Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
26s -
max time network
27s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
26/01/2025, 15:55 UTC
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
Resource
win10v2004-20241007-en
General
-
Target
https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
Malware Config
Signatures
-
Modifies Windows Defender Real-time Protection settings 3 TTPs 10 IoCs
description ioc Process Set value (int) \REGISTRY\MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableRawWriteNotification = "1" Azorult.exe Key created \REGISTRY\MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableIOAVProtection = "1" Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableBehaviorMonitoring = "1" Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableOnAccessProtection = "1" Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableOnAccessProtection = "1" Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableRawWriteNotification = "1" Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableIOAVProtection = "1" Azorult.exe Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection\DisableBehaviorMonitoring = "1" Azorult.exe -
Rms family
-
UAC bypass 3 TTPs 5 IoCs
description ioc Process Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "0" Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "0" regedit.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" regedit.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDesktop = "0" regedit.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" Azorult.exe -
Windows security bypass 2 TTPs 1 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows Defender\Exclusions\Paths regedit.exe -
Blocks application from running via registry modification 13 IoCs
Adds application to list of disallowed applications.
description ioc Process Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\1 = "eav_trial_rus.exe" Azorult.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\2 = "avast_free_antivirus_setup_online.exe" Azorult.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\4 = "essf_trial_rus.exe" Azorult.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\5 = "hitmanpro_x64.exe" Azorult.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\7 = "ESETOnlineScanner_RUS.exe" Azorult.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\8 = "HitmanPro.exe" Azorult.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\9 = "360TS_Setup_Mini.exe" Azorult.exe Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun = "1" Azorult.exe Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun Azorult.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\3 = "eis_trial_rus.exe" Azorult.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\6 = "ESETOnlineScanner_UKR.exe" Azorult.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\10 = "Cezurity_Scanner_Pro_Free.exe" Azorult.exe Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\11 = "Cube.exe" Azorult.exe -
Downloads MZ/PE file 1 IoCs
flow pid Process 41 2428 msedge.exe -
resource yara_rule behavioral1/files/0x0007000000023d63-264.dat aspack_v212_v242 -
Checks computer location settings 2 TTPs 2 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation wini.exe Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation WScript.exe -
Executes dropped EXE 4 IoCs
pid Process 4656 Azorult.exe 2560 wini.exe 2208 winit.exe 732 rutserv.exe -
Checks whether UAC is enabled 1 TTPs 1 IoCs
description ioc Process Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" Azorult.exe -
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
flow ioc 40 raw.githubusercontent.com 41 raw.githubusercontent.com -
Modifies WinLogon 2 TTPs 6 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList Azorult.exe Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList\John = "0" Azorult.exe Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList Azorult.exe Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList\John = "0" Azorult.exe -
AutoIT Executable 2 IoCs
AutoIT scripts compiled to PE executables.
resource yara_rule behavioral1/files/0x0008000000023d32-149.dat autoit_exe behavioral1/files/0x0007000000023d64-249.dat autoit_exe -
Hide Artifacts: Hidden Users 1 TTPs 3 IoCs
description ioc Process Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList\John = "0" regedit.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList\John = "0" Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList\John = "0" Azorult.exe -
Launches sc.exe 2 IoCs
Sc.exe is a Windows utlilty to control services on the system.
pid Process 5788 sc.exe 6132 sc.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 9 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language Azorult.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language wini.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language winit.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language cmd.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language rutserv.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language WScript.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language regedit.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language regedit.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language timeout.exe -
Delays execution with timeout.exe 1 IoCs
pid Process 3932 timeout.exe -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings wini.exe -
NTFS ADS 1 IoCs
description ioc Process File opened for modification C:\Users\Admin\Downloads\Unconfirmed 781069.crdownload:SmartScreen msedge.exe -
Runs .reg file with regedit 2 IoCs
pid Process 4524 regedit.exe 3792 regedit.exe -
Suspicious behavior: EnumeratesProcesses 18 IoCs
pid Process 2428 msedge.exe 2428 msedge.exe 4912 msedge.exe 4912 msedge.exe 4936 identity_helper.exe 4936 identity_helper.exe 5020 msedge.exe 5020 msedge.exe 4656 Azorult.exe 4656 Azorult.exe 4656 Azorult.exe 4656 Azorult.exe 4656 Azorult.exe 4656 Azorult.exe 4656 Azorult.exe 4656 Azorult.exe 4656 Azorult.exe 4656 Azorult.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs
pid Process 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe -
Suspicious use of FindShellTrayWindow 35 IoCs
pid Process 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe 4912 msedge.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 4656 Azorult.exe 2560 wini.exe 2208 winit.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4912 wrote to memory of 1100 4912 msedge.exe 84 PID 4912 wrote to memory of 1100 4912 msedge.exe 84 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2408 4912 msedge.exe 85 PID 4912 wrote to memory of 2428 4912 msedge.exe 86 PID 4912 wrote to memory of 2428 4912 msedge.exe 86 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 PID 4912 wrote to memory of 4208 4912 msedge.exe 87 -
System policy modification 1 TTPs 3 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" Azorult.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "0" Azorult.exe -
Views/modifies file attributes 1 TTPs 1 IoCs
pid Process 5532 attrib.exe
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4912 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffd1c046f8,0x7fffd1c04708,0x7fffd1c047182⤵PID:1100
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2012 /prefetch:22⤵PID:2408
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 /prefetch:32⤵
- Downloads MZ/PE file
- Suspicious behavior: EnumeratesProcesses
PID:2428
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:82⤵PID:4208
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:12⤵PID:4536
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:12⤵PID:2168
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5404 /prefetch:82⤵PID:2736
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5404 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:4936
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5576 /prefetch:82⤵PID:2780
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:12⤵PID:972
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6080 /prefetch:82⤵PID:1860
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5636 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:5020
-
-
C:\Users\Admin\Downloads\Azorult.exe"C:\Users\Admin\Downloads\Azorult.exe"2⤵
- Modifies Windows Defender Real-time Protection settings
- UAC bypass
- Blocks application from running via registry modification
- Executes dropped EXE
- Checks whether UAC is enabled
- Modifies WinLogon
- Hide Artifacts: Hidden Users
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
- System policy modification
PID:4656 -
C:\ProgramData\Microsoft\Intel\wini.exeC:\ProgramData\Microsoft\Intel\wini.exe -pnaxui3⤵
- Checks computer location settings
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2560 -
C:\Windows\SysWOW64\WScript.exe"C:\Windows\System32\WScript.exe" "C:\ProgramData\Windows\install.vbs"4⤵
- Checks computer location settings
- System Location Discovery: System Language Discovery
PID:3820 -
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\Programdata\Windows\install.bat" "5⤵
- System Location Discovery: System Language Discovery
PID:2044 -
C:\Windows\SysWOW64\regedit.exeregedit /s "reg1.reg"6⤵
- UAC bypass
- Windows security bypass
- Hide Artifacts: Hidden Users
- System Location Discovery: System Language Discovery
- Runs .reg file with regedit
PID:3792
-
-
C:\Windows\SysWOW64\regedit.exeregedit /s "reg2.reg"6⤵
- System Location Discovery: System Language Discovery
- Runs .reg file with regedit
PID:4524
-
-
C:\Windows\SysWOW64\timeout.exetimeout 26⤵
- System Location Discovery: System Language Discovery
- Delays execution with timeout.exe
PID:3932
-
-
C:\ProgramData\Windows\rutserv.exerutserv.exe /silentinstall6⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:732
-
-
C:\ProgramData\Windows\rutserv.exerutserv.exe /firewall6⤵PID:4124
-
-
C:\ProgramData\Windows\rutserv.exerutserv.exe /start6⤵PID:5180
-
-
C:\Windows\SysWOW64\attrib.exeATTRIB +H +S C:\Programdata\Windows\*.*6⤵
- Views/modifies file attributes
PID:5532
-
-
C:\Windows\SysWOW64\sc.exesc failure RManService reset= 0 actions= restart/1000/restart/1000/restart/10006⤵
- Launches sc.exe
PID:5788
-
-
C:\Windows\SysWOW64\sc.exesc config RManService DisplayName= "Microsoft Framework"6⤵
- Launches sc.exe
PID:6132
-
-
-
-
C:\ProgramData\Windows\winit.exe"C:\ProgramData\Windows\winit.exe"4⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2208
-
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:12⤵PID:4444
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:12⤵PID:1696
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:12⤵PID:4916
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1749979538921631249,1043644557640755139,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:12⤵PID:3052
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3684
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3160
-
C:\ProgramData\Windows\rutserv.exeC:\ProgramData\Windows\rutserv.exe1⤵PID:5232
-
C:\ProgramData\Windows\rfusclient.exeC:\ProgramData\Windows\rfusclient.exe2⤵PID:5336
-
Network
-
Remote address:8.8.8.8:53Request14.160.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request5.114.82.104.in-addr.arpaIN PTRResponse5.114.82.104.in-addr.arpaIN PTRa104-82-114-5deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requestgithub.comIN AResponsegithub.comIN A20.26.156.215
-
Remote address:20.26.156.215:443RequestGET /Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
date: Sun, 26 Jan 2025 15:56:06 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"746e3ac8d27bfb6a5a9d39274a45cff1"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
set-cookie: _gh_sess=6cslS8cVvN2fZsjrvkmAzbffDfe5Sxk0UEZ5Gm1IjnZIUrW5Fqrj2fSzTzKNZaJpolrRGZsdun%2FeOl%2FMABFvGkXtfRzqpyO5C6ipga1VhYTSVSQFGskGO4RPeJdQWPL46wUc41rxOJAEbLpOnCMY%2BArCYXPwmTM3YAw7v9vsrZxQ85kB2%2ByDlCXnda0c2covipbAVYXYn3WTHThD%2BtRqvXqeqAlcESgn6V%2FnQnNaB5wRQhvD3HjR0%2Bl959u0UaQg%2BF2KNO7zuJ%2B6U1KNTFY0NA%3D%3D--PJEmyLBt%2BeMti59w--G4JFdizpsCyYkueOTlcDHg%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.669896184.1737906965; Path=/; Domain=github.com; Expires=Mon, 26 Jan 2026 15:56:05 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Mon, 26 Jan 2026 15:56:05 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: F188:2A36B2:1AB59B3:22B9C9C:67965B15
-
Remote address:20.26.156.215:443RequestGET /Da2dalus/The-MALWARE-Repo/security/overall-count HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/fragment+html
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=6cslS8cVvN2fZsjrvkmAzbffDfe5Sxk0UEZ5Gm1IjnZIUrW5Fqrj2fSzTzKNZaJpolrRGZsdun%2FeOl%2FMABFvGkXtfRzqpyO5C6ipga1VhYTSVSQFGskGO4RPeJdQWPL46wUc41rxOJAEbLpOnCMY%2BArCYXPwmTM3YAw7v9vsrZxQ85kB2%2ByDlCXnda0c2covipbAVYXYn3WTHThD%2BtRqvXqeqAlcESgn6V%2FnQnNaB5wRQhvD3HjR0%2Bl959u0UaQg%2BF2KNO7zuJ%2B6U1KNTFY0NA%3D%3D--PJEmyLBt%2BeMti59w--G4JFdizpsCyYkueOTlcDHg%3D%3D
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
ResponseHTTP/2.0 200
date: Sun, 26 Jan 2025 15:56:07 GMT
content-type: text/fragment+html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=14400, private
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 20
x-github-request-id: F188:2A36B2:1AB5A88:22B9D9A:67965B15
-
Remote address:20.26.156.215:443RequestGET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=6cslS8cVvN2fZsjrvkmAzbffDfe5Sxk0UEZ5Gm1IjnZIUrW5Fqrj2fSzTzKNZaJpolrRGZsdun%2FeOl%2FMABFvGkXtfRzqpyO5C6ipga1VhYTSVSQFGskGO4RPeJdQWPL46wUc41rxOJAEbLpOnCMY%2BArCYXPwmTM3YAw7v9vsrZxQ85kB2%2ByDlCXnda0c2covipbAVYXYn3WTHThD%2BtRqvXqeqAlcESgn6V%2FnQnNaB5wRQhvD3HjR0%2Bl959u0UaQg%2BF2KNO7zuJ%2B6U1KNTFY0NA%3D%3D--PJEmyLBt%2BeMti59w--G4JFdizpsCyYkueOTlcDHg%3D%3D
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
ResponseHTTP/2.0 200
date: Sun, 26 Jan 2025 15:56:07 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 79
x-github-request-id: F188:2A36B2:1AB5A98:22B9DAA:67965B17
-
GEThttps://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Stealer/Azorult.exemsedge.exeRemote address:20.26.156.215:443RequestGET /Da2dalus/The-MALWARE-Repo/latest-commit/master/Stealer/Azorult.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=6cslS8cVvN2fZsjrvkmAzbffDfe5Sxk0UEZ5Gm1IjnZIUrW5Fqrj2fSzTzKNZaJpolrRGZsdun%2FeOl%2FMABFvGkXtfRzqpyO5C6ipga1VhYTSVSQFGskGO4RPeJdQWPL46wUc41rxOJAEbLpOnCMY%2BArCYXPwmTM3YAw7v9vsrZxQ85kB2%2ByDlCXnda0c2covipbAVYXYn3WTHThD%2BtRqvXqeqAlcESgn6V%2FnQnNaB5wRQhvD3HjR0%2Bl959u0UaQg%2BF2KNO7zuJ%2B6U1KNTFY0NA%3D%3D--PJEmyLBt%2BeMti59w--G4JFdizpsCyYkueOTlcDHg%3D%3D
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
ResponseHTTP/2.0 200
date: Sun, 26 Jan 2025 15:56:07 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"4ff6ea817cc4bb5ec994e15e723016aa"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 448
x-github-request-id: F188:2A36B2:1AB5A98:22B9DAB:67965B17
-
GEThttps://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Stealer/Azorult.exemsedge.exeRemote address:20.26.156.215:443RequestGET /Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Stealer/Azorult.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: application/json
x-requested-with: XMLHttpRequest
github-verified-fetch: true
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=6cslS8cVvN2fZsjrvkmAzbffDfe5Sxk0UEZ5Gm1IjnZIUrW5Fqrj2fSzTzKNZaJpolrRGZsdun%2FeOl%2FMABFvGkXtfRzqpyO5C6ipga1VhYTSVSQFGskGO4RPeJdQWPL46wUc41rxOJAEbLpOnCMY%2BArCYXPwmTM3YAw7v9vsrZxQ85kB2%2ByDlCXnda0c2covipbAVYXYn3WTHThD%2BtRqvXqeqAlcESgn6V%2FnQnNaB5wRQhvD3HjR0%2Bl959u0UaQg%2BF2KNO7zuJ%2B6U1KNTFY0NA%3D%3D--PJEmyLBt%2BeMti59w--G4JFdizpsCyYkueOTlcDHg%3D%3D
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
ResponseHTTP/2.0 304
date: Sun, 26 Jan 2025 15:56:07 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: F188:2A36B2:1AB5AA5:22B9DC5:67965B17
-
Remote address:20.26.156.215:443RequestGET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=6cslS8cVvN2fZsjrvkmAzbffDfe5Sxk0UEZ5Gm1IjnZIUrW5Fqrj2fSzTzKNZaJpolrRGZsdun%2FeOl%2FMABFvGkXtfRzqpyO5C6ipga1VhYTSVSQFGskGO4RPeJdQWPL46wUc41rxOJAEbLpOnCMY%2BArCYXPwmTM3YAw7v9vsrZxQ85kB2%2ByDlCXnda0c2covipbAVYXYn3WTHThD%2BtRqvXqeqAlcESgn6V%2FnQnNaB5wRQhvD3HjR0%2Bl959u0UaQg%2BF2KNO7zuJ%2B6U1KNTFY0NA%3D%3D--PJEmyLBt%2BeMti59w--G4JFdizpsCyYkueOTlcDHg%3D%3D
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
if-none-match: W/"adc2c0d060742993a54f31416bc951e3"
ResponseHTTP/2.0 200
date: Sun, 26 Jan 2025 15:56:07 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"3b1ec0bc5e0864a5815defaffc90db22"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
content-length: 181
x-github-request-id: F188:2A36B2:1AB5A99:22B9DAC:67965B17
-
Remote address:20.26.156.215:443RequestGET /Da2dalus/The-MALWARE-Repo/refs?type=branch HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=6cslS8cVvN2fZsjrvkmAzbffDfe5Sxk0UEZ5Gm1IjnZIUrW5Fqrj2fSzTzKNZaJpolrRGZsdun%2FeOl%2FMABFvGkXtfRzqpyO5C6ipga1VhYTSVSQFGskGO4RPeJdQWPL46wUc41rxOJAEbLpOnCMY%2BArCYXPwmTM3YAw7v9vsrZxQ85kB2%2ByDlCXnda0c2covipbAVYXYn3WTHThD%2BtRqvXqeqAlcESgn6V%2FnQnNaB5wRQhvD3HjR0%2Bl959u0UaQg%2BF2KNO7zuJ%2B6U1KNTFY0NA%3D%3D--PJEmyLBt%2BeMti59w--G4JFdizpsCyYkueOTlcDHg%3D%3D
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
if-none-match: W/"adc2c0d060742993a54f31416bc951e3"
ResponseHTTP/2.0 304
date: Sun, 26 Jan 2025 15:56:07 GMT
content-type: application/json; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"adc2c0d060742993a54f31416bc951e3"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: F188:2A36B2:1AB5AAB:22B9DC9:67965B17
-
Remote address:20.26.156.215:443RequestGET /manifest.json HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: manifest
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=6cslS8cVvN2fZsjrvkmAzbffDfe5Sxk0UEZ5Gm1IjnZIUrW5Fqrj2fSzTzKNZaJpolrRGZsdun%2FeOl%2FMABFvGkXtfRzqpyO5C6ipga1VhYTSVSQFGskGO4RPeJdQWPL46wUc41rxOJAEbLpOnCMY%2BArCYXPwmTM3YAw7v9vsrZxQ85kB2%2ByDlCXnda0c2covipbAVYXYn3WTHThD%2BtRqvXqeqAlcESgn6V%2FnQnNaB5wRQhvD3HjR0%2Bl959u0UaQg%2BF2KNO7zuJ%2B6U1KNTFY0NA%3D%3D--PJEmyLBt%2BeMti59w--G4JFdizpsCyYkueOTlcDHg%3D%3D
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
ResponseHTTP/2.0 200
date: Sun, 26 Jan 2025 15:56:03 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=604800, public
etag: W/"c75e05794d72230a695e880f1a6c83a4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-type: application/manifest+json; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
content-length: 474
x-github-request-id: F188:2A36B2:1AB5AC7:22B9DF0:67965B17
-
GEThttps://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Stealer/Azorult.exemsedge.exeRemote address:20.26.156.215:443RequestGET /Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Stealer/Azorult.exe HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=6cslS8cVvN2fZsjrvkmAzbffDfe5Sxk0UEZ5Gm1IjnZIUrW5Fqrj2fSzTzKNZaJpolrRGZsdun%2FeOl%2FMABFvGkXtfRzqpyO5C6ipga1VhYTSVSQFGskGO4RPeJdQWPL46wUc41rxOJAEbLpOnCMY%2BArCYXPwmTM3YAw7v9vsrZxQ85kB2%2ByDlCXnda0c2covipbAVYXYn3WTHThD%2BtRqvXqeqAlcESgn6V%2FnQnNaB5wRQhvD3HjR0%2Bl959u0UaQg%2BF2KNO7zuJ%2B6U1KNTFY0NA%3D%3D--PJEmyLBt%2BeMti59w--G4JFdizpsCyYkueOTlcDHg%3D%3D
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
ResponseHTTP/2.0 302
date: Sun, 26 Jan 2025 15:56:10 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
access-control-allow-origin:
location: https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Stealer/Azorult.exe
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: F188:2A36B2:1AB5BD7:22B9F50:67965B17
-
Remote address:8.8.8.8:53Request228.249.119.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request215.156.26.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestgithub.githubassets.comIN AResponsegithub.githubassets.comIN A185.199.108.154github.githubassets.comIN A185.199.109.154github.githubassets.comIN A185.199.111.154github.githubassets.comIN A185.199.110.154
-
Remote address:8.8.8.8:53Requestavatars.githubusercontent.comIN AResponseavatars.githubusercontent.comIN A185.199.111.133avatars.githubusercontent.comIN A185.199.109.133avatars.githubusercontent.comIN A185.199.110.133avatars.githubusercontent.comIN A185.199.108.133
-
Remote address:185.199.108.154:443RequestGET /assets/light-7aa84bb7e11e.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Fri, 20 Dec 2024 22:10:04 GMT
etag: "0x8DD21430E2A5E74"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1032104
x-served-by: cache-iad-kcgs7200067-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 16, 7455
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 79d8c9915610f6f2cffd497394b8d7e71c800cae
content-length: 7898
-
Remote address:185.199.108.154:443RequestGET /assets/dark-f65db3e8d171.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Thu, 19 Dec 2024 13:51:50 GMT
etag: "0x8DD203449ADEFDF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1032102
x-served-by: cache-iad-kjyo7100075-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 7535
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 747331223e5a64bef896eba06d47800914e45d62
content-length: 7985
-
Remote address:185.199.108.154:443RequestGET /assets/github-8049f990d299.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Thu, 23 Jan 2025 00:57:09 GMT
etag: "0x8DD3B48DD72F969"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 232523
x-served-by: cache-iad-kcgs7200085-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 72, 6835
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dfa946bf3a72f0f336c8952d6bea50aa60d152d5
content-length: 21345
-
Remote address:185.199.108.154:443RequestGET /assets/global-d579f4a5b443.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Tue, 21 Jan 2025 15:44:16 GMT
etag: "0x8DD3A32768821EB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 428535
x-served-by: cache-iad-kcgs7200161-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 29, 8635
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d4ac10e81e8c18390086e1718b99140aec38eda9
content-length: 38163
-
Remote address:185.199.108.154:443RequestGET /assets/primer-93aded0ee8a1.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Wed, 15 Jan 2025 23:39:42 GMT
etag: "0x8DD35BDE28E1C20"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kiad7000067-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 8018
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cc6a00234a3b062c5e62971c9c33cb120a379bf6
content-length: 39273
-
Remote address:185.199.108.154:443RequestGET /assets/primer-primitives-d9abecd14f1e.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Tue, 14 Jan 2025 14:54:01 GMT
etag: "0x8DD34AB487C4930"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1032104
x-served-by: cache-iad-kcgs7200108-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 7655
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dd4abf3f7654743e07834a36b9219e53e4b9b9d9
content-length: 2608
-
GEThttps://github.githubassets.com/assets/react-code-view.ab7d8fac328c00e5e0cc.module.cssmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/react-code-view.ab7d8fac328c00e5e0cc.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Wed, 15 Jan 2025 20:57:17 GMT
etag: "0x8DD35A7320E9609"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 428526
x-served-by: cache-iad-kiad7000033-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 45, 2628
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: be9f19350c7356d9d0aca709b10662133331e224
content-length: 1204
-
Remote address:185.199.108.154:443RequestGET /assets/primer-react.69af3536c032f5d7cd94.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Wed, 22 Jan 2025 22:08:34 GMT
etag: "0x8DD3B315084B67B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 232525
x-served-by: cache-iad-kcgs7200062-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 74, 7195
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 26343093aaf59c99590491a7ed39f2d2c334965d
content-length: 21338
-
Remote address:185.199.108.154:443RequestGET /assets/code-0210be90f4d3.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Fri, 17 Jan 2025 17:06:48 GMT
etag: "0x8DD37195443E4FE"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 761725
x-served-by: cache-iad-kjyo7100163-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 10, 4899
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6dc7ffeaa601f25874028c3b501c721e3fd28822
content-length: 5189
-
Remote address:185.199.108.154:443RequestGET /assets/repository-6372f70837d3.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Mon, 20 Jan 2025 12:21:22 GMT
etag: "0x8DD394CF3C2CD2A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 523816
x-served-by: cache-iad-kcgs7200061-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 9, 6584
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7396d96b1917959debc7d9ca43238017d7896c38
content-length: 5184
-
GEThttps://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.cssmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/css
last-modified: Mon, 26 Aug 2024 16:36:17 GMT
etag: "0x8DCC5ED35736954"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 6482097
x-served-by: cache-iad-kjyo7100115-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 32, 5557
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 52a481437e5a0c865e30ffd2bc0229ca66d90609
content-length: 479
-
Remote address:185.199.108.154:443RequestGET /assets/wp-runtime-b398b722fa1e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E029647C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 374476
x-served-by: cache-iad-kiad7000023-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 7128
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 84cce6b21575812faac13bee6dfab2373462b43f
content-length: 3080
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Sat, 25 Jan 2025 00:10:34 GMT
etag: "0x8DD3CD4B08945FD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 140727
x-served-by: cache-iad-kjyo7100171-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 74, 3378
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: aeeb4c3d46b5db8a73258ad8ee7ce87b44b5483f
content-length: 14262
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FBFE222"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kiad7000130-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 11, 7163
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9f0dc1041cd71714a2f3c8bd8bfed567c83d310a
content-length: 4848
-
GEThttps://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-038efa22f8cd.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/ui_packages_failbot_failbot_ts-038efa22f8cd.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:26 GMT
etag: "0x8DD34DA6B45CD54"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kiad7000156-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7644
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 74363e82022cf2511fe56541b920effbc2985e61
content-length: 3635
-
Remote address:185.199.108.154:443RequestGET /assets/environment-e300f3d2aeda.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F8D41"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kiad7000168-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 7057
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 774e803a95f708b893ccf3a36b6dc59eb29a8b24
content-length: 3284
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-0dbb79f97f8f.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-0dbb79f97f8f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Fri, 03 Jan 2025 21:10:51 GMT
etag: "0x8DD2C3B1AB7B5CF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 327927
x-served-by: cache-iad-kjyo7100116-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 33, 9910
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 96d7b75ee8d801f424a802ce684612c0c3be5af0
content-length: 5794
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Mon, 20 Jan 2025 15:48:59 GMT
etag: "0x8DD3969F4700ECF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 435996
x-served-by: cache-iad-kjyo7100038-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 2, 8524
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 98e4f5f10154f6e12151fbabf0bef8d2c68e58fe
content-length: 781
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 16 Jan 2025 01:08:29 GMT
etag: "0x8DD35CA49AEA032"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840321
x-served-by: cache-iad-kjyo7100125-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 9057
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: db00ee0c319da21d2ef2c28dea39e56cd7dc70b9
content-length: 7917
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500E579D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kjyo7100066-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 7213
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c55fc870e968ca389a745b4eb4b7641749e52f15
content-length: 3918
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B44FAF168F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 461077
x-served-by: cache-iad-kiad7000037-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 7236
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 31dced5ab4c8ae724e5ad620bbdd5266d1dcc7e5
content-length: 2385
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 18:12:13 GMT
etag: "0x8DCB7D5A12F3F7D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075702
x-served-by: cache-iad-kcgs7200153-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 7135
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5da1a43f50ad67f5af3028f3836cd8131909a953
content-length: 3816
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:40 GMT
etag: "0x8DD02B44F3EF886"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kcgs7200145-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 7250
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 14a807b5191f27f78dfb242df8e4c9e1fda79e5c
content-length: 4851
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-f0c8a795d1fd.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-f0c8a795d1fd.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602F3D8E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075702
x-served-by: cache-iad-kiad7000100-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 33, 7365
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8918f09255559c065414fa2f1ee0bbb6d4e20056
content-length: 19397
-
Remote address:185.199.108.154:443RequestGET /assets/github-elements-ed51bf4a426a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:28 GMT
etag: "0x8DD34DA6C42C0A1"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kjyo7100031-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7803
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6b69c2f3e17df1752b78e4dfed2f94f2d1576fd7
content-length: 3405
-
Remote address:185.199.108.154:443RequestGET /assets/element-registry-bfccf829ef3e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:30:55 GMT
etag: "0x8DD34DA5901CA43"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kiad7000107-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7789
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: da9ad69d10058b31cadb7b5f4e5bcd872d1c9adf
content-length: 4457
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-72267f4e3ff9.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-72267f4e3ff9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Wed, 22 Jan 2025 14:23:15 GMT
etag: "0x8DD3AF04F2473F4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 347544
x-served-by: cache-iad-kiad7000094-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 48, 9598
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b3082b4a3a1ef705cdb5340f914f8229620d3699
content-length: 60195
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Mon, 13 Jan 2025 20:20:11 GMT
etag: "0x8DD340FAEACEFE9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 350585
x-served-by: cache-iad-kjyo7100130-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 10058
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 19e5ce59634a8296df966b72e4feb0eeb4321054
content-length: 109958
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 07 Jan 2025 20:44:44 GMT
etag: "0x8DD2F5C1DF89D77"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075702
x-served-by: cache-iad-kiad7000074-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 30, 7804
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 824a6546c2de23017eb0a15488137279460fd611
content-length: 90082
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD154460870CCD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kjyo7100114-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 25, 7242
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f5f54d426c202be0be298e81b2329840490b3a05
content-length: 7079
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:16 GMT
etag: "0x8DD15445FBEF8D2"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 977134
x-served-by: cache-iad-kiad7000052-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 32, 7294
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f865b1d68f67acb3b0fcd6a5ccdacd662c9a31e2
content-length: 9716
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:55 GMT
etag: "0x8DD0327E025E5FB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kcgs7200172-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 31, 7275
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3d2b09cac78cd855931d12a833c2d8b01eb0d82d
content-length: 3077
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:31 GMT
etag: "0x8DD34DA6E0E2A39"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840309
x-served-by: cache-iad-kiad7000090-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 37, 3738
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 07da2537ed42576e797c7d5755a1d4dfca1d0e31
content-length: 2138
-
GEThttps://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-0d1db422e5cc.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/ui_packages_updatable-content_updatable-content_ts-0d1db422e5cc.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 23:19:54 GMT
etag: "0x8DCD6A6128E8C4A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 3405085
x-served-by: cache-iad-kiad7000157-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 49, 3431
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4c15d252135327f3dbb5af62cdbf4bba30bca3dd
content-length: 2209
-
GEThttps://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-cab6164e492b.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-cab6164e492b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD15446086236E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 2557986
x-served-by: cache-iad-kcgs7200123-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 2250
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 36b913a565da35671cc008aaca5249e2e7da8476
content-length: 6140
-
GEThttps://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-83e480198629.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/app_assets_modules_github_sticky-scroll-into-view_ts-83e480198629.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 16 Jan 2025 01:08:42 GMT
etag: "0x8DD35CA51C83666"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840317
x-served-by: cache-iad-kjyo7100112-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 36, 6005
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 86190436deb07b30717300a7ca7db1aaf9369f6c
content-length: 3126
-
GEThttps://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-5f1192bdc996.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-5f1192bdc996.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Fri, 24 Jan 2025 00:33:38 GMT
etag: "0x8DD3C0EBEB956B3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 221086
x-served-by: cache-iad-kiad7000151-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 36, 2089
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: dedc78c136c6f9af0dc4329ddbd7d23180c777cf
content-length: 10638
-
GEThttps://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-07c050c6d2d3.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-07c050c6d2d3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Wed, 22 Jan 2025 20:33:28 GMT
etag: "0x8DD3B240762749A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 266341
x-served-by: cache-iad-kiad7000126-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 2, 5749
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: abe2b1ed28367913659ef9a9f35306c8e7b45e54
content-length: 19219
-
Remote address:185.199.108.154:443RequestGET /assets/behaviors-4ff625c629d0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Fri, 17 Jan 2025 16:44:06 GMT
etag: "0x8DD371628B5AA88"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 772575
x-served-by: cache-iad-kcgs7200106-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 7, 2404
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7f0ad0f7c2bd89f40fe5e6a24f54385208bf32a1
content-length: 14952
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:30:55 GMT
etag: "0x8DD34DA5904AD36"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kjyo7100041-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 6889
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a8da78806236336737d2bb71db0371a8940e3845
content-length: 5378
-
Remote address:185.199.108.154:443RequestGET /assets/notifications-global-7556bd523830.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 21 Jan 2025 11:41:21 GMT
etag: "0x8DD3A1086CC7A0D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 428527
x-served-by: cache-iad-kjyo7100110-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 45, 2713
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f56308ce3be8d0ed4fe1d2ddaa699a35ec8be8ab
content-length: 65304
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:16 GMT
etag: "0x8DD34DA6585FAFC"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840316
x-served-by: cache-iad-kiad7000158-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 21, 5939
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 46fd38402a89449e32115f9dd8e202d09e73981e
content-length: 5398
-
Remote address:185.199.108.154:443RequestGET /assets/code-menu-534f8f82fbb7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Wed, 22 Jan 2025 18:54:27 GMT
etag: "0x8DD3B16321FA579"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 247744
x-served-by: cache-iad-kcgs7200118-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 7743
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6652f5369ba9faa06cfc5c0ca11933b842b6b655
content-length: 6387
-
Remote address:185.199.108.154:443RequestGET /assets/primer-react-6bae0b4b7a9d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:11 GMT
etag: "0x8DD34DA6270E58F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840321
x-served-by: cache-iad-kcgs7200096-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7722
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 415c730ede1e457bfada089d0cd4f8d27d7ddece
content-length: 6201
-
Remote address:185.199.108.154:443RequestGET /assets/react-core-56498741b362.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602C33B7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kjyo7100030-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 64, 6333
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d8328ef7498bbfc3c42fc1690f98e6c298fcf333
content-length: 5246
-
Remote address:185.199.108.154:443RequestGET /assets/react-lib-2131e17288a8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:23 GMT
etag: "0x8DD34DA697193FB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840301
x-served-by: cache-iad-kcgs7200044-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 131, 6712
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 726ec759ecbd0338881578c0b4086471fb279037
content-length: 4150
-
Remote address:185.199.108.154:443RequestGET /assets/octicons-react-611691cca2f6.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD15446030C279"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1040387
x-served-by: cache-iad-kiad7000040-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7389
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 27f2e90739d354f7483e996860b6ff748bde03a1
content-length: 18635
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Wed, 15 Jan 2025 21:47:51 GMT
etag: "0x8DD35AE42915564"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 428536
x-served-by: cache-iad-kcgs7200062-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 26, 8646
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9ad879e1b33e9eb857b266d171cc1e2973e37ef5
content-length: 4972
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 15:49:17 GMT
etag: "0x8DD1544602C817F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kjyo7100132-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 7274
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9a94f77d1dba5bdc94f7835ff1693c87682d8b28
content-length: 5120
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:08 GMT
etag: "0x8DD34DA60C70F15"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kjyo7100039-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7771
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8597cd0d2981baa21feea953a6562f6d33a4495e
content-length: 9522
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:27 GMT
etag: "0x8DD34DA6BC936F5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840314
x-served-by: cache-iad-kiad7000179-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 24, 4892
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a91f3b1e515a8718648488b009e136d21b908b3b
content-length: 6371
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 17:47:26 GMT
etag: "0x8DD08C23B22EDF8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kiad7000141-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 31, 7180
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 752806b886fb902e4d3be75be4d1246e637c2c15
content-length: 4143
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-4a736fde5c2f.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-4a736fde5c2f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 16 Jan 2025 01:08:20 GMT
etag: "0x8DD35CA44A93600"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kjyo7100034-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7788
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ebf3a1e625ea3686fdcba7608fb7705ba6bc0cb5
content-length: 6149
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 14:39:52 GMT
etag: "0x8DD0327DE7A8BE3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 2862525
x-served-by: cache-iad-kiad7000107-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 5372
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a3bf79f44264ff42e54fb6f28613c1fa0495e661
content-length: 8037
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_react-reverse-portal_dist_web_index_js-node_modules_primer_live-region-e-18c5ad-0b67a5a18b33.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_react-reverse-portal_dist_web_index_js-node_modules_primer_live-region-e-18c5ad-0b67a5a18b33.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:16 GMT
etag: "0x8DD34DA65855F67"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kiad7000155-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7809
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 18d3797c56d39ba5bd9e204b95258b3092ca7ed6
content-length: 3027
-
GEThttps://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-9909ff6aa778.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-9909ff6aa778.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Sat, 25 Jan 2025 00:10:34 GMT
etag: "0x8DD3CD4B007AF8B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 140726
x-served-by: cache-iad-kcgs7200074-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 72, 3165
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4550568dbac86eff7792cade01aba0cdb894c456
content-length: 5945
-
Remote address:185.199.108.154:443RequestGET /assets/ui_packages_paths_index_ts-b6d716a998b0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:27 GMT
etag: "0x8DD0D665E7C17D4"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 2280749
x-served-by: cache-iad-kcgs7200094-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 4579
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5f579d98419d3ac536157ff16238e8f99650fd36
content-length: 2646
-
GEThttps://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-47d1fc4a26b2.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/ui_packages_ref-selector_RefSelector_tsx-47d1fc4a26b2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 14:39:52 GMT
etag: "0x8DD0D5F05CBAB3B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kiad7000130-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 7217
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 403839c7ef97f597e74d4300e34a7c4b519b443f
content-length: 6786
-
GEThttps://github.githubassets.com/assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-6add77-94ffb49db770.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-6add77-94ffb49db770.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 23 Jan 2025 14:20:20 GMT
etag: "0x8DD3BB911AE14CF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 262697
x-served-by: cache-iad-kiad7000131-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 7, 8891
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3834c8d863dc4a7687781d5c1de6cd14e686b538
content-length: 41835
-
GEThttps://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-495298-ae9b37e7c5f1.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-495298-ae9b37e7c5f1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:30:55 GMT
etag: "0x8DD34DA58F99618"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kiad7000062-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7802
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 861651d5d45fb271bda482135b35cb52f1e2c499
content-length: 3088
-
GEThttps://github.githubassets.com/assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-648c3b-10a5d1781a97.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-648c3b-10a5d1781a97.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:38 GMT
etag: "0x8DD02B44DEAF90D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075701
x-served-by: cache-iad-kjyo7100051-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 21, 7459
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3d8bce102fdd1f9861205355e92ef793a488f77f
content-length: 54804
-
GEThttps://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-bd96236c8a65.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-bd96236c8a65.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:02 GMT
etag: "0x8DD34DA5CDADA7D"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840315
x-served-by: cache-iad-kiad7000118-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 27, 4981
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 412372bf8b8d5d526f85bac023bba56a0064a886
content-length: 3477
-
Remote address:185.199.108.154:443RequestGET /assets/react-code-view-3973629ccc98.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Mon, 09 Dec 2024 18:22:05 GMT
etag: "0x8DD187E625ACB6B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kiad7000085-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 2, 7181
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1f0126e0d62311c3e4563903165ff5bccf5d3677
content-length: 4645
-
GEThttps://github.githubassets.com/assets/notifications-subscriptions-menu-903735ea697a.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/notifications-subscriptions-menu-903735ea697a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 15:32:27 GMT
etag: "0x8DD0D665E0F9ED8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075702
x-served-by: cache-iad-kcgs7200078-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 15, 7193
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2897ecaba8fcfbf4953295d2aa078395b067ef87
content-length: 5379
-
GEThttps://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-a706a57c5626.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/ui_packages_ui-commands_ui-commands_ts-a706a57c5626.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:41 GMT
etag: "0x8DD02B4500C5DFD"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075702
x-served-by: cache-iad-kiad7000164-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 7168
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fe13d0712c72c946876446c19e884d0ad30b1091
content-length: 4311
-
Remote address:185.199.108.154:443RequestGET /assets/keyboard-shortcuts-dialog-02a61356799a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:30:55 GMT
etag: "0x8DD34DA58F7C360"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kcgs7200126-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7793
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2fc5adff45d6296afa0cc6f5be80d8bb2e41f026
content-length: 3362
-
GEThttps://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 19:56:20 GMT
etag: "0x8DD1954B7817C15"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 1075703
x-served-by: cache-iad-kjyo7100066-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 7250
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 104c5ac740d0a85e2b9a04c868b06630d05f2986
content-length: 3683
-
Remote address:185.199.108.154:443RequestGET /assets/sessions-4f48836d3e05.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 16 Jan 2025 17:15:14 GMT
etag: "0x8DD36515792307E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kjyo7100170-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7886
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 463337b0a781ccff012958b319b08ddb2d620f33
content-length: 27489
-
GEThttps://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-3663c076188e.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-app_components_primer_experimental_select-panel-element_ts-3663c076188e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Thu, 16 Jan 2025 01:08:23 GMT
etag: "0x8DD35CA46149BF7"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kjyo7100088-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7419
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 08cf7572a5ddf9f5a30beaa3e356a6113ade66a3
content-length: 7758
-
GEThttps://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-adc992852f7f.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-adc992852f7f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:30:59 GMT
etag: "0x8DD34DA5B75616C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kcgs7200071-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7347
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 999f09553caf7ca64fc29c710794ebbf590afff1
content-length: 543
-
GEThttps://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-2e2c4ea33da2.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-app_components_search_custom-scopes-element_ts-2e2c4ea33da2.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:00 GMT
etag: "0x8DD34DA5BD03AE3"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kiad7000114-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 6862
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5112a0640a0bf19c880aa9a80915401ce4e77189
content-length: 4066
-
GEThttps://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3C55516"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 3296605
x-served-by: cache-iad-kiad7000044-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 13, 6410
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ece22f32ee34dc13c66e0ce64f980035778476d6
content-length: 6323
-
GEThttps://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-0f4cee7579d1.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/ui_packages_query-builder-element_query-builder-element_ts-0f4cee7579d1.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:27 GMT
etag: "0x8DD34DA6BCA205A"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840321
x-served-by: cache-iad-kcgs7200174-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7080
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ad0a48051c7b80912b187993bf77272808d0758d
content-length: 7443
-
GEThttps://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-9e49b0faf8a7.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-9e49b0faf8a7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:01 GMT
etag: "0x8DD34DA5C809C95"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kiad7000041-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 6861
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d41d764e1d823c5f9a32065653573d4056167cd8
content-length: 4434
-
GEThttps://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-3637d26ede66.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-app_components_search_qbsearch-input-element_ts-3637d26ede66.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:00 GMT
etag: "0x8DD34DA5BD8E3BF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kiad7000088-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 6886
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 53fcf4250b0b1fabef7699dd39026b083dc47459
content-length: 16635
-
GEThttps://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-158b85aa02cf.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-158b85aa02cf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:01 GMT
etag: "0x8DD34DA5C3A458B"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kcgs7200061-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7213
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3ef529b248e715eaa0fbef7bea9293a8b0028e72
content-length: 2916
-
GEThttps://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-3c480140bb8e.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-3c480140bb8e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:01 GMT
etag: "0x8DD34DA5C7E2E52"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kcgs7200090-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7188
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 420e5d3205438ae28a6936bfbb827685b1386a1f
content-length: 3163
-
GEThttps://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 19:19:22 GMT
etag: "0x8DD162AE3BAD98C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 2274359
x-served-by: cache-iad-kiad7000114-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 13, 6355
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 578bdebe36053406101587a39b77106a3943ceed
content-length: 5020
-
GEThttps://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-d09671e2bdec.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-d09671e2bdec.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:01 GMT
etag: "0x8DD34DA5C8027E9"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840320
x-served-by: cache-iad-kjyo7100114-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 6793
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 94a1b9413cd7922f30eecc0e5ce0e550af1a676c
content-length: 2522
-
GEThttps://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-141bb9da12c5.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-141bb9da12c5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 14 Jan 2025 20:31:01 GMT
etag: "0x8DD34DA5C7951C5"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:06 GMT
age: 840321
x-served-by: cache-iad-kcgs7200124-IAD, cache-lcy-eglc8600037-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 7218
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ef8d2fe37a165ded31e61c883c03ed69bb785137
content-length: 2791
-
GEThttps://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.jsmsedge.exeRemote address:185.199.108.154:443RequestGET /assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:52:32 GMT
etag: "0x8DD02B44AD10969"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:07 GMT
age: 2337679
x-served-by: cache-iad-kjyo7100146-IAD, cache-lcy-eglc8600037-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 6647
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4247156e8cde0e843f5b3eeac7598b7b578ce43a
content-length: 9421
-
Remote address:185.199.111.133:443RequestGET /u/63458929?v=4&size=40 HTTP/2.0
host: avatars.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-security-policy: default-src 'none'
content-type: image/png
etag: "e25efc2f3c542a995df70f85198b7fd6184be4700ec9756e00c0a8fd9e7a124c"
last-modified: Sat, 24 Jan 2015 09:31:34 GMT
strict-transport-security: max-age=31557600
timing-allow-origin: https://github.com
x-content-type-options: nosniff
x-frame-options: deny
x-github-tenant:
x-xss-protection: 1; mode=block
x-github-request-id: 1DB1:27A8EB:BF2F6:FBF70:67904053
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:07 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600095-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1737906968.647622,VS0,VE5
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 9e6061a4f97687a108badf44fb5418c2bb30ddcd
expires: Sun, 26 Jan 2025 16:01:07 GMT
source-age: 400067
vary: Authorization,Accept-Encoding
content-length: 1505
-
Remote address:8.8.8.8:53Requestgithub-cloud.s3.amazonaws.comIN AResponsegithub-cloud.s3.amazonaws.comIN CNAMEs3-1-w.amazonaws.coms3-1-w.amazonaws.comIN CNAMEs3-w.us-east-1.amazonaws.coms3-w.us-east-1.amazonaws.comIN A52.217.137.137s3-w.us-east-1.amazonaws.comIN A52.217.196.129s3-w.us-east-1.amazonaws.comIN A16.182.98.73s3-w.us-east-1.amazonaws.comIN A52.216.207.107s3-w.us-east-1.amazonaws.comIN A3.5.16.61s3-w.us-east-1.amazonaws.comIN A52.216.88.203s3-w.us-east-1.amazonaws.comIN A3.5.0.34s3-w.us-east-1.amazonaws.comIN A52.217.199.105
-
Remote address:8.8.8.8:53Requestuser-images.githubusercontent.comIN AResponseuser-images.githubusercontent.comIN A185.199.110.133user-images.githubusercontent.comIN A185.199.111.133user-images.githubusercontent.comIN A185.199.108.133user-images.githubusercontent.comIN A185.199.109.133
-
Remote address:8.8.8.8:53Request154.108.199.185.in-addr.arpaIN PTRResponse154.108.199.185.in-addr.arpaIN PTRcdn-185-199-108-154githubcom
-
Remote address:8.8.8.8:53Request133.111.199.185.in-addr.arpaIN PTRResponse133.111.199.185.in-addr.arpaIN PTRcdn-185-199-111-133githubcom
-
Remote address:8.8.8.8:53Requestcollector.github.comIN AResponsecollector.github.comIN CNAMEglb-db52c2cf8be544.github.comglb-db52c2cf8be544.github.comIN A140.82.114.21
-
Remote address:140.82.114.21:443RequestPOST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1081
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
ResponseHTTP/2.0 204
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002796
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C660:207DB9:D8C57E:15B6BDF:67965B17
-
Remote address:140.82.114.21:443RequestPOST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1049
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
ResponseHTTP/2.0 204
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002829
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C660:207DB9:D8C5B0:15B6C1F:67965B17
-
Remote address:140.82.114.21:443RequestPOST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1351
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
ResponseHTTP/2.0 204
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.001744
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C660:207DB9:D8C5BD:15B6C36:67965B17
-
Remote address:140.82.114.21:443RequestPOST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1356
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
ResponseHTTP/2.0 204
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002600
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C660:207DB9:D8C7C4:15B6F38:67965B17
-
Remote address:140.82.114.21:443RequestPOST /github/collect HTTP/2.0
host: collector.github.com
content-length: 1594
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
ResponseHTTP/2.0 204
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.002793
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: C660:207DB9:D8C7F4:15B6F85:67965B19
-
Remote address:185.199.108.154:443RequestGET /favicons/favicon.svg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: image/png
content-md5: YDrNCDxuYozaAYS2sPzvIQ==
last-modified: Wed, 14 Aug 2024 19:49:39 GMT
etag: "0x8DCBC9A3C0EF02F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:07 GMT
age: 3823032
x-served-by: cache-iad-kiad7000023-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 381, 18124
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 51f8782a0e42b0ec2ee2e64f6fca1f30d0c8bae2
content-length: 14426
-
Remote address:185.199.108.154:443RequestGET /assets/apple-touch-icon-144x144-b882e354c005.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-md5: bYAvaN8MCaSZfP0o7q/Z/w==
last-modified: Wed, 14 Aug 2024 19:18:58 GMT
etag: "0x8DCBC95F2647EDF"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:07 GMT
age: 93
x-served-by: cache-iad-kiad7000081-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 1250203, 1
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 66ba6caf8a630ef16fe055cec5ce186418efd50f
content-length: 959
-
Remote address:185.199.108.154:443RequestGET /favicons/favicon.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-md5: NG4JRxNi8pB1EKMYEhKc0g==
last-modified: Wed, 14 Aug 2024 19:18:46 GMT
etag: "0x8DCBC95EB57AC96"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:07 GMT
age: 114
x-served-by: cache-iad-kiad7000070-IAD, cache-lcy-eglc8600031-LCY
x-cache: HIT, HIT
x-cache-hits: 3969931, 2
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 599979604af03db3143a40eba5a8fb410c36d6c5
content-length: 958
-
Remote address:8.8.8.8:53Requestapi.github.comIN AResponseapi.github.comIN A20.26.156.210
-
Remote address:20.26.156.210:443RequestPOST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 4905
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
ResponseHTTP/2.0 200
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1737910567
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: F4F0:2F282:BF33CA:107D565:67965B17
-
Remote address:20.26.156.210:443RequestPOST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 607
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.669896184.1737906965
cookie: logged_in=no
cookie: cpu_bucket=lg
cookie: preferred_color_mode=light
cookie: tz=UTC
ResponseHTTP/2.0 200
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1737910575
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
server: github.com
x-github-request-id: F4F0:2F282:BF3572:107D7D6:67965B17
-
Remote address:8.8.8.8:53Request21.114.82.140.in-addr.arpaIN PTRResponse21.114.82.140.in-addr.arpaIN PTRlb-140-82-114-21-iadgithubcom
-
Remote address:8.8.8.8:53Request210.156.26.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestraw.githubusercontent.comIN AResponseraw.githubusercontent.comIN A185.199.109.133raw.githubusercontent.comIN A185.199.111.133raw.githubusercontent.comIN A185.199.110.133raw.githubusercontent.comIN A185.199.108.133
-
GEThttps://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Stealer/Azorult.exemsedge.exeRemote address:185.199.109.133:443RequestGET /Da2dalus/The-MALWARE-Repo/refs/heads/master/Stealer/Azorult.exe HTTP/2.0
host: raw.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://github.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: application/octet-stream
etag: W/"aacf146c757203d181884a31a898db8487eaa613069506c2f85b26285db1b9dc"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 2A4B:1031F3:82F8D:B43A2:67965A5C
accept-ranges: bytes
date: Sun, 26 Jan 2025 15:56:10 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600049-LCY
x-cache: HIT
x-cache-hits: 0
x-timer: S1737906970.354578,VS0,VE10
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: f9501ecbc41cdbc8f46acb25e1a5460b2b79f6c5
expires: Sun, 26 Jan 2025 16:01:10 GMT
source-age: 189
content-length: 10508800
-
Remote address:8.8.8.8:53Request133.109.199.185.in-addr.arpaIN PTRResponse133.109.199.185.in-addr.arpaIN PTRcdn-185-199-109-133githubcom
-
Remote address:8.8.8.8:53Request149.220.183.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestrms-server.tektonit.ruIN AResponserms-server.tektonit.ruIN CNAMEmain.internetid.rumain.internetid.ruIN A77.223.119.187
-
20.26.156.215:443https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Stealer/Azorult.exetls, http2msedge.exe4.9kB 90.4kB 54 82
HTTP Request
GET https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Stealer/Azorult.exeHTTP Response
200HTTP Request
GET https://github.com/Da2dalus/The-MALWARE-Repo/security/overall-countHTTP Request
GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branchHTTP Request
GET https://github.com/Da2dalus/The-MALWARE-Repo/latest-commit/master/Stealer/Azorult.exeHTTP Request
GET https://github.com/Da2dalus/The-MALWARE-Repo/deferred-metadata/master/Stealer/Azorult.exeHTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branchHTTP Response
304HTTP Request
GET https://github.com/Da2dalus/The-MALWARE-Repo/refs?type=branchHTTP Response
200HTTP Response
304HTTP Request
GET https://github.com/manifest.jsonHTTP Response
200HTTP Request
GET https://github.com/Da2dalus/The-MALWARE-Repo/raw/refs/heads/master/Stealer/Azorult.exeHTTP Response
302 -
185.199.108.154:443https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.jstls, http2msedge.exe34.8kB 1.0MB 551 836
HTTP Request
GET https://github.githubassets.com/assets/light-7aa84bb7e11e.cssHTTP Request
GET https://github.githubassets.com/assets/dark-f65db3e8d171.cssHTTP Request
GET https://github.githubassets.com/assets/github-8049f990d299.cssHTTP Request
GET https://github.githubassets.com/assets/global-d579f4a5b443.cssHTTP Request
GET https://github.githubassets.com/assets/primer-93aded0ee8a1.cssHTTP Request
GET https://github.githubassets.com/assets/primer-primitives-d9abecd14f1e.cssHTTP Request
GET https://github.githubassets.com/assets/react-code-view.ab7d8fac328c00e5e0cc.module.cssHTTP Request
GET https://github.githubassets.com/assets/primer-react.69af3536c032f5d7cd94.module.cssHTTP Request
GET https://github.githubassets.com/assets/code-0210be90f4d3.cssHTTP Request
GET https://github.githubassets.com/assets/repository-6372f70837d3.cssHTTP Request
GET https://github.githubassets.com/assets/notifications-subscriptions-menu.1bcff9205c241e99cff2.module.cssHTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://github.githubassets.com/assets/wp-runtime-b398b722fa1e.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-9da652f58479.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_arianotify-polyfill_ariaNotify-polyfill_js-node_modules_github_mi-3abb8f-d7e6bc799724.jsHTTP Request
GET https://github.githubassets.com/assets/ui_packages_failbot_failbot_ts-038efa22f8cd.jsHTTP Request
GET https://github.githubassets.com/assets/environment-e300f3d2aeda.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_index_mjs-0dbb79f97f8f.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-f6da4b3fa34c.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-a74b4e0a8a6b.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-78748950cb0c.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b5f1d7-a1760ffda83d.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_markdown-toolbar-element_dist_index_js-ceef33f593fa.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c44a69-f0c8a795d1fd.jsHTTP Request
GET https://github.githubassets.com/assets/github-elements-ed51bf4a426a.jsHTTP Request
GET https://github.githubassets.com/assets/element-registry-bfccf829ef3e.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-bb80ec-72267f4e3ff9.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-be8cb88f481b.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-a4a1922eb55f.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-e3cbe28f1638.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-6cf3320416b8.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-e3180fe3bcb3.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-69cfcc-833249ee3034.jsHTTP Request
GET https://github.githubassets.com/assets/ui_packages_updatable-content_updatable-content_ts-0d1db422e5cc.jsHTTP Request
GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-900dde-cab6164e492b.jsHTTP Request
GET https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-83e480198629.jsHTTP Request
GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-d0d0a6-5f1192bdc996.jsHTTP Request
GET https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-07c050c6d2d3.jsHTTP Request
GET https://github.githubassets.com/assets/behaviors-4ff625c629d0.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-f6223d90c7ba.jsHTTP Request
GET https://github.githubassets.com/assets/notifications-global-7556bd523830.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_catalyst_lib_inde-dbbea9-26cce2010167.jsHTTP Request
GET https://github.githubassets.com/assets/code-menu-534f8f82fbb7.jsHTTP Request
GET https://github.githubassets.com/assets/primer-react-6bae0b4b7a9d.jsHTTP Request
GET https://github.githubassets.com/assets/react-core-56498741b362.jsHTTP Request
GET https://github.githubassets.com/assets/react-lib-2131e17288a8.jsHTTP Request
GET https://github.githubassets.com/assets/octicons-react-611691cca2f6.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_tanstack_query-core_build_modern_queryClient_js-e6f07a7e80b7.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_emotion_is-prop-valid_dist_emotion-is-prop-valid_esm_js-node_modules_emo-37e3d5-92730c05e718.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-e7dcdd-f7cc96ebae76.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover-fn_js-55fea94174bf.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-b89b98661809.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_lodash-es__Stack_js-node_modules_lodash-es__Uint8Array_js-node_modules_l-4faaa6-4a736fde5c2f.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_lodash-es__baseIsEqual_js-8929eb9718d5.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_react-reverse-portal_dist_web_index_js-node_modules_primer_live-region-e-18c5ad-0b67a5a18b33.jsHTTP Request
GET https://github.githubassets.com/assets/ui_packages_aria-live_aria-live_ts-ui_packages_promise-with-resolvers-polyfill_promise-with-r-014121-9909ff6aa778.jsHTTP Request
GET https://github.githubassets.com/assets/ui_packages_paths_index_ts-b6d716a998b0.jsHTTP Request
GET https://github.githubassets.com/assets/ui_packages_ref-selector_RefSelector_tsx-47d1fc4a26b2.jsHTTP Request
GET https://github.githubassets.com/assets/ui_packages_code-view-shared_utilities_web-worker_ts-ui_packages_code-view-shared_worker-jobs-6add77-94ffb49db770.jsHTTP Request
GET https://github.githubassets.com/assets/ui_packages_code-view-shared_hooks_use-canonical-object_ts-ui_packages_code-view-shared_hooks-495298-ae9b37e7c5f1.jsHTTP Request
GET https://github.githubassets.com/assets/ui_packages_repos-file-tree-view_repos-file-tree-view_ts-ui_packages_feature-request_FeatureR-648c3b-10a5d1781a97.jsHTTP Request
GET https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-ui_packages_code-nav_code-nav_ts-ui_packages_filter--8253c1-bd96236c8a65.jsHTTP Request
GET https://github.githubassets.com/assets/react-code-view-3973629ccc98.jsHTTP Request
GET https://github.githubassets.com/assets/notifications-subscriptions-menu-903735ea697a.jsHTTP Request
GET https://github.githubassets.com/assets/ui_packages_ui-commands_ui-commands_ts-a706a57c5626.jsHTTP Request
GET https://github.githubassets.com/assets/keyboard-shortcuts-dialog-02a61356799a.jsHTTP Request
GET https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-73b675cf164a.jsHTTP Request
GET https://github.githubassets.com/assets/sessions-4f48836d3e05.jsHTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_select-panel-element_ts-3663c076188e.jsHTTP Request
GET https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-adc992852f7f.jsHTTP Request
GET https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-2e2c4ea33da2.jsHTTP Request
GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-b7767a-9ad7d4eda3d9.jsHTTP Request
GET https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-0f4cee7579d1.jsHTTP Request
GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_jump-to-element_model_ts-9e49b0faf8a7.jsHTTP Request
GET https://github.githubassets.com/assets/chunk-app_components_search_qbsearch-input-element_ts-3637d26ede66.jsHTTP Request
GET https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_element-entry_ts-158b85aa02cf.jsHTTP Request
GET https://github.githubassets.com/assets/chunk-ui_packages_ghcc-consent-element_element-entry_ts-3c480140bb8e.jsHTTP Request
GET https://github.githubassets.com/assets/chunk-vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_combobox-nav_dist-5f477b-eeb221e8a5a3.jsHTTP Request
GET https://github.githubassets.com/assets/chunk-ui_packages_hydro-analytics_hydro-analytics_ts-ui_packages_query-builder-element_element-entry_ts-d09671e2bdec.jsHTTP Request
GET https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_element-entry_ts-141bb9da12c5.jsHTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-362ca569b596.jsHTTP Response
200 -
1.1kB 6.3kB 12 10
-
1.1kB 6.3kB 12 10
-
1.1kB 6.3kB 12 10
-
1.1kB 6.3kB 12 10
-
1.1kB 6.3kB 12 10
-
185.199.111.133:443https://avatars.githubusercontent.com/u/63458929?v=4&size=40tls, http2msedge.exe1.6kB 7.1kB 11 13
HTTP Request
GET https://avatars.githubusercontent.com/u/63458929?v=4&size=40HTTP Response
200 -
9.3kB 8.0kB 28 26
HTTP Request
POST https://collector.github.com/github/collectHTTP Response
204HTTP Request
POST https://collector.github.com/github/collectHTTP Request
POST https://collector.github.com/github/collectHTTP Response
204HTTP Response
204HTTP Request
POST https://collector.github.com/github/collectHTTP Response
204HTTP Request
POST https://collector.github.com/github/collectHTTP Response
204 -
2.4kB 24.5kB 24 28
HTTP Request
GET https://github.githubassets.com/favicons/favicon.svgHTTP Request
GET https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.pngHTTP Response
200HTTP Response
200HTTP Request
GET https://github.githubassets.com/favicons/favicon.pngHTTP Response
200 -
7.7kB 6.4kB 18 17
HTTP Request
POST https://api.github.com/_private/browser/statsHTTP Response
200HTTP Request
POST https://api.github.com/_private/browser/statsHTTP Response
200 -
185.199.109.133:443https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Stealer/Azorult.exetls, http2msedge.exe267.4kB 10.8MB 5129 7787
HTTP Request
GET https://raw.githubusercontent.com/Da2dalus/The-MALWARE-Repo/refs/heads/master/Stealer/Azorult.exeHTTP Response
200 -
52 B 1
-
72 B 158 B 1 1
DNS Request
14.160.190.20.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
5.114.82.104.in-addr.arpa
-
56 B 72 B 1 1
DNS Request
github.com
DNS Response
20.26.156.215
-
73 B 159 B 1 1
DNS Request
228.249.119.40.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
215.156.26.20.in-addr.arpa
-
69 B 133 B 1 1
DNS Request
github.githubassets.com
DNS Response
185.199.108.154185.199.109.154185.199.111.154185.199.110.154
-
75 B 139 B 1 1
DNS Request
avatars.githubusercontent.com
DNS Response
185.199.111.133185.199.109.133185.199.110.133185.199.108.133
-
75 B 253 B 1 1
DNS Request
github-cloud.s3.amazonaws.com
DNS Response
52.217.137.13752.217.196.12916.182.98.7352.216.207.1073.5.16.6152.216.88.2033.5.0.3452.217.199.105
-
79 B 143 B 1 1
DNS Request
user-images.githubusercontent.com
DNS Response
185.199.110.133185.199.111.133185.199.108.133185.199.109.133
-
74 B 118 B 1 1
DNS Request
154.108.199.185.in-addr.arpa
-
74 B 118 B 1 1
DNS Request
133.111.199.185.in-addr.arpa
-
66 B 115 B 1 1
DNS Request
collector.github.com
DNS Response
140.82.114.21
-
60 B 76 B 1 1
DNS Request
api.github.com
DNS Response
20.26.156.210
-
72 B 117 B 1 1
DNS Request
21.114.82.140.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
210.156.26.20.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
raw.githubusercontent.com
DNS Response
185.199.109.133185.199.111.133185.199.110.133185.199.108.133
-
586 B 9
-
74 B 118 B 1 1
DNS Request
133.109.199.185.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
149.220.183.52.in-addr.arpa
-
68 B 114 B 1 1
DNS Request
rms-server.tektonit.ru
DNS Response
77.223.119.187
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Hide Artifacts
2Hidden Files and Directories
1Hidden Users
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
320KB
MD58382847cdc73ba41938181c74cc46c1f
SHA1bf5d307f834194f538329e066f45ca4c3c5b8276
SHA2561eb0095c5db4e451c3939e9f0dc157d4bf02d632f1b6db7ab7014d1edd1d531e
SHA512ebaea3abb4c2340d3682eec24e8f83268dabc2019984b32d6a3b6805d2ab37abdfeb7aaa1263efa6fe07b3ddbbbc7ef2ca7c7e67d95de7d14ceb2bf3efd35225
-
Filesize
384KB
MD5eaf257333b3587b3472904b9e53fd503
SHA118f3e8afdf1c41eb7e9c73e4462eac0e5107d7da
SHA256b143135eee99793ca8322cfe0a916e017503a0cf3ff831b340dede2eac296a8e
SHA512acd4a8973633325c43f2983dd5674cc4da63b8d2acc32ae8696e1b7b5fcf1d720a6792a97150a56d500b9f3cf6507c8d6626b3890907e52d929723f22436f577
-
Filesize
140B
MD55e36713ab310d29f2bdd1c93f2f0cad2
SHA17e768cca6bce132e4e9132e8a00a1786e6351178
SHA256cd8df8b0c43c36aabb0a960e4444b000a04eb513f0b34e12dbfd098944e40931
SHA5128e5cf90470163143aee75b593e52fcc39e6477cd69a522ee77fa2589ea22b8a3a1c23614d3a677c8017fba0bf4b320a4e47c56a9a7f176dbf51db88d9d8e52c1
-
Filesize
12KB
MD5806734f8bff06b21e470515e314cfa0d
SHA1d4ef2552f6e04620f7f3d05f156c64888c9c97ee
SHA2567ae7e4c0155f559f3c31be25d9e129672a88b445af5847746fe0a9aab3e79544
SHA512007a79f0023a792057b81483f7428956ab99896dd1c8053cac299de5834ac25da2f6f77b63f6c7d46c51ed7a91b8eccb1c082043028326bfa0bfcb47f2b0d207
-
Filesize
1KB
MD56a5d2192b8ad9e96a2736c8b0bdbd06e
SHA1235a78495192fc33f13af3710d0fe44e86a771c9
SHA2564ae04a85412ec3daa0fb33f21ed4eb3c4864c3668b95712be9ec36ef7658422a
SHA512411204a0a1cdbe610830fb0be09fd86c579bb5cccf46e2e74d075a5693fe7924e1e2ba121aa824af66c7521fcc452088b2301321d9d7eb163bee322f2f58640d
-
Filesize
1.1MB
MD5bb22f4f6f1f385a25af5f06285529947
SHA14741ff48e9a777f5bb9907b65a22651e53aa7e39
SHA256cc41ce1ee407ae496bb4b5816942d9fcca0aa56e8e9ab30ac4f8b904d5703114
SHA512e30b5bada5ac00dee88be93faf6f1e1dbd5ddaf076625b49f8c423e72cbdb0a75388b7d294c4527f8749ed4f902834e6d3bc7e3e0bcc7def5c8d94aa71184f96
-
Filesize
1.7MB
MD537a8802017a212bb7f5255abc7857969
SHA1cb10c0d343c54538d12db8ed664d0a1fa35b6109
SHA2561699b9b4fc1724f9b0918b57ca58c453829a3935efd89bd4e9fa66b5e9f2b8a6
SHA5124e20141da8ea4499daf8be5cc41b664dc4229e9575765caf6dc5873d8d0a09f9e200988e1404e767d0415005876a4cf38d5737bd3e1b2c12c4a8fb28adb4f0a0
-
Filesize
1.5MB
MD50d3be1d9bbdfb4833746bb935e7c7ab3
SHA12a651881b6cfd41364f568fdc38b68f924ce24dc
SHA256680e4ae3e639fa6e66a52eb05c4260371e903cdad1951865aa5586fc430f064d
SHA5120419707b40d4409c7f9163293238c58911f229818946ca53a89c3968f2c6d3fb18d8bfcbeda66d125fd3ff55eb648a2ef7c8a6b4729bcf4277d4d9da435e2fbe
-
Filesize
961KB
MD503a781bb33a21a742be31deb053221f3
SHA13951c17d7cadfc4450c40b05adeeb9df8d4fb578
SHA256e95fc3e7ed9ec61ba7214cc3fe5d869e2ee22abbeac3052501813bb2b6dde210
SHA512010a599491a8819be6bd6e8ba3f2198d8f8d668b6f18edda4408a890a2769e251b3515d510926a1479cc1fa011b15eba660d97deccd6e1fb4f2d277a5d062d45
-
Filesize
418B
MD5db76c882184e8d2bac56865c8e88f8fd
SHA1fc6324751da75b665f82a3ad0dcc36bf4b91dfac
SHA256e3db831cdb021d6221be26a36800844e9af13811bac9e4961ac21671dff9207a
SHA512da3ca7a3429bb9250cc8b6e33f25b5335a5383d440b16940e4b6e6aca82f2b673d8a01419606746a8171106f31c37bfcdb5c8e33e57fce44c8edb475779aea92
-
Filesize
152B
MD585ba073d7015b6ce7da19235a275f6da
SHA1a23c8c2125e45a0788bac14423ae1f3eab92cf00
SHA2565ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617
SHA512eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3
-
Filesize
152B
MD57de1bbdc1f9cf1a58ae1de4951ce8cb9
SHA1010da169e15457c25bd80ef02d76a940c1210301
SHA2566e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e
SHA512e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize1KB
MD568f48a3fc31a4a965e3a0ffaa9378031
SHA11ee4f46a8de50672d716955f96efcd8a32deb8e9
SHA25600bbb948bc6fa7daa3c3d4cbcea077625078f27a9b1dc6b01826d8a456ace438
SHA51264cd8ff05e470f0b07368bc58090bea152bfa26295081e44ee05639836c58e2d844f259c3f6417d0956f5756c3e250c11aedb25df8449abce9169e65e5798c0f
-
Filesize
5KB
MD59549024c5f5c3468d3952ce9dc152563
SHA1746210563261fd04f446651d27f2dcb51e035045
SHA25617441ef6263bc3bf7c008c76cb3671d18a582ee97ba63eff5502735be2dff922
SHA512b885231ec672a30438d05545cb1a49f9daf0a80f848a75f04c7b493a0e72212b6eb73147e6cfc9faa7c889fafbe8c5f5b0173d4a93059865d8b6eb1de5a01d8b
-
Filesize
6KB
MD51a55968372a9fa5ebefdabbcdcfef823
SHA1ae4150c98d9cf5b3fcbca380a703b00b7a03b084
SHA256f2f5dc1ab3b7246c9cf8f3bb75c1c32d0310e29fbafaf13c9016ed1be16a789a
SHA512d8a148c7b83882ef3f4876e6dee0ecaef221ee14e6a7abd1f6d65a2bd2ae62e269205c685ba5defc4dfe4b9aa7659487752aa0d773c4438472479b11f5414144
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
10KB
MD5afbf281b8331efff133eac1a821edda8
SHA1a2dd4e101761788d8963f26c66d9553d100a48c0
SHA2569d9fae37df89ec6ac197444c07c70016c6a9315e733273b7a532bd72cfd6d34f
SHA51254392ceb2d6bf46df919328307a4fcdbb477c916a368698c5bf394ef1e779ffb2790fe6ae46c27649a79a5f5407b155b85c350229c67e0f32874cd8ea417ee36
-
Filesize
4.5MB
MD5f9a9b17c831721033458d59bf69f45b6
SHA1472313a8a15aca343cf669cfc61a9ae65279e06b
SHA2569276d1bb2cd48fdf46161deaf7ad4b0dbcef9655d462584e104bd3f2a8c944ce
SHA512653a5c77ada9c4b80b64ae5183bc43102b32db75272d84be9201150af7f80d96a96ab68042a17f68551f60a39053f529bee0ec527e20ab5c1d6c100a504feda8
-
Filesize
10.0MB
MD55df0cf8b8aa7e56884f71da3720fb2c6
SHA10610e911ade5d666a45b41f771903170af58a05a
SHA256dd396a3f66ad728660023cb116235f3cb1c35d679a155b08ec6a9ccaf966c360
SHA512724ce5e285c0ec68464c39292be62b80124909e98a6f1cd4a8ddee9de24b9583112012200bf10261354de478d77a5844cb843673235db3f704a307976164669a
-
Filesize
896KB
MD5e08abdce9f627c50b330f59ba1f0d053
SHA19a3dbfa7f92462e8b5b7f9d0c9639c0e5bd7bd4b
SHA256b8e89d22dc2f88b4bdd641c45a76354888744c1a4de45f2048fee83aa21c2f1b
SHA512bd372a1847e7d7101ca5dbff90db0b7300fdbffad68804daa49c405e27bd899b3c6310ea531cf71754917df3c308f9eae5892da8da26b8c3a8f117b36a606424
-
Filesize
256KB
MD5da33055205d9bd46d8165bd295538242
SHA1ab6a7d9080f5b0c157f6bbfc3316f6c8c2820c69
SHA25673b2bacfe67d7eecd01922ac0201e04c4858213406d104b30b3c679f49c90e56
SHA5123c7e2566f97bb5e6a98951bf3bdc95c140de624d8c085db483ee932c3e15a5960a1a37bd2e081823910514a17d62d61c44beb6f695ab3cffa332c8e69b2e4a4d