Report Overview

  1. Submitted URL

    www.cnvwvendas.com.br/public.zip

  2. IP

    162.241.181.26

    ASN

    #19871 NETWORK-SOLUTIONS-HOSTING

  3. Submitted

    2024-03-28 08:26:37

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    0

  4. Threat Detection Systems

    2

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
www.cnvwvendas.com.brunknownunknown2019-07-112024-03-28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    www.cnvwvendas.com.br/public.zip

  2. IP

    162.241.181.26

  3. ASN

    #19871 NETWORK-SOLUTIONS-HOSTING

  1. File type

    Zip archive data, at least v1.0 to extract, compression method=store

    Size

    2.0 MB (2016597 bytes)

  2. Hash

    7c10219568a1658c69b7dd8d1b3d756b

    928329efc021bca853bb55a8929caf27a7f881a3

  1. Archive (54)

    2. FilenameMd5File type
    .htaccess
    6759b7effbacb6febbc8271be08f0c25
    		Unicode text, UTF-8 text
    error_log
    285f3cc4294d805c8acc87d0ab31c053
    		ASCII text
    ssmsnaur.php
    924925480fcce4a533c8817fde2e4aeb
    		PHP script, ASCII text, with CRLF line terminators
    database_connection.php
    709f580abac99348c03af4cedd7567c5
    		PHP script, ASCII text
    DB.class.php
    8bdf3fce42d0711afbf718db6f16185a
    		PHP script, ASCII text
    error_log
    adbc003f4c977883d7d75d2bb1368051
    		ASCII text
    index.php
    7afcfecb17459f3df5d69205a4f047fb
    		HTML document, Unicode text, UTF-8 text, with very long lines (461)
    index_alterada.php
    cd0d32d14b54eb8910bdd28937bb858e
    		HTML document, Unicode text, UTF-8 text, with very long lines (461)
    obrigado.php
    5e783889fd33696a2ed942b4ddc9631f
    		HTML document, Unicode text, UTF-8 text, with very long lines (461)
    ajax-loader.gif
    c5cd7f5300576ab4c88202b42f6ded62
    		GIF image data, version 89a, 32 x 32
    config.rb
    c47857bcaf2a4cf98b1bce99c48d4cd9
    		ASCII text
    slick.eot
    ced611daf7709cc778da928fec876475
    		Embedded OpenType (EOT), slick family
    slick.svg
    f97e3bbf73254b0112091d0192f17aec
    		SVG Scalable Vector Graphics image
    slick.ttf
    d41f55a78e6f49a5512878df1737e58a
    		TrueType Font data, 13 tables, 1st "FFTM", 12 names, Macintosh, type 1 string
    slick.woff
    b7c9e1e479de3b53f1e4e30ebac2403a
    		Web Open Font Format, CFF, length 1380, version 1.0
    slick-theme.css
    f9faba678c4d6dcfdde69e5b11b37a2e
    		Unicode text, UTF-8 text
    slick-theme.less
    c7c46d5960843c56fdfc63a789349434
    		Unicode text, UTF-8 text
    slick-theme.scss
    e97dc549d5450ebd34fe128eefc69cd6
    		Unicode text, UTF-8 text
    slick.css
    f38b2db10e01b1572732a3191d538707
    		ASCII text
    slick.js
    36f5dfaf4ab9fc2ebf345c1e348de969
    		JavaScript source, ASCII text
    slick.less
    f5309cf6905194850b44fb78b8028b95
    		ASCII text
    slick.min.js
    16a791ccc8e9d34fc76accfadfdd5e4f
    		JavaScript source, ASCII text, with very long lines (53179)
    slick.scss
    f5309cf6905194850b44fb78b8028b95
    		ASCII text
    starry.min.css
    8608ab872813badb56941553c7871c93
    		assembler source, ASCII text, with very long lines (669)
    itaudisplay_bd-webfont.woff2
    943eded538dde6a0dfafee5453aa6dcf
    		Web Open Font Format (Version 2), TrueType, length 20492, version 1.0
    itaudisplay_lt-webfont.woff2
    c2237a47b207b79d49dacbc6767f094b
    		Web Open Font Format (Version 2), TrueType, length 19856, version 1.0
    itaudisplay_xbd-webfont.woff2
    195620c524ec7c323db8fa3ceccb9cd2
    		Web Open Font Format (Version 2), TrueType, length 20244, version 1.0
    itaufonts_master_24px_v44.woff
    6ba4cc7698106f7750e81641aeeaea27
    		Web Open Font Format, TrueType, length 179616, version 1.0
    ItauText_Bd.woff2
    6c8fe1156552769b5e65e3fc1eb81395
    		Web Open Font Format (Version 2), TrueType, length 18140, version 1.0
    ItauText_Lt.woff2
    f755825cfc33424de53229ed51a48547
    		Web Open Font Format (Version 2), TrueType, length 17508, version 1.0
    ItauText_Rg.woff2
    4c9045c151fd584835340bef1292fa48
    		Web Open Font Format (Version 2), TrueType, length 17892, version 1.0
    ItauText_XBd.woff2
    0497e59a98e9b5907eada6a161b29c6a
    		Web Open Font Format (Version 2), TrueType, length 18808, version 1.0
    propostaenviada.jpg
    a7c3dec58be3fefd2b17e3f2a4ecf159
    		JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=447, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=796], baseline, precision 8, 796x447, components 3
    Banco_Central_do_Brasil_logo-1.png
    591e271c52cc5f5a35287970a05ab22f
    		PNG image data, 3000 x 755, 8-bit colormap, non-interlaced
    cadeado.jpg
    897ab157cd8554b2f77f34beb5b2f4e6
    		JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 688x136, components 3
    dep1.png
    fb2408bc64c4670f4a196b722d438020
    		PNG image data, 321 x 276, 8-bit colormap, non-interlaced
    dep2.png
    c67cff497f67daaa08cbdf1679cef4fe
    		PNG image data, 321 x 276, 8-bit colormap, non-interlaced
    dep3.png
    717101782f1a7c9c81e130f9a2760e5f
    		PNG image data, 321 x 276, 8-bit colormap, non-interlaced
    dep4.png
    ed6ebdc6cf60fa7a64087a168a0b7ca0
    		PNG image data, 321 x 276, 8-bit colormap, non-interlaced
    dep5.png
    dee266429d0bba720792528177a71ce8
    		PNG image data, 321 x 276, 8-bit colormap, non-interlaced
    entidades.jpg
    4f4a621896ba5ef0d575b8cc96c5cd13
    		JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 688x136, components 3
    ic_depoi.png
    3f438c317559b9beb122e35a246fabed
    		PNG image data, 69 x 69, 8-bit colormap, non-interlaced
    ic_faq.png
    79223a2e367147d610d0029d2734277a
    		PNG image data, 69 x 69, 8-bit colormap, non-interlaced
    logo.png
    db26fca8e822bc7f47132a1923062850
    		PNG image data, 272 x 42, 8-bit colormap, non-interlaced
    m-slide.jpg
    8a752e34c4c00fba18818077dd3e3e8d
    		JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3
    man-phone.jpg
    c2f4e7c7e68db3c8ab3260c0c2fc3411
    		JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 358x320, components 3
    mcafee.png
    cabcd1a3d457755d4a5b7b041a61bd05
    		PNG image data, 860 x 348, 8-bit colormap, non-interlaced
    propostaenviada.jpg
    59c166f7106509a465c05d33434aa325
    		JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 796x447, components 3
    slide.jpg
    0b39097dfb4c7df29d41a213c0dbf114
    		JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=629, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1423], progressive, precision 8, 1423x629, components 3
    slide1.jpg
    5097dbe07219cd9de125dfb37d6971cf
    		JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1423x629, components 3
    ssl.png
    f6927e8df079d7c74b60fc18d8a8ad80
    		PNG image data, 519 x 231, 8-bit colormap, non-interlaced
    mask.min.js
    e89d326e0218c78fe207ae20685e59fe
    		JavaScript source, ASCII text, with very long lines (542)
    error_log
    651f94c270e7b0c777df4b68d210f9bf
    		ASCII text
    send.php
    13ab7bc3412dd3b82c95bccdfb9cd5d7
    		HTML document, ASCII text

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    php webshell having some kind of input and some kind of payload. restricted to small files or big ones inclusing suspicious strings
    Public Nextron YARA rulesmalware
    PHP webshell which eval()s obfuscated string

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
www.cnvwvendas.com.br/public.zip
162.241.181.26200 OK2.0 MB