 GMT
etag: "0x8DCC6D7DD54695E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2160480
x-served-by: cache-iad-kcgs7200095-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 5582, 16975
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2649860cf3209af2c7363929bae90f62884d2726
content-length: 6804
GET

https://github.githubassets.com/assets/primer-primitives-4cf0d59ab51a.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/primer-primitives-4cf0d59ab51a.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 03 Sep 2024 18:51:51 GMT
etag: "0x8DCCC497906BD46"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 4580654
x-served-by: cache-iad-kiad7000060-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 8836, 17087
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b57e1705501d269bd4d861289ca4619de0350eb6
content-length: 1582
GET

https://github.githubassets.com/assets/primer-d4805e363e20.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/primer-d4805e363e20.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 27 Aug 2024 20:35:59 GMT
etag: "0x8DCC6D7DBFA7D4F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 3980254
x-served-by: cache-iad-kiad7000157-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 120, 17179
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: deb65e97b6cd25075e2541248504d4ba41ef706a
content-length: 6876
GET

https://github.githubassets.com/assets/dark-9c5b7a476542.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/dark-9c5b7a476542.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 04 Nov 2024 21:22:10 GMT
etag: "0x8DCFD16BE44D1CD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 256117
x-served-by: cache-iad-kiad7000151-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 9, 1607
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: be27800f5e7c2bf1499adaa1c9abc0f768cb13d7
content-length: 39205
GET

https://github.githubassets.com/assets/repository-1e3bbbee6b91.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/repository-1e3bbbee6b91.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 07 Nov 2024 12:08:25 GMT
etag: "0x8DCFF24E2285B95"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 246277
x-served-by: cache-iad-kiad7000102-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 25, 3013
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2d0920e0bf9f4b47c863dc5be87ba7d9eeee8edf
content-length: 5210
GET

https://github.githubassets.com/assets/github-6110438c1619.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/github-6110438c1619.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 26 Aug 2024 16:36:17 GMT
etag: "0x8DCC5ED35736954"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2249455
x-served-by: cache-iad-kjyo7100115-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 44, 13192
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ce3aa44518a2f376d4e02ba855951a4026bdd19b
content-length: 479
GET

https://github.githubassets.com/assets/global-79a5b5698a34.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/global-79a5b5698a34.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 04 Nov 2024 12:04:07 GMT
etag: "0x8DCFCC8C8F729F9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 311669
x-served-by: cache-iad-kcgs7200039-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 29, 4421
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 54378be94571571aed443ebab500a4e711286bd9
content-length: 21273
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 07 Nov 2024 05:52:45 GMT
etag: "0x8DCFEF0670E8E02"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 241840
x-served-by: cache-iad-kcgs7200084-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 10, 3446
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 461dc64c43a60fbe3eb440ad6e69925335accd85
content-length: 38080
GET

https://github.githubassets.com/assets/react-code-view.6b587a69b593e23c3657.module.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/react-code-view.6b587a69b593e23c3657.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 07 Nov 2024 20:35:22 GMT
etag: "0x8DCFF6BB3B1194C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 139179
x-served-by: cache-iad-kiad7000107-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 20, 1647
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 397f8ad90138a2003df1156fc9c9cd808ccb23de
content-length: 7282
GET

https://github.githubassets.com/assets/primer-react.2beab350097eeaad3991.module.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/primer-react.2beab350097eeaad3991.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Thu, 07 Nov 2024 20:35:22 GMT
etag: "0x8DCFF6BB3DAE07C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 139173
x-served-by: cache-iad-kjyo7100022-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 25, 376
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6e70fc717b6d9a7ef7e57112c89badf39487dfc2
content-length: 1101
GET

https://github.githubassets.com/assets/code-53e56f0305ac.css

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/code-53e56f0305ac.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 29 Oct 2024 17:51:14 GMT
etag: "0x8DCF84248506AD8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 744895
x-served-by: cache-iad-kcgs7200155-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 32, 5428
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 81a222036062f020cec46316ffb1069fcee5556e
content-length: 5170
GET

https://github.githubassets.com/assets/wp-runtime-d1c774376d16.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/wp-runtime-d1c774376d16.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 22:59:24 GMT
etag: "0x8DD0048FDA4321F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 122991
x-served-by: cache-iad-kiad7000060-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 44, 1311
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 082aecb849a8f7beaac881fb9afda91014f308b3
content-length: 14289
GET

https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 18:15:49 GMT
etag: "0x8DCE4A09364EC4B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2910572
x-served-by: cache-iad-kjyo7100089-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 7272, 17272
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e0ea92c9c7c5c16ebbfa6562fd948c34f729e8af
content-length: 3079
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-aff936e590ed.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-aff936e590ed.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 19:06:40 GMT
etag: "0x8DCDC02DAFFB363"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2656202
x-served-by: cache-iad-kcgs7200030-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 57, 17310
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a816c221a1bc8573c1a04ded8e1040dee773d287
content-length: 8031
GET

https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-247092-ee0bd6110c34.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-247092-ee0bd6110c34.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 04 Nov 2024 18:58:20 GMT
etag: "0x8DCFD02A6BC85E1"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 326864
x-served-by: cache-iad-kjyo7100162-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 8, 4747
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 49337d47fddb47845cdeafd5f953d64aee56ed6a
content-length: 5773
GET

https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-074ee5faa813.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_failbot_failbot_ts-074ee5faa813.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 09:39:32 GMT
etag: "0x8DCFF1015B27F9B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 250721
x-served-by: cache-iad-kjyo7100077-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 3, 3663
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e219b9c7dd8c06020840668882bcfc67db7f460c
content-length: 2363
GET

https://github.githubassets.com/assets/environment-cd35650c2e9c.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/environment-cd35650c2e9c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 18:39:02 GMT
etag: "0x8DD00249DCE6840"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 135227
x-served-by: cache-iad-kcgs7200031-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 42, 1560
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a1246488f0d2993c4730281526b343e1cc2786be
content-length: 3575
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4b0e95669.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4b0e95669.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 22:11:31 GMT
etag: "0x8DCD8F8042E40EF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 4100497
x-served-by: cache-iad-kcgs7200115-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 51578, 17240
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 91e89b70e47abcd3ea5bff00c0298b59e9a1976a
content-length: 5759
GET

https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F8D41"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 4670926
x-served-by: cache-iad-kiad7000168-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 10712, 17039
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a9b40f88b2b2c3853e12e670c888514180f84d8e
content-length: 3284
GET

https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-6d3967acd51c.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_relative-time-element_dist_index_js-6d3967acd51c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 23:19:54 GMT
etag: "0x8DCD6A61268C08C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 4642601
x-served-by: cache-iad-kcgs7200045-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 9119, 17186
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e36c0239df7dbac89d94e3efc8f25e91fbdd1083
content-length: 4646
GET

https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-53781cbc550f.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-53781cbc550f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:06 GMT
etag: "0x8DCE312793D8352"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 3270289
x-served-by: cache-iad-kiad7000133-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 3, 17412
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 503afabc677c2cdfd3afa03428490b0520bf097f
content-length: 6302
GET

https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-6afc16-87f32ad5fff1.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-6afc16-87f32ad5fff1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 21:28:27 GMT
etag: "0x8DCE7E026275386"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 755246
x-served-by: cache-iad-kiad7000075-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 19, 9814
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: eab783ba63a97d3d71d3f9a26e746bd372fcc8a9
content-length: 5803
GET

https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-f5498b8d4e5d.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_text-expander-element_dist_index_js-f5498b8d4e5d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 10 Oct 2024 13:21:02 GMT
etag: "0x8DCE92E6380B39E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2656840
x-served-by: cache-iad-kjyo7100066-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 23, 17460
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4dc50ae7d6f608eae1290df513a9078ed4d386ac
content-length: 4310
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-d1a841-8f251a0656e7.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-d1a841-8f251a0656e7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 13:41:20 GMT
etag: "0x8DCEEB16225DC02"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 326864
x-served-by: cache-iad-kjyo7100092-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 8, 4754
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d96f4f7c25aa059c09467e09afa1a0c9e5781477
content-length: 4477
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1f651a-1e3d784c897c.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1f651a-1e3d784c897c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 22:11:30 GMT
etag: "0x8DCD8F803DFB5F0"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2780784
x-served-by: cache-iad-kjyo7100088-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 37, 17332
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 21fd6fa065a2f2251100b4c8d601ef3dcf78ea1a
content-length: 6483
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-af0385-1d5998037c7f.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-af0385-1d5998037c7f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 23:21:35 GMT
etag: "0x8DCFF82EC18E522"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 139176
x-served-by: cache-iad-kjyo7100040-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 20, 1652
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d62838eccc3d29ac4994fbfe639cb8e5348b6260
content-length: 20951
GET

https://github.githubassets.com/assets/github-elements-54614839516b.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/github-elements-54614839516b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 05 Nov 2024 20:38:39 GMT
etag: "0x8DCFDD9D4D0FB33"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 256116
x-served-by: cache-iad-kiad7000123-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 8, 1639
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9875073ad7f8b3255f932935bcbac32ec1619c46
content-length: 11162
GET

https://github.githubassets.com/assets/element-registry-403b2ee4138e.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/element-registry-403b2ee4138e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 05 Nov 2024 21:05:08 GMT
etag: "0x8DCFDDD87E86CEE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 303368
x-served-by: cache-iad-kjyo7100049-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 60, 1262
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9839dce4fe7a520fd67fd0f42bddc475f33a1467
content-length: 8290
GET

https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-634de60bacfa.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-634de60bacfa.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Sep 2024 14:50:55 GMT
etag: "0x8DCD403787F634B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 3982895
x-served-by: cache-iad-kcgs7200073-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 6, 17310
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 884a68c8dae7f69a69665d48ed8c229ab493150a
content-length: 4948
GET

https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12FB424"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 3985920
x-served-by: cache-iad-kiad7000173-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 31898, 17136
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1834e03fe19740e1c9d42b7cab56c21681abb914
content-length: 3911
GET

https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-e6893db9c19e.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-e6893db9c19e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 16:52:10 GMT
etag: "0x8DCDD8265CA851F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 3935003
x-served-by: cache-iad-kiad7000079-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 9884, 17330
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a4d08e5cce867b56b2e87a788b1bc7a7250df045
content-length: 3288
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A0C3D76A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 5264907
x-served-by: cache-iad-kjyo7100087-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 16539, 17147
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9f7cc4f7fe303ba4cac3d96f75b9fce940bb8903
content-length: 2385
GET

https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:14 GMT
etag: "0x8DCB7D5A13B8DA9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 4043088
x-served-by: cache-iad-kjyo7100041-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 6550, 17686
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5fb22b419d78317fd03f9e837fe6d278dcec201a
content-length: 18641
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 18:11:47 GMT
etag: "0x8DCEED72A6ADB7B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2007712
x-served-by: cache-iad-kcgs7200120-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 55, 6593
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ac0b5882c2a4617f9c4a7b4050363436259dc8a8
content-length: 4526
GET

https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_stacktrace-pa-a71630-6f3c4f0189d8.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_stacktrace-pa-a71630-6f3c4f0189d8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 16:12:32 GMT
etag: "0x8DCED342CC2D5FC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2007712
x-served-by: cache-iad-kcgs7200039-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 55, 6597
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f4318cb0cc93459c73f8d42e8ae3306b6efa256f
content-length: 3363
GET

https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F3F7D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 4058444
x-served-by: cache-iad-kcgs7200153-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 17906, 17139
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ba04fc76e4254be82caa8d41818e8bb276830e5a
content-length: 3816
GET

https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-0b5e12-7b36339d5147.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-0b5e12-7b36339d5147.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 20:26:52 GMT
etag: 0x8DCAB55C9E02677
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 6543319
x-served-by: cache-iad-kjyo7100169-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 14222, 17156
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a5df863504632e2c514358878b1ab8c1f6c69dee
content-length: 4852
GET

https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-eae9df0dd562.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_updatable-content_updatable-content_ts-eae9df0dd562.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 01 Nov 2024 20:19:42 GMT
etag: "0x8DCFAB28510C2CF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 461976
x-served-by: cache-iad-kcgs7200155-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 116, 6835
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 29b768f484e844ba889c407f169a684a572f7b86
content-length: 4941
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-18d1c91a7872.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-18d1c91a7872.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 13:41:20 GMT
etag: "0x8DCEEB16245C35B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 326864
x-served-by: cache-iad-kjyo7100081-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 8, 4800
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2bd41835dc3f439e899bc4b19c1f435319e2e542
content-length: 4362
GET

https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 21:28:28 GMT
etag: "0x8DCE7E026476195"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 755246
x-served-by: cache-iad-kcgs7200118-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 18, 9890
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 33044f4782dfb11af03c7e5757e744da6e06bfc4
content-length: 14593
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b0b4fd6f86a5.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b0b4fd6f86a5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:12 GMT
etag: "0x8DCB7D5A07BFBE6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 3991432
x-served-by: cache-iad-kiad7000133-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 17181, 17152
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 07ffea6b83bd735182c86745a7bacdc65912e115
content-length: 4125
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-c89801ebbe15.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-c89801ebbe15.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 16:12:32 GMT
etag: "0x8DCED342CBF7E60"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2007711
x-served-by: cache-iad-kiad7000021-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 7104, 17770
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9db4e83fea7af479c1a88c23266d7777d78fcd72
content-length: 3082
GET

https://github.githubassets.com/assets/behaviors-009c7396246a.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/behaviors-009c7396246a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Sat, 19 Oct 2024 02:54:34 GMT
etag: "0x8DCEFE95C9E5085"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 454892
x-served-by: cache-iad-kiad7000057-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 102, 6782
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 705ff5db156144b9dc0c42bc301b682e3ff1b716
content-length: 6100
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 13:20:58 GMT
etag: "0x8DCFF2F044FD23D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 227324
x-served-by: cache-iad-kcgs7200135-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 98, 3233
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e079464bd68315d4d31e99fc1e466af00751f1de
content-length: 60851
GET

https://github.githubassets.com/assets/notifications-global-54f34167118d.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/notifications-global-54f34167118d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 20 Aug 2024 15:46:26 GMT
etag: "0x8DCC12F400738CD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 4058559
x-served-by: cache-iad-kjyo7100129-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 7109, 17020
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 874db88a954ba240571226eeaeebff3c777fb115
content-length: 3038
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-d241fe700755.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-d241fe700755.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 29 Oct 2024 14:16:02 GMT
etag: "0x8DCF824381E90DE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 820760
x-served-by: cache-iad-kiad7000103-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 48, 6114
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: eb831a29d8c8d6577ff79e8a20592e97b8b6bd4b
content-length: 3410
GET

https://github.githubassets.com/assets/code-menu-15796c6acaff.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/code-menu-15796c6acaff.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 12:09:30 GMT
etag: "0x8DCF8DBB579CB58"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 867582
x-served-by: cache-iad-kiad7000100-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 3, 6510
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 51e29222869f47cec1b1965243bb71c4e81cc122
content-length: 2614
GET

https://github.githubassets.com/assets/primer-react-ae28f57a594c.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/primer-react-ae28f57a594c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 22:51:34 GMT
etag: "0x8DCFF7EBA975060"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 207745
x-served-by: cache-iad-kcgs7200057-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 25, 768
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 54b169c9ec983addd08aa18859dce20e4173fbf7
content-length: 8184
GET

https://github.githubassets.com/assets/react-core-3a596bf6ecc1.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/react-core-3a596bf6ecc1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 04 Nov 2024 14:16:10 GMT
etag: "0x8DCFCDB3B80649E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 422677
x-served-by: cache-iad-kcgs7200108-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 15, 6962
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 50d67d8390bf45e3afe0e33a3c3a23550d68b598
content-length: 103803
GET

https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/react-lib-7b7b5264f6c1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 02:26:43 GMT
etag: "0x8DCFED39EBA2203"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 280124
x-served-by: cache-iad-kcgs7200112-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 81, 4482
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d79dc1f2332e2e71c6d62ced419d2b59bf029090
content-length: 39119
GET

https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/octicons-react-45c3a19dd792.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:06 GMT
etag: "0x8DCB7D59CFCE0CF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 5654620
x-served-by: cache-iad-kjyo7100029-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 7082, 19209
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b0ac58ed084444bca5c3d2805636cfa6d6cd24d5
content-length: 54857
GET

https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-0e630d-04276437489b.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-0e630d-04276437489b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:02 GMT
etag: "0x8DCE3127730EEAF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 3270289
x-served-by: cache-iad-kiad7000161-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 3, 19914
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 912db6106eea59751870fad47f63bd295a45d4c6
content-length: 90797
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-4896ddd4b7bb.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-4896ddd4b7bb.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 18:15:49 GMT
etag: "0x8DCE4A09364EC4B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2910572
x-served-by: cache-iad-kjyo7100058-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 9869, 18325
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f76d4a6ccff0f29dd9d045fc3293b15099868f7a
content-length: 3077
GET

https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_primer_live-region-element_dis-037ad60-8582b70cd5a9.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_primer_live-region-element_dis-037ad60-8582b70cd5a9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 15:24:01 GMT
etag: "0x8DCFE770B05945C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 315984
x-served-by: cache-iad-kjyo7100067-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 33, 4943
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ce009012f4768732d14e5413c8cf6536f930baa9
content-length: 19219
GET

https://github.githubassets.com/assets/vendors-node_modules_focus-visible_dist_focus-visible_js-node_modules_fzy_js_index_js-node_mo-8edd88-99bd6dce30b5.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_focus-visible_dist_focus-visible_js-node_modules_fzy_js_index_js-node_mo-8edd88-99bd6dce30b5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:05 GMT
etag: "0x8DCE3127901F5D6"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 1128950
x-served-by: cache-iad-kcgs7200143-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 7175, 1411
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7e1aad3e332904ead4c9a6a8bb03b0d0a6c2f25c
content-length: 4239
GET

https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-e1792bd5a31e.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-e1792bd5a31e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 10 Oct 2024 11:16:35 GMT
etag: "0x8DCE91D00C19933"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 1131592
x-served-by: cache-iad-kcgs7200034-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 134, 718
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 571be9a6239c6e7a55dfccfa2982bc394e9c6dbc
content-length: 6268
GET

https://github.githubassets.com/assets/ui_packages_paths_index_ts-638a4cc4ec98.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_paths_index_ts-638a4cc4ec98.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 13:39:05 GMT
etag: "0x8DCF29EE5B2CDB4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 1611555
x-served-by: cache-iad-kjyo7100096-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 44, 11377
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ec86c3a48be856d3ae9171827cb03cd718668daa
content-length: 3055
GET

https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-7a75d9f22fe9.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_ref-selector_RefSelector_tsx-7a75d9f22fe9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 04 Nov 2024 20:24:44 GMT
etag: "0x8DCFD0EB863FBF1"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 422676
x-served-by: cache-iad-kiad7000141-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 5, 3462
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 110aa684e1a3011a0d2a6d0dea0d8f06369a7a5b
content-length: 6221
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_shortcuts_ts-ui_packages_code-view-shared_utilities_web-wo-397c42-961ef3e9cb6a.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_shortcuts_ts-ui_packages_code-view-shared_utilities_web-wo-397c42-961ef3e9cb6a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 15:31:42 GMT
etag: "0x8DCFF4147B13A97"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 223002
x-served-by: cache-iad-kcgs7200155-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 40, 2849
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 820e93691a643e3830b89e205da5b5a06086f372
content-length: 5482
GET

https://github.githubassets.com/assets/ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_verified-fetch_verified-fetch_ts-u-4672d1-c335d159760f.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_verified-fetch_verified-fetch_ts-u-4672d1-c335d159760f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 18:46:05 GMT
etag: "0x8DCE312790353D7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 3270289
x-served-by: cache-iad-kiad7000037-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 3, 17278
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d47f76950ec053ba7e04e84fb4273fc3f3ed08ad
content-length: 5011
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_utili-228da6-74e998ad57e4.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_utili-228da6-74e998ad57e4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 20:02:10 GMT
etag: "0x8DCE70AED8CFDAF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2821708
x-served-by: cache-iad-kiad7000084-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 28, 17401
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6bd59a8387a6b42b774842a20a344dbd95c718b8
content-length: 5640
GET

https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-file-page-payload_ts-ui_packages_code-view-shared_comp-1beb66-8434ef8b268d.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_code-view-shared_hooks_use-file-page-payload_ts-ui_packages_code-view-shared_comp-1beb66-8434ef8b268d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 05 Nov 2024 21:48:10 GMT
etag: "0x8DCFDE38AC33419"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 315984
x-served-by: cache-iad-kcgs7200073-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 33, 4561
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3d6d2ee495a204c791436d8b4da660cee00f7708
content-length: 3423
GET

https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-87c39cb5708f.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-87c39cb5708f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A13028DA"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 3474693
x-served-by: cache-iad-kcgs7200022-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 143, 14607
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 01a950209860a2ec3b29eac1fcd4f043b38231c4
content-length: 5219
GET

https://github.githubassets.com/assets/react-code-view-839f957a1648.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/react-code-view-839f957a1648.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 29 Oct 2024 14:16:06 GMT
etag: "0x8DCF8243A6C78D8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 820749
x-served-by: cache-iad-kiad7000136-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 48, 8341
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 20e8dab55403166c96bbd8a981a2dd4976a9f914
content-length: 4112
GET

https://github.githubassets.com/assets/notifications-subscriptions-menu-c0fd3c9cc896.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/notifications-subscriptions-menu-c0fd3c9cc896.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 03:21:07 GMT
etag: "0x8DCF3DAE6969363"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 489876
x-served-by: cache-iad-kcgs7200116-IAD, cache-lon4252-LON
x-cache: MISS, HIT
x-cache-hits: 0, 3871
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6bcad0671afb9715d05a4a2035ca0cfac515e33f
content-length: 4464
GET

https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hotkey_dist_index_js-no-d67c7f-bd7d077cdcb1.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hotkey_dist_index_js-no-d67c7f-bd7d077cdcb1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 07 Nov 2024 16:24:22 GMT
etag: "0x8DCFF48A39A1D14"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 216506
x-served-by: cache-iad-kcgs7200106-IAD, cache-lon4252-LON
x-cache: MISS, HIT
x-cache-hits: 0, 741
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 80bfc1f9e8632703fa02c3d39746e12f95821432
content-length: 18733
GET

https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-d25fac54a6bc.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_ui-commands_ui-commands_ts-d25fac54a6bc.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 17:57:03 GMT
etag: "0x8DCFE8C6BB4D16F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 311661
x-served-by: cache-iad-kcgs7200146-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 96, 1572
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1bab9e0919d175181656391852b8864dff655411
content-length: 12982
GET

https://github.githubassets.com/assets/keyboard-shortcuts-dialog-cb3d4f30c9ed.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/keyboard-shortcuts-dialog-cb3d4f30c9ed.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 16:12:32 GMT
etag: "0x8DCED342CC23A71"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 2007711
x-served-by: cache-iad-kcgs7200024-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 53, 15953
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a9eea1239e501371f8e3b0573103cc19cd3dce14
content-length: 5389
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 18:12:14 GMT
etag: "0x8DD0020DF963464"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 139173
x-served-by: cache-iad-kjyo7100145-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 25, 375
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5bc024be4e27f700a6acb0451e54af76d5fb94e4
content-length: 62877
GET

https://github.githubassets.com/assets/sessions-c6a512e7180c.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/sessions-c6a512e7180c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 05 Nov 2024 21:48:11 GMT
etag: "0x8DCFDE38B596E47"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:35 GMT
age: 315972
x-served-by: cache-iad-kiad7000114-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 31, 3503
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 08c75a3f9320179fe1ce808cc6582fd7ef8c3b7e
content-length: 7390
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-7917d5042068.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/chunk-app_components_primer_experimental_select-panel-element_ts-7917d5042068.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 04 Nov 2024 21:22:07 GMT
etag: "0x8DCFD16BCAB8C3F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:36 GMT
age: 256116
x-served-by: cache-iad-kjyo7100047-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 9, 1522
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3168afc250e3b4fceec30333711e1d00fc996d9f
content-length: 7701
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 01 Nov 2024 12:53:19 GMT
etag: "0x8DCFA74292DC495"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:36 GMT
age: 326864
x-served-by: cache-iad-kcgs7200082-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 8, 4214
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4e9d5f03918d68b78711d7fd4233f9c7a98d625c
content-length: 6232
GET

https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-a18fad-c17189d94fd6.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-a18fad-c17189d94fd6.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
content-md5: ZA5OR0tS1BbeQsfqNeCw7g==
last-modified: Wed, 14 Aug 2024 19:51:52 GMT
etag: "0x8DCBC9A8B29FF90"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:36 GMT
age: 1630692
x-served-by: cache-iad-kjyo7100141-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 17520, 15980
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4e093dac2892c4d87fcae9dbe89e814d9bdd5f94
content-length: 543
GET

https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-1546dc8c42cb.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/ui_packages_query-builder-element_query-builder-element_ts-1546dc8c42cb.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 13 Sep 2024 14:50:54 GMT
etag: "0x8DCD40378515B21"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:36 GMT
age: 3461401
x-served-by: cache-iad-kiad7000070-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 27886, 15481
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8ff95e72d1190e7247881ca504b391baba5c46dd
content-length: 7652
GET

https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_trusted-types-policies_policy_ts--7cc11e-7a151d1da86f.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_trusted-types-policies_policy_ts--7cc11e-7a151d1da86f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 05 Nov 2024 21:44:49 GMT
etag: "0x8DCFDE312B73841"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:36 GMT
age: 227324
x-served-by: cache-iad-kiad7000124-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 94, 2839
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: adc8d7be3f07f998fc63c556961bef2817f8aebf
content-length: 20446
GET

https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-23c1cb96287b.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-23c1cb96287b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 13:07:25 GMT
etag: "0x8DCEDE37AF61357"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:36 GMT
age: 2141829
x-served-by: cache-iad-kcgs7200025-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 11, 16297
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4272265fac191d5aff39f49cb88e42539d561a8e
content-length: 3179
GET

https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-2ab85b7d16d5.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-2ab85b7d16d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 13:07:25 GMT
etag: "0x8DCEDE37AF59EA5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:36 GMT
age: 2141829
x-served-by: cache-iad-kcgs7200076-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 11, 16446
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e23b565a65b70de3d23582be89a423a2b189adc6
content-length: 2941
GET

https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-600f89-c19ded76330f.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-600f89-c19ded76330f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 01 Nov 2024 12:53:19 GMT
etag: "0x8DCFA74292DEB78"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:36 GMT
age: 326864
x-served-by: cache-iad-kcgs7200073-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 8, 4221
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b56d5b040204d89d14d039713fc336710fff5386
content-length: 5628
GET

https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
content-md5: VvBwy4NqnxK52DsiAv8DSA==
last-modified: Wed, 14 Aug 2024 19:54:00 GMT
etag: "0x8DCBC9AD72D85A2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:36 GMT
age: 5283284
x-served-by: cache-iad-kcgs7200147-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 16408, 15972
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5730db0370432b8c132bdcabc40a06e3f3256861
content-length: 2790
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
content-md5: Sl55SYaMImCtL5+l+k36Gw==
last-modified: Wed, 14 Aug 2024 19:53:22 GMT
etag: "0x8DCBC9AC0F88440"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:37 GMT
age: 3471448
x-served-by: cache-iad-kcgs7200110-IAD, cache-lon4252-LON
x-cache: HIT, HIT
x-cache-hits: 30203, 15757
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 32024f8ffa44478df21f5a01ef96142cd912620f
content-length: 9412
DNS

github-cloud.s3.amazonaws.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

16.15.176.111

s3-w.us-east-1.amazonaws.com

IN A

54.231.197.233

s3-w.us-east-1.amazonaws.com

IN A

52.217.91.108

s3-w.us-east-1.amazonaws.com

IN A

3.5.17.174

s3-w.us-east-1.amazonaws.com

IN A

52.217.91.124

s3-w.us-east-1.amazonaws.com

IN A

52.217.168.185

s3-w.us-east-1.amazonaws.com

IN A

3.5.30.85

s3-w.us-east-1.amazonaws.com

IN A

3.5.11.178
DNS

user-images.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

user-images.githubusercontent.com

IN A

Response

user-images.githubusercontent.com

IN A

185.199.108.133

user-images.githubusercontent.com

IN A

185.199.111.133

user-images.githubusercontent.com

IN A

185.199.110.133

user-images.githubusercontent.com

IN A

185.199.109.133
DNS

22.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

22.160.190.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

186.244.140.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

186.244.140.51.in-addr.arpa

IN PTR

Response
DNS

154.108.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.108.199.185.in-addr.arpa

IN PTR

Response

154.108.199.185.in-addr.arpa

IN PTR

cdn-185-199-108-154githubcom
DNS

133.108.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.108.199.185.in-addr.arpa

IN PTR

Response

133.108.199.185.in-addr.arpa

IN PTR

cdn-185-199-108-133githubcom
DNS

data-edge.smartscreen.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

data-edge.smartscreen.microsoft.com

IN A

Response

data-edge.smartscreen.microsoft.com

IN CNAME

prod-atm-wds-edge.trafficmanager.net

prod-atm-wds-edge.trafficmanager.net

IN CNAME

prod-agic-uw-1.ukwest.cloudapp.azure.com

prod-agic-uw-1.ukwest.cloudapp.azure.com

IN A

51.140.242.104
GET

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release

msedge.exe

Remote address:

51.140.242.104:443

Request

GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "636976985063396749.rel.v2"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:05:36 GMT
Content-Type: application/octet-stream
Content-Length: 57
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
ETag: "638343870221005468"
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
X-OI-Signature: v=1; a=sha384RSA; ha=SHA384; bh=j4KrExT8d8Sta+9XdhCezD7hBBI07nd+3ZBLADaghRr4d/09v4f5U/qTjaOMrTCA; b=lsxejbsmixGwcuFeAOZKmpd1SHTEllQasQG2+/CD0NsAyZxEvj92iSXg4oIFBkMR6T5zGsr6fweTH5vZVeI6ucDD38nLM9KMrq5eRa9TryJWqO+IbvAljMHNXvAljPK2LeRsDTWYDgopZyWBvWkXXjA1SYiG1lcZjqGoeYE3RGB1av+gzIm0UtuS6l4lOPKBfqrbhng5p43VJZlfWnRtpUA6WIQlA77TnCYXYS+4qby6/glkxz/n6Kqj2AdZiBom/dT2adpHR7dqyW17hHIDaB6CYkxr/l3tputKOQWMABAZujw6r0VSf1RPj+lK+udHaMb0ncnK76ykfpMb9T1YBA==; fp=37DBD367E84BB5891D0C8F421BAE3393C75DF49C; h=CACHE-CONTROL:ETAG;
X-OI-Cert: MIIIsgYJKoZIhvcNAQcCoIIIozCCCJ8CAQExADAPBgkqhkiG9w0BBwGgAgQAoIIIgzCCCH8wggZnoAMCAQICEzMAZA/bZ2MnRmHFGGYAAABkD9swDQYJKoZIhvcNAQEMBQAwXTELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEuMCwGA1UEAxMlTWljcm9zb2Z0IEF6dXJlIFJTQSBUTFMgSXNzdWluZyBDQSAwMzAeFw0yNDA2MTgwNjM2MDZaFw0yNTA2MTMwNjM2MDZaMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJXQTEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQDExxjb250ZW50LnNtYXJ0c2NyZWVuLm1zZnQubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzSkQH8K/WmXFFOfz8yP+NDIscpRldMgdHZ/Kc816gbCpEP+JEDiY4fA5GNEIbjnvfJxC6LS2f9f0q2Vv3v71yMOrA5w+sy4xgZROMqneRk4OOdRpkAS7/3Fg4HC0vx9ShdXcPpReU/FjIW0qpT6wydh41qsQXlitOZCmEFUrwaZWVpMFiZ1NElT6U6wH0ZH9atQMkkpoTb9Y9bROgctEnT8Iq9Isfe36cpLL5CVekqtCQ4EkiCyZnnKTEZZ8Frx0/Sa+UAivfNwojP0hVjIuTXffBgp04oENcLI8TIWSrqy6dGs0NKKqfYjX3aC9wG4f5KuYVAHgvNqtPOyvnYIrQIDAQABo4IEIDCCBBwwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABkCoYiY8AAAQDAEcwRQIgAdMMTb63gVYnA93mpW7SmMwqAZWx96ueTYwL6TehoBECIQDgkkNU+beS5FjNaivae5pgzvpfrYx0JJqV8rWCEXesOAB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABkCoYjA0AAAQDAEgwRgIhALuO/1PINtm1k6b1daoCuuaestz02CkQKf6HQ9v6a3UsAiEA2i/FtCybsSHYT5L6/qRDeoGDOgZUdwCjapONqMODHhMAdwDgkrP8DB3I52g2H95huZZNClJ4GYpy1nLEsE2lbW9UBAAAAZAqGIoQAAAEAwBIMEYCIQDxvx82pdAiRUD2+wC7nQfGjs3X1Q1Vfo12nl9h9jR9QwIhAIuN6A84evReztCG1eEZmf4BDesaQDgjPt0Dx2GVga2iMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEwPAYJKwYBBAGCNxUHBC8wLQYlKwYBBAGCNxUIh73XG4Hn60aCgZ0ujtAMh/DaHV2ChOVpgvOnPgIBZAIBJjCBtAYIKwYBBQUHAQEEgacwgaQwcwYIKwYBBQUHMAKGZ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwQXp1cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwMyUyMC0lMjB4c2lnbi5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDAdBgNVHQ4EFgQUmS0vRaxdPTaVZEkUoU59i8aa+iIwDgYDVR0PAQH/BAQDAgWgMCcGA1UdEQQgMB6CHGNvbnRlbnQuc21hcnRzY3JlZW4ubXNmdC5uZXQwDAYDVR0TAQH/BAIwADBqBgNVHR8EYzBhMF+gXaBbhllodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBBenVyZSUyMFJTQSUyMFRMUyUyMElzc3VpbmclMjBDQSUyMDAzLmNybDBmBgNVHSAEXzBdMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5odG0wCAYGZ4EMAQICMB8GA1UdIwQYMBaAFP4JcUBVBRBE2KSBdbieGulKBojIMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG9w0BAQwFAAOCAgEAe1QltG1CI1df9IjK1nJmDNk2IFLlAW9EAV78FbEhTeVYqvAiIlJAZL8lV69JbhjFOqrf4kI8K56Uy16JKHBh3ZVK9Sm2IjOYetFaWXEgr1CH0PRs9iSa93kqsCUwgFL8eOgQ2/4nlWyNzvJbWchTs52KcBHkR6QentlCaEYALNYI0E2uBPj9/5C0djhVZVaOngEM5Wv6XPdh6d3Oy0iwReCKoNVHHr1eT5dWC7R84uftsGYAgWiTMzAGX2gihswe10uDjS0F0KSHPUtaHo3iT68fgESlBSrdKNbutOl94eP2uhRxRr3aB+Sn5jUM/miiRPKBE+rDOHF/g1YQEXzmgm4G0EyItS9MJZ4mrwRaV4vpdcjZuQz3ymmMN6swnRTsXrOuOlP9QU/WhGVimpclYVPusGGi3Z65kSq55yOVyV15m3G+v2bBh+lM6jMLuCcnQeuFGI36+t1NFAvTS/AU6dfY7X93Xqc7yCBBgqliB5nefi30aW8AHA2dVKdti7v9w1S6SdPHEk/IbT2WUS8cVaS9gNtZNjQuL/FjrogLrr3BeXZpsBYZCxCa1f0ksMOboOmngZ3YMn9n57J19dZq7oqUkV5uoiv++qxOM3etzptUD9cEhMjLet0DWAof34ieFziSnUOKhoIZNwfSDnhAiGRl3ytKrZJMc8DYtZvak94xAA==
GET

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release

msedge.exe

Remote address:

51.140.242.104:443

Request

GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "638343870221005468"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 304 Not Modified

Date: Sun, 10 Nov 2024 10:05:36 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
POST

https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settings

msedge.exe

Remote address:

51.140.242.104:443

Request

POST /api/browser/edge/data/settings HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoidVZOZElrUUlWOXM9Iiwia2V5IjoiODh2dmdqMlJrY3BldGE0T1VheE1UUT09In0=
If-None-Match: "2.0-0"
User-Agent: SmartScreen/281479409565696
Content-Length: 1321
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:05:36 GMT
Content-Type: application/octet-stream
Content-Length: 129085
Connection: keep-alive
Server: Kestrel
ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
POST

https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settings

msedge.exe

Remote address:

51.140.242.104:443

Request

POST /api/browser/edge/data/settings HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiR0F0MEVNUWdSNUU9Iiwia2V5IjoicHlLclN0Z2VUR0ZWaW5xTExldFFEZz09In0=
If-None-Match: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
User-Agent: SmartScreen/281479409565696
Content-Length: 1272
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:05:36 GMT
Content-Type: application/octet-stream
Content-Length: 129085
Connection: keep-alive
Server: Kestrel
ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
GET

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

msedge.exe

Remote address:

51.140.242.104:443

Request

GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "170540185939602997400506234197983529371"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:05:36 GMT
Content-Type: application/octet-stream
Content-Length: 460992
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
ETag: "638004170464094982"
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
X-OI-Signature: v=1; a=sha384RSA; ha=SHA384; bh=7csvs6wrK3NA5rU73eamx5vAWfaIbGGGGrCaQymgYIKtYElVZVn8FMwEOPvCPHsR; b=iLJvug2xVRHV/zRkTuEyY8Zm5DV1r2rcoFmtOqM4Th8e1UGMuxxCMsEl3V0m2DZ1ibIhJJXHkKq6VicNjkeGtE2XNLuXUg4Nt1+9AjYEtAzZZmF4g52u81VFXkPXAYwDAkuaWGEU1H35w7fv6AlvtPAdSa2GidI4us0RI8m8w0emxetz7h12azENRS2EkL1SmLqM1QA6gpadyCfwnzLR9jRyPC4iCtc4/Pk8DdunPJ80tS/A9XRjUXiBanugKBbt7rxXgPMKd/53Lx1dNJWhhRZdrIb1nui9Uz0C6J98qUNgxElxK1ih7UYNKU4qSWoO4vL6jWtpd+QWlKRX3g2gvQ==; fp=37DBD367E84BB5891D0C8F421BAE3393C75DF49C; h=CACHE-CONTROL:ETAG;
X-OI-Cert: MIIIsgYJKoZIhvcNAQcCoIIIozCCCJ8CAQExADAPBgkqhkiG9w0BBwGgAgQAoIIIgzCCCH8wggZnoAMCAQICEzMAZA/bZ2MnRmHFGGYAAABkD9swDQYJKoZIhvcNAQEMBQAwXTELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEuMCwGA1UEAxMlTWljcm9zb2Z0IEF6dXJlIFJTQSBUTFMgSXNzdWluZyBDQSAwMzAeFw0yNDA2MTgwNjM2MDZaFw0yNTA2MTMwNjM2MDZaMHMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJXQTEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQDExxjb250ZW50LnNtYXJ0c2NyZWVuLm1zZnQubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzSkQH8K/WmXFFOfz8yP+NDIscpRldMgdHZ/Kc816gbCpEP+JEDiY4fA5GNEIbjnvfJxC6LS2f9f0q2Vv3v71yMOrA5w+sy4xgZROMqneRk4OOdRpkAS7/3Fg4HC0vx9ShdXcPpReU/FjIW0qpT6wydh41qsQXlitOZCmEFUrwaZWVpMFiZ1NElT6U6wH0ZH9atQMkkpoTb9Y9bROgctEnT8Iq9Isfe36cpLL5CVekqtCQ4EkiCyZnnKTEZZ8Frx0/Sa+UAivfNwojP0hVjIuTXffBgp04oENcLI8TIWSrqy6dGs0NKKqfYjX3aC9wG4f5KuYVAHgvNqtPOyvnYIrQIDAQABo4IEIDCCBBwwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABkCoYiY8AAAQDAEcwRQIgAdMMTb63gVYnA93mpW7SmMwqAZWx96ueTYwL6TehoBECIQDgkkNU+beS5FjNaivae5pgzvpfrYx0JJqV8rWCEXesOAB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABkCoYjA0AAAQDAEgwRgIhALuO/1PINtm1k6b1daoCuuaestz02CkQKf6HQ9v6a3UsAiEA2i/FtCybsSHYT5L6/qRDeoGDOgZUdwCjapONqMODHhMAdwDgkrP8DB3I52g2H95huZZNClJ4GYpy1nLEsE2lbW9UBAAAAZAqGIoQAAAEAwBIMEYCIQDxvx82pdAiRUD2+wC7nQfGjs3X1Q1Vfo12nl9h9jR9QwIhAIuN6A84evReztCG1eEZmf4BDesaQDgjPt0Dx2GVga2iMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEwPAYJKwYBBAGCNxUHBC8wLQYlKwYBBAGCNxUIh73XG4Hn60aCgZ0ujtAMh/DaHV2ChOVpgvOnPgIBZAIBJjCBtAYIKwYBBQUHAQEEgacwgaQwcwYIKwYBBQUHMAKGZ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwQXp1cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwMyUyMC0lMjB4c2lnbi5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDAdBgNVHQ4EFgQUmS0vRaxdPTaVZEkUoU59i8aa+iIwDgYDVR0PAQH/BAQDAgWgMCcGA1UdEQQgMB6CHGNvbnRlbnQuc21hcnRzY3JlZW4ubXNmdC5uZXQwDAYDVR0TAQH/BAIwADBqBgNVHR8EYzBhMF+gXaBbhllodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBBenVyZSUyMFJTQSUyMFRMUyUyMElzc3VpbmclMjBDQSUyMDAzLmNybDBmBgNVHSAEXzBdMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5odG0wCAYGZ4EMAQICMB8GA1UdIwQYMBaAFP4JcUBVBRBE2KSBdbieGulKBojIMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG9w0BAQwFAAOCAgEAe1QltG1CI1df9IjK1nJmDNk2IFLlAW9EAV78FbEhTeVYqvAiIlJAZL8lV69JbhjFOqrf4kI8K56Uy16JKHBh3ZVK9Sm2IjOYetFaWXEgr1CH0PRs9iSa93kqsCUwgFL8eOgQ2/4nlWyNzvJbWchTs52KcBHkR6QentlCaEYALNYI0E2uBPj9/5C0djhVZVaOngEM5Wv6XPdh6d3Oy0iwReCKoNVHHr1eT5dWC7R84uftsGYAgWiTMzAGX2gihswe10uDjS0F0KSHPUtaHo3iT68fgESlBSrdKNbutOl94eP2uhRxRr3aB+Sn5jUM/miiRPKBE+rDOHF/g1YQEXzmgm4G0EyItS9MJZ4mrwRaV4vpdcjZuQz3ymmMN6swnRTsXrOuOlP9QU/WhGVimpclYVPusGGi3Z65kSq55yOVyV15m3G+v2bBh+lM6jMLuCcnQeuFGI36+t1NFAvTS/AU6dfY7X93Xqc7yCBBgqliB5nefi30aW8AHA2dVKdti7v9w1S6SdPHEk/IbT2WUS8cVaS9gNtZNjQuL/FjrogLrr3BeXZpsBYZCxCa1f0ksMOboOmngZ3YMn9n57J19dZq7oqUkV5uoiv++qxOM3etzptUD9cEhMjLet0DWAof34ieFziSnUOKhoIZNwfSDnhAiGRl3ytKrZJMc8DYtZvak94xAA==
GET

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

msedge.exe

Remote address:

51.140.242.104:443

Request

GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "638004170464094982"
User-Agent: SmartScreen/281479409565696
Host: data-edge.smartscreen.microsoft.com

Response

HTTP/1.1 304 Not Modified

Date: Sun, 10 Nov 2024 10:05:36 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Cache-Control: max-age=86400
Request-Context: appId=cid-v1:365e21c6-df19-4b1c-a612-b572489ace31
DNS

203.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

203.197.79.204.in-addr.arpa

IN PTR

Response

203.197.79.204.in-addr.arpa

IN PTR

a-0003a-msedgenet
DNS

104.242.140.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.242.140.51.in-addr.arpa

IN PTR

Response
DNS

collector.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.112.21
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1071
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:05:37 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003212
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2B6E66:4878A3:67308571
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1049
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:05:37 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002380
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2B6EB5:487916:67308571
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1352
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:05:37 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.001823
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2B6EBC:487923:67308571
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1769
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:05:47 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003311
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2B7743:488649:67308571
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1151
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:06:38 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003314
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2BA08F:48C6E2:6730857B
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1044
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:06:38 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003225
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2BA0DD:48C760:673085AE
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1165
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:06:38 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003769
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2BA0DE:48C762:673085AE
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1492
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:06:39 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003573
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2BA12E:48C7EB:673085AE
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1132
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:06:59 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.001840
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2BB08B:48E083:673085AF
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1141
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:06:59 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002486
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2BB08C:48E088:673085C3
POST

https://collector.github.com/github/collect

msedge.exe

Remote address:

140.82.112.21:443

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1538
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Sun, 10 Nov 2024 10:06:59 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002481
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E70F:20328A:2BB0DE:48E109:673085C3
GET

https://github.githubassets.com/favicons/favicon.svg

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /favicons/favicon.svg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/png
content-md5: YDrNCDxuYozaAYS2sPzvIQ==
last-modified: Wed, 14 Aug 2024 19:49:39 GMT
etag: "0x8DCBC9A3C0EF02F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:37 GMT
age: 1129615
x-served-by: cache-iad-kiad7000023-IAD, cache-lon420118-LON
x-cache: HIT, HIT
x-cache-hits: 1961, 1882
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 02fe4cf2708598ff414a19a5a301459718bedfa0
content-length: 14426
GET

https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /assets/apple-touch-icon-144x144-b882e354c005.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
content-md5: bYAvaN8MCaSZfP0o7q/Z/w==
last-modified: Wed, 14 Aug 2024 19:18:58 GMT
etag: "0x8DCBC95F2647EDF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:37 GMT
age: 123
x-served-by: cache-iad-kiad7000081-IAD, cache-lon420118-LON
x-cache: HIT, HIT
x-cache-hits: 45, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dd5ee2fbab915e1c516dc69fc4c37947e6a6fdd6
content-length: 959
GET

https://github.githubassets.com/favicons/favicon.png

msedge.exe

Remote address:

185.199.108.154:443

Request

GET /favicons/favicon.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-md5: NG4JRxNi8pB1EKMYEhKc0g==
last-modified: Wed, 14 Aug 2024 19:18:46 GMT
etag: "0x8DCBC95EB57AC96"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:05:37 GMT
age: 128
x-served-by: cache-iad-kiad7000070-IAD, cache-lon420118-LON
x-cache: HIT, HIT
x-cache-hits: 204603, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3f7ca5565eb11b4d57489a25a0bb4ddc2dd63f2c
content-length: 958
DNS

api.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 876
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sun, 10 Nov 2024 10:05:37 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1731236737
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: CBB7:292819:4E3973:554D51:67308571
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 739
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sun, 10 Nov 2024 10:05:47 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1731236747
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: CBB7:292819:4E3C3E:55504B:67308571
DNS

21.112.82.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.112.82.140.in-addr.arpa

IN PTR

Response

21.112.82.140.in-addr.arpa

IN PTR

lb-140-82-112-21-iadgithubcom
DNS

210.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.156.26.20.in-addr.arpa

IN PTR

Response
DNS

209.205.72.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.205.72.20.in-addr.arpa

IN PTR

Response
DNS

cxcs.microsoft.net

Remote address:

8.8.8.8:53

Request

cxcs.microsoft.net

IN A

Response

cxcs.microsoft.net

IN CNAME

cxcs.microsoft.net.edgekey.net

cxcs.microsoft.net.edgekey.net

IN CNAME

e3230.b.akamaiedge.net

e3230.b.akamaiedge.net

IN A

23.213.251.133
GET

https://cxcs.microsoft.net/api/settings/en-US/xml/settings-tipset?release=20h1&sku=EnterpriseS&platform=desktop

Remote address:

23.213.251.133:443

Request

GET /api/settings/en-US/xml/settings-tipset?release=20h1&sku=EnterpriseS&platform=desktop HTTP/2.0
host: cxcs.microsoft.net
accept-encoding: gzip, deflate

Response

HTTP/2.0 404

content-type: text/html
content-length: 26
date: Sun, 10 Nov 2024 10:05:51 GMT
GET

https://cxcs.microsoft.net/api/settings/en-US/xml/settings-tipset?release=20h1&sku=EnterpriseS&platform=desktop

Remote address:

23.213.251.133:443

Request

GET /api/settings/en-US/xml/settings-tipset?release=20h1&sku=EnterpriseS&platform=desktop HTTP/2.0
host: cxcs.microsoft.net
accept-encoding: gzip, deflate

Response

HTTP/2.0 404

content-type: text/html
content-length: 26
date: Sun, 10 Nov 2024 10:05:57 GMT
GET

https://cxcs.microsoft.net/api/settings/en-US/xml/settings-tipset?release=20h1&sku=EnterpriseS&platform=desktop

Remote address:

23.213.251.133:443

Request

GET /api/settings/en-US/xml/settings-tipset?release=20h1&sku=EnterpriseS&platform=desktop HTTP/2.0
host: cxcs.microsoft.net
accept-encoding: gzip, deflate

Response

HTTP/2.0 404

content-type: text/html
content-length: 26
date: Sun, 10 Nov 2024 10:06:01 GMT
POST

https://www.bing.com/RelatedSearch?addfeaturesnoexpansion=relatedsearch&mkt=en-US

Remote address:

92.123.128.149:443

Request

POST /RelatedSearch?addfeaturesnoexpansion=relatedsearch&mkt=en-US HTTP/2.0
host: www.bing.com
accept-encoding: gzip, deflate
content-length: 2239
content-type: application/json; charset=UTF-8
cache-control: no-cache
cookie: SRCHUID=V=2&GUID=365BCD6F4B8F43A2BEC53C2D6D627C09&dmnchg=1; SRCHD=AF=NOFORM; _EDGE_V=1; MUID=285059EBDBBA66BD10234CCADAB467D8; SRCHUSR=DOB=20241023; SRCHHPGUSR=SRCHLANG=en; MUIDB=285059EBDBBA66BD10234CCADAB467D8

Response

HTTP/2.0 200

content-length: 391
content-type: application/json; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 6730857fa06245859e0263dbc1157d5e
x-as-setsessionmarket: en-US
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-zQBZW36uilzoYs2Z5s3yqAh1MNeCr9mab0QrY+VRhuw='; base-uri 'self';
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 10:05:51 GMT
set-cookie: _EDGE_S=SID=2E1BE42C83C362323FFAF11F82C9634B&mkt=en-US; domain=.bing.com; path=/
set-cookie: _SS=SID=2E1BE42C83C362323FFAF11F82C9634B; domain=.bing.com; path=/
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.86777b5c.1731233151.100df76a
POST

https://www.bing.com/RelatedSearch?addfeaturesnoexpansion=relatedsearch&mkt=en-US

Remote address:

92.123.128.149:443

Request

POST /RelatedSearch?addfeaturesnoexpansion=relatedsearch&mkt=en-US HTTP/2.0
host: www.bing.com
accept-encoding: gzip, deflate
content-length: 2369
content-type: application/json; charset=UTF-8
cache-control: no-cache
cookie: SRCHUID=V=2&GUID=365BCD6F4B8F43A2BEC53C2D6D627C09&dmnchg=1; SRCHD=AF=NOFORM; _EDGE_V=1; MUID=285059EBDBBA66BD10234CCADAB467D8; SRCHUSR=DOB=20241023; SRCHHPGUSR=SRCHLANG=en; _EDGE_S=SID=2E1BE42C83C362323FFAF11F82C9634B&mkt=en-US; _SS=SID=2E1BE42C83C362323FFAF11F82C9634B; MUIDB=285059EBDBBA66BD10234CCADAB467D8

Response

HTTP/2.0 200

content-length: 360
content-type: application/json; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 673085853643453b8c9db143c5365e74
x-as-setsessionmarket: en-US
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-06CLPm4BY0A4ZB3qfEjZ7Tv9WF1JVhV3Yfs3XzjUlVM='; base-uri 'self';
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 10:05:57 GMT
set-cookie: _EDGE_S=SID=2E1BE42C83C362323FFAF11F82C9634B&mkt=en-US; domain=.bing.com; path=/
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.86777b5c.1731233157.100e1cb7
POST

https://www.bing.com/RelatedSearch?addfeaturesnoexpansion=relatedsearch&mkt=en-US

Remote address:

92.123.128.149:443

Request

POST /RelatedSearch?addfeaturesnoexpansion=relatedsearch&mkt=en-US HTTP/2.0
host: www.bing.com
accept-encoding: gzip, deflate
content-length: 651
content-type: application/json; charset=UTF-8
cache-control: no-cache
cookie: SRCHUID=V=2&GUID=365BCD6F4B8F43A2BEC53C2D6D627C09&dmnchg=1; SRCHD=AF=NOFORM; _EDGE_V=1; MUID=285059EBDBBA66BD10234CCADAB467D8; SRCHUSR=DOB=20241023; SRCHHPGUSR=SRCHLANG=en; _EDGE_S=SID=2E1BE42C83C362323FFAF11F82C9634B&mkt=en-US; _SS=SID=2E1BE42C83C362323FFAF11F82C9634B; MUIDB=285059EBDBBA66BD10234CCADAB467D8

Response

HTTP/2.0 200

content-length: 410
content-type: application/json; charset=utf-8
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 67308589172b432da493d0dcb2825cef
x-as-setsessionmarket: en-US
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-zVJns3qTP3Ybsk/lHhs7Wlg+Ob9xj1RVpBxn6OjClUQ='; base-uri 'self';
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Sun, 10 Nov 2024 10:06:01 GMT
set-cookie: _EDGE_S=SID=2E1BE42C83C362323FFAF11F82C9634B&mkt=en-US; domain=.bing.com; path=/
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.86777b5c.1731233161.100e3483
DNS

133.251.213.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.251.213.23.in-addr.arpa

IN PTR

Response

133.251.213.23.in-addr.arpa

IN PTR

a23-213-251-133deploystaticakamaitechnologiescom
DNS

149.128.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.128.123.92.in-addr.arpa

IN PTR

Response

149.128.123.92.in-addr.arpa

IN PTR

a92-123-128-149deploystaticakamaitechnologiescom
DNS

53.210.109.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

53.210.109.20.in-addr.arpa

IN PTR

Response
DNS

18.31.95.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.31.95.13.in-addr.arpa

IN PTR

Response
DNS

fd.api.iris.microsoft.com

Remote address:

8.8.8.8:53

Request

fd.api.iris.microsoft.com

IN A

Response

fd.api.iris.microsoft.com

IN CNAME

fd-api-iris.trafficmanager.net

fd-api-iris.trafficmanager.net

IN CNAME

iris-de-prod-azsc-v2-frc.francecentral.cloudapp.azure.com

iris-de-prod-azsc-v2-frc.francecentral.cloudapp.azure.com

IN A

20.199.58.43
GET

https://fd.api.iris.microsoft.com/v4/api/selection?&asid=62A49A888B7345E09CA4D350639ABE23&nct=1&placement=88000677&bcnt=30&country=US&locale=en-US&poptin=0&fmt=json&clr=cdmlite&arch=AMD64&concp=0&d3dfl=D3D_FEATURE_LEVEL_12_1&devfam=Windows.Desktop&devosver=10.0.19044.4529&dinst=1729692905&dmret=0&drgng=244&flightbranch=&flightring=Retail&localid=w%3A31D534A1-E457-B456-1E1B-35D15586A14B&osbranch=vb_release&oslocale=en-US&osret=1&ossku=EnterpriseS&osskuid=125&prccn=2&prccs=4192&prcmf=AuthenticAMD&procm=Intel%20Core%20Processor%20%28Broadwell%29&ram=4095&tinst=Client&tl=1&pat=0&smc=0&sac=0&disphorzres=1280&dispsize=14.7&dispvertres=720&ldisphorzres=1280&ldispvertres=720&moncnt=1&cpdsk=241361&frdsk=20466&lo=25670&tsu=25670

Remote address:

20.199.58.43:443

Request

GET /v4/api/selection?&asid=62A49A888B7345E09CA4D350639ABE23&nct=1&placement=88000677&bcnt=30&country=US&locale=en-US&poptin=0&fmt=json&clr=cdmlite&arch=AMD64&concp=0&d3dfl=D3D_FEATURE_LEVEL_12_1&devfam=Windows.Desktop&devosver=10.0.19044.4529&dinst=1729692905&dmret=0&drgng=244&flightbranch=&flightring=Retail&localid=w%3A31D534A1-E457-B456-1E1B-35D15586A14B&osbranch=vb_release&oslocale=en-US&osret=1&ossku=EnterpriseS&osskuid=125&prccn=2&prccs=4192&prcmf=AuthenticAMD&procm=Intel%20Core%20Processor%20%28Broadwell%29&ram=4095&tinst=Client&tl=1&pat=0&smc=0&sac=0&disphorzres=1280&dispsize=14.7&dispvertres=720&ldisphorzres=1280&ldispvertres=720&moncnt=1&cpdsk=241361&frdsk=20466&lo=25670&tsu=25670 HTTP/2.0
host: fd.api.iris.microsoft.com
accept-encoding: gzip, deflate
x-sdk-hw-token: t=EwDoAppeBAAUGoFunEzxzyai/T0i5tnZAAR1eX0AAe+C2b9CPpKBOg/YE+1PUAPcb6+Qevlcr3qZSW5eJEyp2V5uvwhUVRBVPimvUfEHzp3AOThDZEAx7u3HctoYdmW3dx7mcV3E9YAU0QKDzU1Vug4P52QK8IqAMs8eUIhe23f9nh1qTbzJD5t0N+MZAnb6dC8xHKNjmDcFW4yasEFTX+jT7Xqwgz7s7XwC8kVg2pFJ4nDGCsyPv5I0PBOVEwjkzPzIr7AednJ+DWfRCDMq/pTm7hCGxdY8NGoGvXg4vIxilHqT6ftFrXUYfW4aOmvqzRKdqvt/6hW79/vIJXe03lElIRDi+EEgkZ8aKSTOwnb+9PCEfMkvwmJcjx+0CDkQZgAAECzbtOacB+jFwZqdW0dKRpKwAVRCERc9qvNZdflTtXozpFpROKNNOTjHqGpH3goY3AJrAJdZgYM3Ox91NO49tXJhv/17tHeT6KLShVQoLMjcI5jPnRWL2bWVzQ87tmepNRJRQ77OBmVl08BBF/BeDi7y052gcuPS1Mgt/nrm6D1mujOHRR/aC1OqiltJT6I9fZh+AqW8jWys1X8p4XSOkpQWLwkWEX3Be9Asyac2Jwxu3JVmifvYaMRwoCuj198fPskZuKlJAIncHZt6p8MblugeAIf6VOCWWQtTk0PuvENKHg2LqsD2a0Zf94jJihzhYUmRI/cGnZ912/JZa68KBaWmVkfQlsL8au7WzMZhWLekDkpKYUh/Edyt+2TaqqOkO2RcKFZRcms4YcXTq8z/L2tMX67uerVgQBLwEY3IZiqw5vHB7aIWOO33MGuafuWt8CDSBxgFUzpqNGmKYl+9JELYrnrWuwflVEvfkoScwoLorJL/a64AMco9Q+xRjZSN/+oL8J48mejNOiXSIuVqGAGanfuumEBFyDUb2WTuqKtGqYy+dYb5q6UY+noS7IC6Ra1/kRz1XpJlIEvsAUGIweWT/tkB&p=

Response

HTTP/2.0 200

cache-control: no-store, no-cache
pragma: no-cache
content-length: 131
content-type: application/json; charset=utf-8
expires: Mon, 01 Jan 0001 00:00:00 GMT
server: Microsoft-IIS/10.0
arc-rsp-dbg: [{"DcoPlusDebug":"Status: Ok"},{"OPTOUTSTATE":"256"},{"REGIONALPOLICY":"0"}]
accept-ch: UA, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform, UA-Platform-Version
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 10 Nov 2024 10:06:07 GMT
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

172.214.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.214.232.199.in-addr.arpa

IN PTR

Response
DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree/master/Ransomware HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:06:38 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"7c044f0fa158ac6b028d7895f82216c2"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1452
x-github-request-id: FCB7:2AA314:636D2E:7173DA:673085AE
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:06:38 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"bb234f79843f6b8448edb04cacc8b10c"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 1140
x-github-request-id: FCB7:2AA314:636D4E:7173FF:673085AE
GET

https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Ransomware

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Ransomware HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:06:38 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: FCB7:2AA314:636D4E:717400:673085AE
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:06:39 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"daa8cdc28e2a92e29b5b249ec65db5d2"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 442
x-github-request-id: FCB7:2AA314:636D4E:7173FE:673085AE
GET

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: application/json
x-requested-with: XMLHttpRequest
x-react-router: json
x-github-target: dotcom
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:06:59 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"0849fcda14f2e0cfcfda93e0a5599d18"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 2195
x-github-request-id: FCB7:2AA314:6374D0:717C9B:673085AF
GET

https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/CryptoWall.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/CryptoWall.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:06:59 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"daa8cdc28e2a92e29b5b249ec65db5d2"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 442
x-github-request-id: FCB7:2AA314:6374E5:717CB6:673085C3
GET

https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/CryptoWall.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/CryptoWall.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Sun, 10 Nov 2024 10:06:59 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: FCB7:2AA314:6374E5:717CB8:673085C3
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/html, application/xhtml+xml
dnt: 1
turbo-visit: true
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Sun, 10 Nov 2024 10:07:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: FCB7:2AA314:6375F9:717DF2:673085C3
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Sun, 10 Nov 2024 10:07:02 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: FCB7:2AA314:637621:717E16:673085C5
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/html, application/xhtml+xml
dnt: 1
turbo-visit: true
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Sun, 10 Nov 2024 10:07:01 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: FCB7:2AA314:637E26:718753:673085C6
GET

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=Uj37dwBDoKS3lnxfAHNyxTJAdkVTOkZRMPtlpny3maIfQxSKgAP%2BrmCL9WO5C%2FrFdOUh3OdDiwBFq%2BFLyoeVnmFEun4sGEAtossUra1dSupv8tdFqzYJIkIcdMaUzOmyYbVC9%2Bdxmw8BUjaqR2j4GDUxFCdcwSgFwLUNLwk1II%2FafjiCwb1ekV3ZUfrwZK6rceGVEhWy771jOeZBiawvz4ArDJJ8I25I0z0Kx%2Bi9YnVOncF94V6zV4F%2FOFugA3fvjmEtBn1mVkkBFghRMsoxrA%3D%3D--5qzMYxoMV8ij6kQs--qjQg7rIEFoLb8YNzfFTpsw%3D%3D
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 302

server: GitHub.com
date: Sun, 10 Nov 2024 10:07:02 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: FCB7:2AA314:637E2F:71875F:673085DB
DNS

api.github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 212
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sun, 10 Nov 2024 10:06:39 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1731236799
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C2AC:1E56A8:138DA88:1508D32:673085AF
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 765
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sun, 10 Nov 2024 10:06:59 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1731236819
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C2AC:1E56A8:138E071:15093AE:673085AF
POST

https://api.github.com/_private/browser/stats

msedge.exe

Remote address:

20.26.156.210:443

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 227
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.1620697693.1731233135
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

date: Sun, 10 Nov 2024 10:07:23 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1731236843
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: C2AC:1E56A8:138E92B:1509CF3:673085C3
DNS

raw.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

raw.githubusercontent.com

IN A

Response

raw.githubusercontent.com

IN A

185.199.108.133

raw.githubusercontent.com

IN A

185.199.111.133

raw.githubusercontent.com

IN A

185.199.109.133

raw.githubusercontent.com

IN A

185.199.110.133
OPTIONS

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

OPTIONS /Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe HTTP/2.0
host: raw.githubusercontent.com
accept: */*
access-control-request-method: GET
access-control-request-headers: turbo-visit
origin: https://github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-cache
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 0
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:;
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:07:02 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600020-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1731233222.999499,VS0,VE2
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 96a25c905fa3e1c42d45bab5563422f10469bcf1
expires: Sun, 10 Nov 2024 10:12:02 GMT
vary: Authorization,Accept-Encoding
OPTIONS

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe

msedge.exe

Remote address:

185.199.108.133:443

Request

OPTIONS /Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe HTTP/2.0
host: raw.githubusercontent.com
accept: */*
access-control-request-method: GET
access-control-request-headers: turbo-visit
origin: https://github.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

cache-control: no-cache
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 0
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:;
accept-ranges: bytes
date: Sun, 10 Nov 2024 10:07:23 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600020-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1731233243.334536,VS0,VE2
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: d0e7e32e0ae5673bc8ce0d701ae3324f27a0e56d
expires: Sun, 10 Nov 2024 10:12:23 GMT
vary: Authorization,Accept-Encoding
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

ip-addr.es

netsvcs

Remote address:

8.8.8.8:53

Request

ip-addr.es

IN A

Response

ip-addr.es

IN A

188.165.164.184
GET

http://ip-addr.es/

netsvcs

Remote address:

188.165.164.184:80

Request

GET / HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: ip-addr.es
Cache-Control: no-cache

Response

HTTP/1.1 308 Permanent Redirect

Date: Sun, 10 Nov 2024 10:00:00 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://ip-addr.es/
Server: DYNAMIC+
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
GET

https://ip-addr.es/

netsvcs

Remote address:

188.165.164.184:443

Request

GET / HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Cache-Control: no-cache
Host: ip-addr.es
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Sun, 10 Nov 2024 10:00:01 GMT
Content-Type: text/plain;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 10 Nov 2024 10:00:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
X-XSS-Protection: 1
Server: DYNAMIC+
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
DNS

184.164.165.188.in-addr.arpa

Remote address:

8.8.8.8:53

Request

184.164.165.188.in-addr.arpa

IN PTR

Response

184.164.165.188.in-addr.arpa

IN PTR

dynamicplusit
DNS

32.169.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

32.169.19.2.in-addr.arpa

IN PTR

Response

32.169.19.2.in-addr.arpa

IN PTR

a2-19-169-32deploystaticakamaitechnologiescom
DNS

checkappexec.microsoft.com

Remote address:

8.8.8.8:53

Request

checkappexec.microsoft.com

IN A

Response

checkappexec.microsoft.com

IN CNAME

prod-atm-wds-apprep.trafficmanager.net

prod-atm-wds-apprep.trafficmanager.net

IN CNAME

prod-agic-us-2.uksouth.cloudapp.azure.com

prod-agic-us-2.uksouth.cloudapp.azure.com

IN A

172.165.69.228
POST

https://checkappexec.microsoft.com/windows/shell/actions

Remote address:

172.165.69.228:443

Request

POST /windows/shell/actions HTTP/2.0
host: checkappexec.microsoft.com
accept-encoding: gzip, deflate
user-agent: SmartScreen/2814751014982010
authorization: SmartScreenHash eyJhdXRoSWQiOiJhZGZmZjVhZC1lZjllLTQzYTYtYjFhMy0yYWQ0MjY3YWVlZDUiLCJoYXNoIjoibkl3ZG8vdVc4OW89Iiwia2V5IjoiOXJvV2dVbjh5Nm5kbThvOGdHRWZLdz09In0=
content-length: 1162
content-type: application/json; charset=utf-8
cache-control: no-cache

Response

HTTP/2.0 200

date: Sun, 10 Nov 2024 10:07:39 GMT
content-type: application/json; charset=utf-8
content-length: 183
server: Kestrel
cache-control: max-age=0, private
request-context: appId=cid-v1:7f05e9f0-1fe6-401c-8ae7-2478e40e2f1e
DNS

228.69.165.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

228.69.165.172.in-addr.arpa

IN PTR

Response

20.26.156.215:443

https://github.com/manifest.json

tls, http2

msedge.exe

4.9kB
89.5kB
56
82

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Virus/WinNuke.98.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-count

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Virus/WinNuke.98.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Virus/WinNuke.98.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

HTTP Response

200

HTTP Response

200

HTTP Response

304

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branch

HTTP Response

304

HTTP Request

GET https://github.com/manifest.json

HTTP Response

200
51.140.244.186:443

https://nav.smartscreen.microsoft.com/api/browser/edge/actions

tls, http

msedge.exe

2.6kB
8.0kB
13
12

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/actions

HTTP Response

200
51.140.244.186:443

https://nav.smartscreen.microsoft.com/api/browser/edge/downloadcomplete/1

tls, http

msedge.exe

19.8kB
18.1kB
40
28

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

HTTP Response

200

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

HTTP Response

200

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

HTTP Response

200

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

HTTP Response

200

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/download/2

HTTP Response

200

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/downloadcomplete/1

HTTP Response

200

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

HTTP Response

200

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/downloadcomplete/1

HTTP Response

200
185.199.108.133:443

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe

tls, http2

msedge.exe

4.9kB
149.4kB
71
126

HTTP Request

GET https://avatars.githubusercontent.com/u/63458929?v=4&size=40

HTTP Response

200

HTTP Request

GET https://avatars.githubusercontent.com/u/123590232?v=4&size=40

HTTP Response

200

HTTP Request

GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe

HTTP Response

200
185.199.108.154:443

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

tls, http2

msedge.exe

35.0kB
1.0MB
553
818

HTTP Request

GET https://github.githubassets.com/assets/light-3e154969b9f9.css

HTTP Request

GET https://github.githubassets.com/assets/primer-primitives-4cf0d59ab51a.css

HTTP Request

GET https://github.githubassets.com/assets/primer-d4805e363e20.css

HTTP Request

GET https://github.githubassets.com/assets/dark-9c5b7a476542.css

HTTP Request

GET https://github.githubassets.com/assets/repository-1e3bbbee6b91.css

HTTP Request

GET https://github.githubassets.com/assets/github-6110438c1619.css

HTTP Request

GET https://github.githubassets.com/assets/global-79a5b5698a34.css

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css

HTTP Request

GET https://github.githubassets.com/assets/react-code-view.6b587a69b593e23c3657.module.css

HTTP Request

GET https://github.githubassets.com/assets/primer-react.2beab350097eeaad3991.module.css

HTTP Request

GET https://github.githubassets.com/assets/code-53e56f0305ac.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/wp-runtime-d1c774376d16.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b73fdff77a4e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-aff936e590ed.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-247092-ee0bd6110c34.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-074ee5faa813.js

HTTP Request

GET https://github.githubassets.com/assets/environment-cd35650c2e9c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-4aa4b0e95669.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-6d3967acd51c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_g-emoji-element_di-6ce195-53781cbc550f.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-6afc16-87f32ad5fff1.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-f5498b8d4e5d.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-d1a841-8f251a0656e7.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1f651a-1e3d784c897c.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-af0385-1d5998037c7f.js

HTTP Request

GET https://github.githubassets.com/assets/github-elements-54614839516b.js

HTTP Request

GET https://github.githubassets.com/assets/element-registry-403b2ee4138e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-634de60bacfa.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-ce7225a304c5.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-e6893db9c19e.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-858e043fcf76.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_stacktrace-pa-a71630-6f3c4f0189d8.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-0e07cc183eed.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-0b5e12-7b36339d5147.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-eae9df0dd562.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-18d1c91a7872.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-7cbef09a422c.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-b0b4fd6f86a5.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-c89801ebbe15.js

HTTP Request

GET https://github.githubassets.com/assets/behaviors-009c7396246a.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-bf7e5a3732fd.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-global-54f34167118d.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-d241fe700755.js

HTTP Request

GET https://github.githubassets.com/assets/code-menu-15796c6acaff.js

HTTP Request

GET https://github.githubassets.com/assets/primer-react-ae28f57a594c.js

HTTP Request

GET https://github.githubassets.com/assets/react-core-3a596bf6ecc1.js

HTTP Request

GET https://github.githubassets.com/assets/react-lib-7b7b5264f6c1.js

HTTP Request

GET https://github.githubassets.com/assets/octicons-react-45c3a19dd792.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-0e630d-04276437489b.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-4896ddd4b7bb.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_primer_live-region-element_dis-037ad60-8582b70cd5a9.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_focus-visible_dist_focus-visible_js-node_modules_fzy_js_index_js-node_mo-8edd88-99bd6dce30b5.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-e1792bd5a31e.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_paths_index_ts-638a4cc4ec98.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-7a75d9f22fe9.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_shortcuts_ts-ui_packages_code-view-shared_utilities_web-wo-397c42-961ef3e9cb6a.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_verified-fetch_verified-fetch_ts-u-4672d1-c335d159760f.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_utili-228da6-74e998ad57e4.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-file-page-payload_ts-ui_packages_code-view-shared_comp-1beb66-8434ef8b268d.js

HTTP Request

GET https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-87c39cb5708f.js

HTTP Request

GET https://github.githubassets.com/assets/react-code-view-839f957a1648.js

HTTP Request

GET https://github.githubassets.com/assets/notifications-subscriptions-menu-c0fd3c9cc896.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hotkey_dist_index_js-no-d67c7f-bd7d077cdcb1.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-d25fac54a6bc.js

HTTP Request

GET https://github.githubassets.com/assets/keyboard-shortcuts-dialog-cb3d4f30c9ed.js

HTTP Request

GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-9a621ecbf672.js

HTTP Request

GET https://github.githubassets.com/assets/sessions-c6a512e7180c.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-7917d5042068.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-1077a1578034.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-a18fad-c17189d94fd6.js

HTTP Request

GET https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-1546dc8c42cb.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-ui_packages_trusted-types-policies_policy_ts--7cc11e-7a151d1da86f.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-23c1cb96287b.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_ghcc-consent-element_ts-2ab85b7d16d5.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_stack-tra-600f89-c19ded76330f.js

HTTP Request

GET https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-eba7ee3409f2.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-d06d275cbddc.js

HTTP Response

200
185.199.108.154:443

github.githubassets.com

tls

msedge.exe

1.1kB
6.3kB
12
10
185.199.108.154:443

github.githubassets.com

tls

msedge.exe

1.1kB
6.3kB
12
10
185.199.108.154:443

github.githubassets.com

tls

msedge.exe

1.1kB
6.3kB
12
10
185.199.108.154:443

github.githubassets.com

tls

msedge.exe

1.1kB
6.3kB
12
10
185.199.108.154:443

github.githubassets.com

tls

msedge.exe

1.1kB
6.3kB
12
10
51.140.242.104:443

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release

tls, http

msedge.exe

1.8kB
11.2kB
14
14

HTTP Request

GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release

HTTP Response

200

HTTP Request

GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&os=10.0.19044.4529.vb_release

HTTP Response

304
51.140.242.104:443

https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settings

tls, http

msedge.exe

9.1kB
274.0kB
111
207

HTTP Request

POST https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settings

HTTP Response

200

HTTP Request

POST https://data-edge.smartscreen.microsoft.com/api/browser/edge/data/settings

HTTP Response

200
51.140.242.104:443

https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

tls, http

msedge.exe

9.6kB
486.6kB
184
355

HTTP Request

GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

HTTP Response

200

HTTP Request

GET https://data-edge.smartscreen.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19044.4529.vb_release

HTTP Response

304
140.82.112.21:443

https://collector.github.com/github/collect

tls, http2

msedge.exe

18.6kB
12.2kB
53
51

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://collector.github.com/github/collect

HTTP Response

204
185.199.108.154:443

https://github.githubassets.com/favicons/favicon.png

tls, http2

msedge.exe

2.5kB
24.6kB
26
31

HTTP Request

GET https://github.githubassets.com/favicons/favicon.svg

HTTP Request

GET https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.githubassets.com/favicons/favicon.png

HTTP Response

200
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

3.9kB
6.7kB
19
21

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
23.213.251.133:443

https://cxcs.microsoft.net/api/settings/en-US/xml/settings-tipset?release=20h1&sku=EnterpriseS&platform=desktop

tls, http2

1.8kB
7.6kB
25
22

HTTP Request

GET https://cxcs.microsoft.net/api/settings/en-US/xml/settings-tipset?release=20h1&sku=EnterpriseS&platform=desktop

HTTP Response

404

HTTP Request

GET https://cxcs.microsoft.net/api/settings/en-US/xml/settings-tipset?release=20h1&sku=EnterpriseS&platform=desktop

HTTP Response

404

HTTP Request

GET https://cxcs.microsoft.net/api/settings/en-US/xml/settings-tipset?release=20h1&sku=EnterpriseS&platform=desktop

HTTP Response

404
92.123.128.149:443

https://www.bing.com/RelatedSearch?addfeaturesnoexpansion=relatedsearch&mkt=en-US

tls, http2

7.9kB
8.7kB
30
22

HTTP Request

POST https://www.bing.com/RelatedSearch?addfeaturesnoexpansion=relatedsearch&mkt=en-US

HTTP Response

200

HTTP Request

POST https://www.bing.com/RelatedSearch?addfeaturesnoexpansion=relatedsearch&mkt=en-US

HTTP Response

200

HTTP Request

POST https://www.bing.com/RelatedSearch?addfeaturesnoexpansion=relatedsearch&mkt=en-US

HTTP Response

200
20.199.58.43:443

https://fd.api.iris.microsoft.com/v4/api/selection?&asid=62A49A888B7345E09CA4D350639ABE23&nct=1&placement=88000677&bcnt=30&country=US&locale=en-US&poptin=0&fmt=json&clr=cdmlite&arch=AMD64&concp=0&d3dfl=D3D_FEATURE_LEVEL_12_1&devfam=Windows.Desktop&devosver=10.0.19044.4529&dinst=1729692905&dmret=0&drgng=244&flightbranch=&flightring=Retail&localid=w%3A31D534A1-E457-B456-1E1B-35D15586A14B&osbranch=vb_release&oslocale=en-US&osret=1&ossku=EnterpriseS&osskuid=125&prccn=2&prccs=4192&prcmf=AuthenticAMD&procm=Intel%20Core%20Processor%20%28Broadwell%29&ram=4095&tinst=Client&tl=1&pat=0&smc=0&sac=0&disphorzres=1280&dispsize=14.7&dispvertres=720&ldisphorzres=1280&ldispvertres=720&moncnt=1&cpdsk=241361&frdsk=20466&lo=25670&tsu=25670

tls, http2

2.7kB
7.5kB
19
13

HTTP Request

GET https://fd.api.iris.microsoft.com/v4/api/selection?&asid=62A49A888B7345E09CA4D350639ABE23&nct=1&placement=88000677&bcnt=30&country=US&locale=en-US&poptin=0&fmt=json&clr=cdmlite&arch=AMD64&concp=0&d3dfl=D3D_FEATURE_LEVEL_12_1&devfam=Windows.Desktop&devosver=10.0.19044.4529&dinst=1729692905&dmret=0&drgng=244&flightbranch=&flightring=Retail&localid=w%3A31D534A1-E457-B456-1E1B-35D15586A14B&osbranch=vb_release&oslocale=en-US&osret=1&ossku=EnterpriseS&osskuid=125&prccn=2&prccs=4192&prcmf=AuthenticAMD&procm=Intel%20Core%20Processor%20%28Broadwell%29&ram=4095&tinst=Client&tl=1&pat=0&smc=0&sac=0&disphorzres=1280&dispsize=14.7&dispvertres=720&ldisphorzres=1280&ldispvertres=720&moncnt=1&cpdsk=241361&frdsk=20466&lo=25670&tsu=25670

HTTP Response

200
20.26.156.215:443

https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe

tls, http2

msedge.exe

5.1kB
55.0kB
48
64

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/tree-commit-info/master/Ransomware

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/CryptoWall.exe

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Ransomware/CryptoWall.exe

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Ransomware/CryptoWall.exe

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe

HTTP Response

302

HTTP Request

GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Ransomware/CryptoWall.exe

HTTP Response

302
20.26.156.210:443

https://api.github.com/_private/browser/stats

tls, http2

msedge.exe

4.0kB
8.1kB
25
29

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200

HTTP Request

POST https://api.github.com/_private/browser/stats

HTTP Response

200
185.199.108.133:443

https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe

tls, http2

msedge.exe

5.6kB
120.9kB
94
103

HTTP Request

OPTIONS https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe

HTTP Response

403

HTTP Request

OPTIONS https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Ransomware/CryptoWall.exe

HTTP Response

403
188.165.164.184:80

http://ip-addr.es/

http

netsvcs

410 B
553 B
4
3

HTTP Request

GET http://ip-addr.es/

HTTP Response

308
188.165.164.184:443

https://ip-addr.es/

tls, http

netsvcs

1.1kB
4.5kB
10
7

HTTP Request

GET https://ip-addr.es/

HTTP Response

200
209.148.85.151:8080

netsvcs

260 B
5
94.247.28.156:8081

netsvcs

260 B
5
172.165.69.228:443

https://checkappexec.microsoft.com/windows/shell/actions

tls, http2

2.9kB
9.5kB
21
16

HTTP Request

POST https://checkappexec.microsoft.com/windows/shell/actions

HTTP Response

200
94.247.31.19:8080

netsvcs

156 B
3

8.8.8.8:53

github.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

88.210.23.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

88.210.23.2.in-addr.arpa
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

215.156.26.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

215.156.26.20.in-addr.arpa
8.8.8.8:53

nav.smartscreen.microsoft.com

dns

msedge.exe

75 B
191 B
1
1

DNS Request

nav.smartscreen.microsoft.com

DNS Response

51.140.244.186
8.8.8.8:53

avatars.githubusercontent.com

dns

msedge.exe

75 B
139 B
1
1

DNS Request

avatars.githubusercontent.com

DNS Response

185.199.108.133

185.199.111.133

185.199.109.133

185.199.110.133
8.8.8.8:53

github.githubassets.com

dns

msedge.exe

69 B
133 B
1
1

DNS Request

github.githubassets.com

DNS Response

185.199.108.154

185.199.110.154

185.199.111.154

185.199.109.154
8.8.8.8:53

github-cloud.s3.amazonaws.com

dns

msedge.exe

75 B
253 B
1
1

DNS Request

github-cloud.s3.amazonaws.com

DNS Response

16.15.176.111

54.231.197.233

52.217.91.108

3.5.17.174

52.217.91.124

52.217.168.185

3.5.30.85

3.5.11.178
8.8.8.8:53

user-images.githubusercontent.com

dns

msedge.exe

79 B
143 B
1
1

DNS Request

user-images.githubusercontent.com

DNS Response

185.199.108.133

185.199.111.133

185.199.110.133

185.199.109.133
8.8.8.8:53

22.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

22.160.190.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

186.244.140.51.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

186.244.140.51.in-addr.arpa
8.8.8.8:53

154.108.199.185.in-addr.arpa

dns

74 B
118 B
1
1

DNS Request

154.108.199.185.in-addr.arpa
8.8.8.8:53

133.108.199.185.in-addr.arpa

dns

74 B
118 B
1
1

DNS Request

133.108.199.185.in-addr.arpa
8.8.8.8:53

data-edge.smartscreen.microsoft.com

dns

msedge.exe

81 B
198 B
1
1

DNS Request

data-edge.smartscreen.microsoft.com

DNS Response

51.140.242.104
8.8.8.8:53

203.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

203.197.79.204.in-addr.arpa
8.8.8.8:53

104.242.140.51.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

104.242.140.51.in-addr.arpa
8.8.8.8:53

collector.github.com

dns

msedge.exe

66 B
115 B
1
1

DNS Request

collector.github.com

DNS Response

140.82.112.21
8.8.8.8:53

api.github.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

api.github.com

DNS Response

20.26.156.210
8.8.8.8:53

21.112.82.140.in-addr.arpa

dns

72 B
117 B
1
1

DNS Request

21.112.82.140.in-addr.arpa
8.8.8.8:53

210.156.26.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

210.156.26.20.in-addr.arpa
8.8.8.8:53

209.205.72.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

209.205.72.20.in-addr.arpa
224.0.0.251:5353

506 B
8
8.8.8.8:53

cxcs.microsoft.net

dns

64 B
154 B
1
1

DNS Request

cxcs.microsoft.net

DNS Response

23.213.251.133
8.8.8.8:53

133.251.213.23.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

133.251.213.23.in-addr.arpa
8.8.8.8:53

149.128.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

149.128.123.92.in-addr.arpa
8.8.8.8:53

53.210.109.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

53.210.109.20.in-addr.arpa
8.8.8.8:53

18.31.95.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

18.31.95.13.in-addr.arpa
8.8.8.8:53

fd.api.iris.microsoft.com

dns

71 B
199 B
1
1

DNS Request

fd.api.iris.microsoft.com

DNS Response

20.199.58.43
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
8.8.8.8:53

172.214.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.214.232.199.in-addr.arpa
8.8.8.8:53

github.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

api.github.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

api.github.com

DNS Response

20.26.156.210
8.8.8.8:53

raw.githubusercontent.com

dns

msedge.exe

71 B
135 B
1
1

DNS Request

raw.githubusercontent.com

DNS Response

185.199.108.133

185.199.111.133

185.199.109.133

185.199.110.133
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

11.227.111.52.in-addr.arpa
8.8.8.8:53

ip-addr.es

dns

netsvcs

56 B
72 B
1
1

DNS Request

ip-addr.es

DNS Response

188.165.164.184
8.8.8.8:53

184.164.165.188.in-addr.arpa

dns

74 B
102 B
1
1

DNS Request

184.164.165.188.in-addr.arpa
8.8.8.8:53

32.169.19.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

32.169.19.2.in-addr.arpa
8.8.8.8:53

checkappexec.microsoft.com

dns

72 B
192 B
1
1

DNS Request

checkappexec.microsoft.com

DNS Response

172.165.69.228
8.8.8.8:53

228.69.165.172.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

228.69.165.172.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
467bc167b06cdf2998f79460b98fa8f6

SHA1
a66fc2b411b31cb853195013d4677f4a2e5b6d11

SHA256
3b19522cb9ce73332fa1c357c6138b97b928545d38d162733eba68c8c5e604bd

SHA512
0eb63e6cacbec78b434d976fa2fb6fb44b1f9bc31001857c9bcb68c041bb52df30fbc7e1353f81d336b8a716821876fcacf3b32a107b16cec217c3d5d9621286

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cc10dc6ba36bad31b4268762731a6c81

SHA1
9694d2aa8b119d674c27a1cfcaaf14ade8704e63

SHA256
d0d1f405097849f8203095f0d591e113145b1ce99df0545770138d772df4997f

SHA512
0ed193fdcc3f625221293bfd6af3132a5ce7d87138cd7df5e4b89353c89e237c1ff81920a2b17b7e0047f2cc8b2a976f667c7f12b0dcc273ddc3b4c8323b1b56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7e2daa0a-77b8-417f-a869-cc85c9375d8a.tmp

Filesize
24KB

MD5
5c2d5c900312f44e72209416d45723cb

SHA1
68fb8909308589149399c3fb74605600833fbbc1

SHA256
56f7a77549e5fc45bd4b1f7c2db3e8b4bd1dd9234545207613a80342cee8e7d8

SHA512
07c2920cff7c1125e3a2fe66bf21d8606a1f2a3d36be2d8e136da0d2a21130242ac8324f18cedfb0040304cf804815861767c969a6923d8db851312bf9b4348b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
48B

MD5
e779235ac1b6b9348c50b06db2070686

SHA1
b1617635351475fc7c63c070507a7da7d7b9f7ad

SHA256
2ee1c639da19a8a9a2a6af8fb22835740de2374a078b24d57cfb2e11f42261c4

SHA512
d646a2eae0f09b1730f87777d528d39ffe9725570491ffbf8817677e4b7238b37c1a49a66ba5e059d38784af0e5d5e12ecc7ed47285748915ec91d0dafa970c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
bd5fe5baef025f4451ed708ab47787e5

SHA1
a5499d6449a5cf008ec7ff56efdf80525fb10b88

SHA256
5c6be2c963daf3d1f04d0fdc7455d3aa10b8ebdaca9f81a944d935fc80c41fbd

SHA512
31eec06646ba088cbd17983ed6da92a60cd15ffd1c9c07a9bffa7af0d14dae6c5b52b842e98566728d42573dcc2bdbf9bf7a7424df9ad6b399c62c73e90138d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

Filesize
70KB

MD5
e5e3377341056643b0494b6842c0b544

SHA1
d53fd8e256ec9d5cef8ef5387872e544a2df9108

SHA256
e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25

SHA512
83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
496B

MD5
d22266ba3d8db30279b96944f0cec985

SHA1
44e288cdfe75a5e8299ce32e75dd9e0705cdbac9

SHA256
77873629fa695e434160c86ae9116906ff65a97666d7d35a3ed63221b627c0bf

SHA512
d463aecbdac835dace5544b4267c86c2ed7d3165ba95095db6dfc3a25655f2391fa202a81d37b4a76a36f04456ed86df137302ad0e456fd59ecdfee3c69c6c1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe5875a8.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4754fbfc6343d046cb8a26b90886e0c4

SHA1
c737efcc532bc856bb6d638db2bbd812e870c96c

SHA256
84c0074db39b2a2a79d11a7bb578467db0d1d1cb35df39502207453e5650191e

SHA512
73ef1ef2c5db3020660177a488831620b323948ecd4102f3952a0365e748a273d53466708b522e93241affa023d8d47826b0b04cd9ec25723c55a458aeef3ce8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9f609cb9ef45f3b1ba266389b933ae10

SHA1
787ce59bcef97ec368635defecd2655736660d0d

SHA256
2453574fe5f0eb47b57a759583a361f8fc84011db912213cb831d5eaf53748c9

SHA512
3c02326ab9170af58224b50440dcf85e94966939e6b241d5c7cc71694ec13f796354d9d174b47f71e7b34e6f045908262c72446b24c81f5565c448b9587e31eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
eb688b517dde6fd366c9bd16cbfc19ac

SHA1
e3d4ed194bb70ba3a957847740525124a6e85976

SHA256
b1c25539bdd165431c44b38c35e28c515b72b169e37c006bebf0cf9b366cfb52

SHA512
6483114948078b69c43accd2b97a17e8514181e760baf8729c70f7696760523b73898be4ac47ef377812ffb7bd88055114c97e8b3fadb2853f333a99067e5b46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6baa9da148db90ec45ff7ee4a95510bf

SHA1
7885990060385abf0512c4ec1a40c702f5ce6631

SHA256
da3a23dffabb4e608dc794492c34d807137df4221a95d250b9b3c0d12a3bbde9

SHA512
7318655285d0571051eb29a4313410173e9e0c372e4bd2c8344e2d4a7798cced1f8e15b3687fadea2e1e12d2de897d6cad7cc79601fedc9ae6ceff9f281ddde1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
56ba934ab4a3dee6f3c0b6da02b68217

SHA1
fbe2ba56680f22d36befc3020207c76baafc7dc8

SHA256
8caacc190b32becfd8c46501048713f5e85a1cb9e37f1c510dcaea4153198c1c

SHA512
e956f184617e7246800c338e84b127cbc201e77977a7ebec719ef067d4753f8a02adf69b244e219132befcfaa3690e69e8863335fb78c90c21a7ee1f15996519

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
d37de2c6eae02163d33245b7048eef6a

SHA1
907f6431e6e963bedf188168fb96c502a57038e8

SHA256
b77db629a64860e98fefb5f797d6baefd73d1d746beb36f6b638b02792ffede3

SHA512
c129f167b8297d368e811604498c95a9662c67d5c07048a9742b01ebcc7c8f526574c4ceed10f5650be1077bc98a98113de03e2c7fb59c634af98f87ea1b4d20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
3b964859deef3a6f470b8021df49b34d

SHA1
62023dacf1e4019c9f204297c6be7e760f71a65d

SHA256
087debdcfba4666c03a5ea699e9bb31cf22ef4e0fad7c961cb0b500e5d262fb5

SHA512
c30b7e1b28820a5815b52634b46cb210c241704e33e41304400cb3ed29e82ec547a1068fc819350b368456bcabd27034afade5add3251dc74e4174f51b6c7adf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
b223d529f8439c000ef0cb488d03d7d1

SHA1
0bae90cd6e9779c33a7c487ac582096194eb0063

SHA256
d17228967a49616312580e5e3ed1f370931a6cc0303e6284cb8488a497f622d6

SHA512
18e202a166a2d6fc5a4b0fd6234393f1e9db310e59eba5949ff0c42f9f4da0fd72c777959886eb718c7cacf6410e34d8ee753ef5b2c2e81dc732d86a30c8d29a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
ad40e3dddcc47b386d472766d7c2810c

SHA1
f8ce803e880d8a304e646817897795888bafec3a

SHA256
ac3b75927e569f6c6f9f2ea7d1ba6083346daa0ff965a844ff997260b72380cc

SHA512
5b3153e0a85af99ac034b5ea5335436a78ab7c526c85d4464395272675ba076d789aa6187789182a625a633e600348b879a7d76e621bca6dc6aeb331a6d761c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f043cf36ad707ad51091005058bf549d

SHA1
80270a67e99d4cb1d5f2e9b7405f743e4e733303

SHA256
6428b09e16fd81696675ba1a62feaf42508e90794f928dfc9f5ad96bae2cae5a

SHA512
8632c1dd0d775feb31e49ca7215f9f46086eda266f45f636a0840a4496e7403715460e97985de5957a98c6619dae13e89760ef831f4f2f396a16bbb98314a6c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
26b930e57348c165bfa3462ee404820e

SHA1
d0c65d7ee1d97528ef186eafba3f8440c1d5249f

SHA256
6e79bf02a2fb59adf11d3fbb7ca87615f663acb12a8a4fa9ac5347ecb49f7843

SHA512
4137a46ba747a1bbfaa0b325cdfac53850d510b7376ea7c60f6a27972be0e9e1c5436dbeb73d1b854428e86a894588ae4a5b9f7eaa09f405ec156f4f4bccdbbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57bac4.TMP

Filesize
874B

MD5
e9a7e263bf85b1c147c831e4fa7226d9

SHA1
9263c9b2da878616e80c140a98451b85791e8445

SHA256
71cfa73093215ce116abf8282f4866c72960da9c66b39f4a287b77cf9bb8247c

SHA512
1342a3ea4833d924215ecd78c518e0e97920326d4dda45e450be2f31e27554a8b6ab13ded6d8b8ffbb039f9853cf730ef6cc740707c743ce03a17929e99dcb90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
2a392ae26d1058dd620cefe14e55c964

SHA1
77fc11a5ee83662a8ecb9bb23d3df1347d339f99

SHA256
4d65200e09dfc00fc432625612df02952b0aa19d2e528c3ccb37d2f19d8e72e1

SHA512
d1b00f2ed73e23832a4d82db0878d7a91f39e01ed4d2763f5b26f32c3c2316a3faa90022a6b42e3ba8f92692a070a135fe02a1750c5af5f2d0932541b7ad9524

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
9c616d5524bfadce8a2b889a589e194a

SHA1
5cb414cfb50cbf9be9d529cef14ab2667f04fb0d

SHA256
a85d58d149ba968dfe99223c7f54e4468de10bde74f27c356b0c78dd18361e6c

SHA512
414f9eef9c1c226185f736cc24318e881fc8a95f2d7bf58e1ec511b8fb27be53c615cc06a49a3a4fd1455962a387d379765770788b172b88713211552111cc2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0277a4e2110f76a4a80591a8734475f2

SHA1
6d3bda87c1a2782e3108360f767391bb604d393b

SHA256
45ffa37d9f9adefa1a0ed55981c996716226281c632b38e3a79827e82fd4cc3b

SHA512
5d109d63d885000cebac8857a084f4f0db005ac6aa90a3cd7978a9f4759f005fdfe7071f9cf7cb4da6e14e4c9565f9f75c00f0120fab89fac4e1d73bbcd758b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\f9534cb3-766c-4de9-8940-cbadec456b12.tmp

Filesize
11KB

MD5
b8cb91e0bb52cefe98d0fe646abb1c86

SHA1
0cc36ff1ffdef045cd219dc261a58aa605db67bc

SHA256
1a8aff89917b5a4b501f700170ac4b863025f9e8e393562263cdc5d7a13b2f11

SHA512
1fc2bbb85736d00816eee899703c138398f822bb0517b5596bc6a6618ea4e859a9cf05d1b9a386726c3ceff40cff6506c7ef9ac3ffa46fa343370c260f8ff934

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
3KB

MD5
137a880b78e6e462e43e62d97a5b43b6

SHA1
41a6076aa5ec464ab6dae6a8c32f3cc5ee6d45e5

SHA256
51a37156e7255d1798d06dd538054fae97d65415b043c67401c9ab7ee507013f

SHA512
436a31e432d477440b3e26323207feb73cc38e6784d306dd188907a93453a24b11979f74441df79c6630f526f1088ec653606a9d9fc8d9d2e7601b8a20922450

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
3KB

MD5
e22e711621b92d21926bf6c83b057a05

SHA1
ebf34b9a08f32acda7ea0da49bb55bdc2f23c2ff

SHA256
afdad18a0971d332a514ef0fda43cb8a5c4ee4a82c078c451de3a187a34094d5

SHA512
ee85426aaed51a0f550cf18183dd54f3c7fd8bd87e76d9660a3968e2d9b3be621996f81ebd82d04ec0ea866897a3b6706afc98593d91c9fc57b966f0ef1d2e73

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 667700.crdownload

Filesize
132KB

MD5
919034c8efb9678f96b47a20fa6199f2

SHA1
747070c74d0400cffeb28fbea17b64297f14cfbd

SHA256
e036d68b8f8b7afc6c8b6252876e1e290f11a26d4ad18ac6f310662845b2c734

SHA512
745a81c50bbfd62234edb9788c83a22e0588c5d25c00881901923a02d7096c71ef5f0cd5b73f92ad974e5174de064b0c5ea8044509039aab14b2aed83735a7c4

Download Submit
memory/2512-438-0x0000000001020000-0x0000000001045000-memory.dmp

Filesize
148KB

Download
memory/2512-430-0x0000000001020000-0x0000000001045000-memory.dmp

Filesize
148KB

Download
memory/3768-434-0x0000000000940000-0x0000000000965000-memory.dmp

Filesize
148KB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request