cyber security experts please help me find something !

กระดานสนทนาทั้งหมด > ฟอรัม Steam > Off Topic > รายละเอียดกระทู้

76561199805766231 9 ก.ค. @ 12: 59am

Anyone who's extremely proficient with cyber security please help me find out what this is. So ... I'm playing balatro and i see a card in the game that looks like the guy from that meme " F her right in the P " you know the guy who storms the news live and says it. So i googled " Balatro F her right in the P card " but i actually spelled it all the way out. On the first page of google at the bottom on page 1 a link is there for space biff website and the sentence at the bottom talks about bird folk . I clicked on it and it didn't open a website but it downloaded some file. I ran the file through virus total but nothing comes up . Why does this site randomly download a file without opening ? I'm on linux and nothing has happened .

I'm asking anyone who's good with cyber security to tell me what the file actually is . I need to know what it is . Each time you click that link on google a file with a new random name is downloaded. Virus scans show nothing but that's weird right ? Please help me figure out what this thing is .

DISCLAIMER I NEED CYBER SECURITY EXPERTS ONLY PLEASE IF YOU'RE ANYONE ELSE THEN DON'T DO THIS BUT I WANT SOMEONE QUALIFIED TO TELL ME WHAT IT IS .

แก้ไขล่าสุดโดย Green&GoldSagii's; 9 ก.ค. @ 1: 18am

< >

กำลังแสดง 1-15 จาก 20 ความเห็น

*ੈ✩‧₊˚༺☆Prinny☆ 9 ก.ค. @ 1: 02am

Sounds like piracy. Consider wiping all your hard drives with sudo dd if=/dev/zero of=/dev/sdb then repent of your wicked ways.

Apollo702 9 ก.ค. @ 1: 03am

This post is very sketchy and suspicious.

Refuse to engage.

76561199805766231 9 ก.ค. @ 1: 04am

โพสต์ดั้งเดิมโดย *ੈ✩‧₊˚༺☆Prinny☆:
Sounds like piracy. Consider wiping all your hard drives with sudo dd if=/dev/zero of=/dev/sdb then repent of your wicked ways.

dude stop trolling I have the game on steam . Has absolutely nothing to do with piracy I'm trying to figure out what exactly that file is . I need someone who's an expert to look into it and tell me what it is . If you don't know what you're doing don't click it. I really want to know just what it is though .

76561199805766231 9 ก.ค. @ 1: 07am

โพสต์ดั้งเดิมโดย Apollo702:
This post is very sketchy and suspicious.

Refuse to engage.

no what happened to me is weird and i want to know what it is . I'm not asking for random people who AREN'T cyber security experts to do it . I'm specifically asking for pros to tell me what it is . I don't care if you're a government agent i want to know what it is . If you're not a cyber security expert who can investigate it and just let me know what the heck it is then don't .

76561199805766231 9 ก.ค. @ 1: 07am

if someone knows what it is could you at least report the link ? I have no idea how to do so.

*ੈ✩‧₊˚༺☆Prinny☆ 9 ก.ค. @ 1: 08am

โพสต์ดั้งเดิมโดย Green&GoldSagii's:
โพสต์ดั้งเดิมโดย *ੈ✩‧₊˚༺☆Prinny☆:
Sounds like piracy. Consider wiping all your hard drives with sudo dd if=/dev/zero of=/dev/sdb then repent of your wicked ways.
dude stop trolling I have the game on steam . Has absolutely nothing to do with piracy I'm trying to figure out what exactly that file is . I need someone who's an expert to look into it and tell me what it is . If you don't know what you're doing don't click it. I really want to know just what it is though .

legitimately purchased games through steam wont send you to sketchy third party websites. stop being a bad person and beg gaben for forgiveness.

76561199805766231 9 ก.ค. @ 1: 13am

โพสต์ดั้งเดิมโดย *ੈ✩‧₊˚༺☆Prinny☆:
โพสต์ดั้งเดิมโดย Green&GoldSagii's:
dude stop trolling I have the game on steam . Has absolutely nothing to do with piracy I'm trying to figure out what exactly that file is . I need someone who's an expert to look into it and tell me what it is . If you don't know what you're doing don't click it. I really want to know just what it is though .
legitimately purchased games through steam wont send you to sketchy third party websites. stop being a bad person and beg gaben for forgiveness.

Dude you're either trolling extremely hard or just not reading. I didn't get it from the game . Can you read ? I said I'm playing balatro ..... in the game of balatro their is a card . The card is a joker card . It's a card of a dude in a hoodie with glasses that looks like the guy from the famous meme of the guy IRL who runs on the news yelling " F her right in the p " . I wanted to see if others thought it looked like him so i went to my browser and googled " Balatro F her right in the P card " but i spelled it all the way out ( i can't spell it out here on steam for obvious reasons ) on google on page one at the bottom their is a link that says " leder games " and the site is space biff ..... i clicked it to see what it was and it downloaded a random file . This was weird to me so i took the file and uploaded it to virustotal website but nothing came back. I'm asking for ANYBODY IN CYBERSECURITY TO TELL ME WTF IT ACTUALLY IS OR AT LEAST REPORT THE WEBSITE IF IT'S MALICIOUS BECAUSE I DON'T KNOW HOW TO DO SO.

read for crying out loud .

แก้ไขล่าสุดโดย Green&GoldSagii's; 9 ก.ค. @ 2: 15am

76561199805766231 9 ก.ค. @ 1: 16am

Bro i swear i should have went to reddit because 98% of steam users don't read what you type or think critically about stuff. This community gets on my nerves with some of the replies they leave. How do you operate a computer but fail to read the most basic of sentences ?

skOsH♥ 9 ก.ค. @ 1: 20am

You could run a whois for the website domain and see who owns it, I suppose

I wouldn't trust any of the "scam detector" sites or anything

Midori 9 ก.ค. @ 1: 21am

Any website can be configured to just have a blank index page that downloads a file, it's usually the result of an error, and if not, usually malicious.

Is it an exe file? If you're curious what such a file would do, you can upload it to:

https://hybrid-analysis.com/

If link removed, google "Hybrid Analysis"

It will be run on a remote virtual machine and all of its behaviour will be monitored and logged for you to check out to see what it does.

If I had to guess, (assuming it's an executable file) it could be an obfuscated malware/ransomware whose name is randomised each time.

แก้ไขล่าสุดโดย Midori; 9 ก.ค. @ 1: 25am

#10

76561199805766231 9 ก.ค. @ 1: 23am

โพสต์ดั้งเดิมโดย skOsH♥:
You could run a whois for the website domain and see who owns it, I suppose

I wouldn't trust any of the "scam detector" sites or anything

Ok but won't whois just tell me who owns the site ? I want to know what the hell this file is sitting on my PC . I don't know what it is and I'm not going to open it. All i know is that if i click the site again it downloads the file with some random text . I don't know what it actually is or why nothing comes up in virus total. If that site is malicious then it needs to be reported but i don't know how i submit a website to the authorities .

#11

76561199805766231 9 ก.ค. @ 1: 23am

โพสต์ดั้งเดิมโดย Midori:
Any website can be configured to just have a blank index page that downloads a file, it's usually the result of an error, and if not, usually malicious.

Is it an exe file? If you're curious what such a file would do, you can upload it to:

{ลิงก์ถูกลบแล้ว}https://hybrid-analysis.com/

It will be run on a remote virtual machine and all of its behaviour will be monitored and logged for you to check out to see what it does.

Thanks for your reply I'll try that .

#12

76561199805766231 9 ก.ค. @ 1: 29am

โพสต์ดั้งเดิมโดย Midori:
Any website can be configured to just have a blank index page that downloads a file, it's usually the result of an error, and if not, usually malicious.

Is it an exe file? If you're curious what such a file would do, you can upload it to:

{ลิงก์ถูกลบแล้ว}https://hybrid-analysis.com/

It will be run on a remote virtual machine and all of its behaviour will be monitored and logged for you to check out to see what it does.

Ok it says the file is clean and all i see is text/xml for the " mime: " what ever that means .

" The file "lHjdjry-" has the file format "text", which is not supported "

I really don't understand wtf this thing is supposed to be .

#13

skOsH♥ 9 ก.ค. @ 1: 29am

โพสต์ดั้งเดิมโดย Green&GoldSagii's:
โพสต์ดั้งเดิมโดย skOsH♥:
You could run a whois for the website domain and see who owns it, I suppose

I wouldn't trust any of the "scam detector" sites or anything
Ok but won't whois just tell me who owns the site ? I want to know what the hell this file is sitting on my PC . I don't know what it is and I'm not going to open it. All i know is that if i click the site again it downloads the file with some random text . I don't know what it actually is or why nothing comes up in virus total. If that site is malicious then it needs to be reported but i don't know how i submit a website to the authorities .

I think the regulatory agency to report to is CISA iirc, but I am not sure if that's just U.S. or global

#14

76561199805766231 9 ก.ค. @ 1: 34am

โพสต์ดั้งเดิมโดย skOsH♥:
โพสต์ดั้งเดิมโดย Green&GoldSagii's:
Ok but won't whois just tell me who owns the site ? I want to know what the hell this file is sitting on my PC . I don't know what it is and I'm not going to open it. All i know is that if i click the site again it downloads the file with some random text . I don't know what it actually is or why nothing comes up in virus total. If that site is malicious then it needs to be reported but i don't know how i submit a website to the authorities .

I think the regulatory agency to report to is CISA iirc, but I am not sure if that's just U.S. or global

ok thanks I'll see if i can report the site or figure out anything else .

#15

< >

กำลังแสดง 1-15 จาก 20 ความเห็น

ต่อหน้า: 1530 50

กระดานสนทนาทั้งหมด > ฟอรัม Steam > Off Topic > รายละเอียดกระทู้

วันที่โพสต์: 9 ก.ค. @ 12: 59am

โพสต์: 20

เริ่มกระดานสนทนาใหม่

กฎและแนวทางปฏิบัติในกระดานสนทนา

รายงานโพสต์นี้