Report - s3.amazonaws.com/awesomeminer-download/srbminer-cn-v1-9-0.zip

Report Overview

Submitted URL
s3.amazonaws.com/awesomeminer-download/srbminer-cn-v1-9-0.zip
IP
16.182.38.216
ASN
#16509 AMAZON-02
Submitted
2024-05-08 01:14:18
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s3.amazonaws.com	unknown	2005-08-18	2020-05-13	2024-03-23	515 B	7.5 MB	52.216.48.56

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
s3.amazonaws.com/awesomeminer-download/srbminer-cn-v1-9-0.zip
IP
52.216.48.56
ASN
#16509 AMAZON-02

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
7.5 MB (7487071 bytes)
Hash
7287db354b4e4d8aae6cd0c4022eb5bd
ce31d52629d2a190d43514b611900a55ebb50d6b
37d61713c3f57a8b08bb1e0d4cc4cb8d1b7c1dba5716134b4560216ec73d3d66

Archive (48)

Filename

Md5

File type

algos.txt

6a93051a28b2b3e370f2086eff116075

JSON text data

benchmark-algos.bat

48dee6af06d78bb1b99a1bdcb6dd8169

ASCII text, with CRLF line terminators

config-alloy.txt

7db4f019c957c23d745bf815a3201062

JSON text data

config-arto.txt

e817b4799e7955f942455f7a19877921

JSON text data

config-b2n.txt

46cb4e631a8db68e0b72456ba4ad9265

JSON text data

config-bittubev2.txt

c28d7d701b68c59e75f60ea08cfc98b5

JSON text data

config-conceal.txt

6793ab73671483a80c30baccf491e034

JSON text data

config-dark.txt

d7d368d8305deb5d29ea6ee484c7942c

JSON text data

config-fast.txt

57b42d76a8a1c76be19fcaabf8af637c

JSON text data

config-fast2.txt

a1c5b1e250617bcb2eb1b8a97f3216ba

JSON text data

config-festival.txt

12b13aa40d44fdfc65c91802009a46e9

JSON text data

config-gpu.txt

ac82a10fa8c6ba8d30c7a1471f6aede1

JSON text data

config-graft.txt

0dd9284c74c788a94de3daa590ae728c

JSON text data

config-haven.txt

552007a099dcb371204f540e2b1326fd

JSON text data

config-heavy.txt

3cfa2a117dcdbcf23f2fdfe2aa6d2e2b

JSON text data

config-hospital.txt

1017922fc8435421f89ada3617b7b07b

JSON text data

config-hycon.txt

1b6508fc19e1b7b4e6454977c0529ea2

JSON text data

config-italo.txt

17d64fdb590c4eecdd98fc8a237cd3c9

JSON text data

config-litev7.txt

376944f57068591f81dab622d2280fbd

JSON text data

config-marketcash.txt

b96f10a2c695883f81abf981258a0b4c

JSON text data

config-mox.txt

b87d0c0a661e2b951a3b922d4496814b

JSON text data

config-normal.txt

1a9e35336df1a3df38ef9befa8ab3727

JSON text data

config-normalv4.txt

09e47ac2e163f4451c2b46e150b2b6ab

JSON text data

config-normalv4_64.txt

7a49ca13a7a652190961e7400a0f62f3

JSON text data

config-normalv7.txt

6745bfc8cd7c354acb57d92357411754

JSON text data

config-normalv8.txt

e742b319f3d43c872f80bbca917d8125

JSON text data

config-stellitev4.txt

b12fa08ea613158cd2e91c360be243ad

JSON text data

config-stellitev8.txt

46c4a52c5637598bd1621745a37a2619

JSON text data

config-swap.txt

b9fa078d291e744e49a1323479676545

JSON text data

config-turtle.txt

741d3a5b7ac6cb36b496009e038424ed

JSON text data

config-upx.txt

0cb0a58bd3cb1de06ae12c971da0613a

JSON text data

config-upx2.txt

1fb532b716e64c47eb6b006889bfa571

JSON text data

config-wownero.txt

f6b3e5124d52ad2fc7b89fee01758d91

JSON text data

config-xcash.txt

6a11677797bfb123aeaa36279c6425c3

JSON text data

config-zelerius.txt

6e1d345a1c2b27d6ec27bcd9c99199ab

JSON text data

devcon.exe

ab15859608d743048d77cd1474c8cd9f

PE32+ executable (console) x86-64, for MS Windows, 6 sections

guided-setup.bat

32b8b5ee4b09d239bb9f0d9a4d00142f

DOS batch file, ASCII text, with CRLF line terminators

pools-algoswitch.txt

b0d8542abd60f183b87b126f521a6cb6

JSON text data

pools.txt

1a7e70f661a534bcb706568454b12d02

JSON text data

ReadMe.txt

c8f1bc241b746df2b19175126f4060f5

ASCII text, with very long lines (320), with CRLF line terminators

reboot-windows.bat

f9f33cfaa9c2f5fff2d65f3865430918

ASCII text, with no line terminators

Readme.txt

70877dc37fed67ca0d5c43141d8db503

ASCII text, with CRLF line terminators

SRB-Restart-example.bat

4c59fce56b4dae158ede1d79da5e51b5

ASCII text, with CRLF line terminators

SRB-Restarter.exe

67fb778e9ec11ad302917235454f3daa

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections

SRBMiner-CN.exe

a8d4ab478ba8488239e59533434fd652

PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows, 15 sections

start-algo-switching.bat

dfde005a3daf01ce0b6b381414539a20

ASCII text, with CRLF line terminators

start.bat

95b526e50ee47380248df33ba23b27cc

ASCII text, with CRLF line terminators

WinIo64.sys

97373d38bdd890a2f1224c7d1586db91

PE32+ executable (native) x86-64, for MS Windows, 5 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	signed_sys_with_vulnerablity
VirusTotal	malicious	VirusTotal - Scan result 40/66

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

s3.amazonaws.com/awesomeminer-download/srbminer-cn-v1-9-0.zip

52.216.48.56

200 OK

7.5 MB

URL User Request GET HTTP/1.1
s3.amazonaws.com/awesomeminer-download/srbminer-cn-v1-9-0.zip
IP
52.216.48.56:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
7.5 MB (7487071 bytes)
Hash
7287db354b4e4d8aae6cd0c4022eb5bd
ce31d52629d2a190d43514b611900a55ebb50d6b
37d61713c3f57a8b08bb1e0d4cc4cb8d1b7c1dba5716134b4560216ec73d3d66

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 40/66

HTTP Headers

GET /awesomeminer-download/srbminer-cn-v1-9-0.zip HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: BYaeVbs8n25gCLWgFzJxp+FrcuUKdgwDaRnUS12cQsJlMVw7hyC+Ktfvuhj6h458L6LRxATfKJ4=
x-amz-request-id: 6EGJG20CS6KETYT7
Date: Wed, 08 May 2024 01:13:52 GMT
Last-Modified: Mon, 24 Jun 2019 13:22:26 GMT
ETag: "7287db354b4e4d8aae6cd0c4022eb5bd"
Accept-Ranges: bytes
Content-Type: application/x-zip-compressed
Server: AmazonS3
Content-Length: 7487071

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (48)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers