Report Overview
Submitted URL
www.shellterproject.com/Downloads/Shellter/Old/shellter_v6.9.zip
IP
38.242.134.114
ASN
#51167 Contabo GmbH
Submitted
2024-04-19 22:31:03
Access
public
Website Title
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
11
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
www.shellterproject.com | unknown | 2014-04-23 | 2017-02-25 | 2024-04-18 | 518 B | 332 kB | 38.242.134.114 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-04-19 | medium | www.shellterproject.com/Downloads/Shellter/Old/shellter_v6.9.zip | Hunting_Rule_ShikataGaNai |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
www.shellterproject.com/Downloads/Shellter/Old/shellter_v6.9.zip
IP
38.242.134.114
ASN
#51167 Contabo GmbH
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
332 kB (332244 bytes)
Hash
cbdfe6057890f4ed7f3c61e1597fc811
4d05d1e85b469b8febf99b39db3f8f2ab7e8d363
Archive (13)
Filename | Md5 | File type | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
faq.txt | db1c8969995d83d72472cb4e3a9c28d2 | ASCII text, with CRLF line terminators | |||||||||
readme.txt | a7b1e43800cfc0eb368e655fed06a0aa | Non-ISO extended-ASCII text, with CRLF line terminators | |||||||||
version_history.txt | cf24ba63cf4ec0a0dad4ff6c03d53642 | ASCII text, with CRLF line terminators | |||||||||
Executable_SHA-256.txt | 99dae2663529cb2a44fa9fe0a59b6182 | ASCII text, with no line terminators | |||||||||
BeaEngine.png | 7791f23b74f5ca927636ecd57e28671c | PNG image data, 1898 x 357, 8-bit/color RGBA, non-interlaced | |||||||||
BeaEngine_License.txt | 68524368cd470d2a6d32c72182f7e57e | ASCII text, with CRLF line terminators | |||||||||
Shellter_License.txt | f73e465a43eb7a1125b91be5dd3e7952 | ASCII text, with CRLF line terminators | |||||||||
calc | b69936d29c02434eca5b59fa4ddcf77c
| data | |||||||||
calcenc | 8504412d24964408a78c39b17db1783b
| data | |||||||||
info.txt | 689acd398c8148f3ad2e285535d9a950 | ASCII text, with CRLF line terminators | |||||||||
krb1 | 774a5c3d26017c021619247fa7c3e579 | data | |||||||||
krb3 | e9fd96d1a9f83de90511ba8b31d71a63
| data | |||||||||
shellter.exe | 709265ece639cf24cc608a3d702230f3
| PE32 executable (console) Intel 80386, for MS Windows, 5 sections |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | meth_peb_parsing |
Elastic Security YARA Rules | malware | Windows.Shellcode.Generic |
Elastic Security YARA Rules | malware | Windows.Trojan.Metasploit |
YARAhub by abuse.ch | malware | meth_get_eip |
Public Nextron YARA rules | malware | Hunting_Rule_ShikataGaNai |
YARAhub by abuse.ch | malware | meth_get_eip |
YARAhub by abuse.ch | malware | meth_peb_parsing |
Public Nextron YARA rules | malware | Hunting_Rule_ShikataGaNai |
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
www.shellterproject.com/Downloads/Shellter/Old/shellter_v6.9.zip | 38.242.134.114 | 332 kB | |||||||||||
Detections
HTTP Headers
| |||||||||||||