Report Overview
Visitedpublic
2025-03-13 07:35:28
Tags
Submit Tags
URL
codeload.github.com/steve824/a/zip/refs/heads/main
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.10
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
codeload.github.com 2 alert(s) on this Host | 62359 | 2007-10-09 | 2013-04-18 | 2025-03-12 | 518 B | 34 kB | 140.82.121.10 |
Related reports
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
codeload.github.com/steve824/a/zip/refs/heads/main
IP / ASN
140.82.121.10
File Overview
File TypeZip archive data, at least v1.0 to extract, compression method=store
Size33 kB (33293 bytes)
MD59f237787a989a6ae020e03448ec61f62
SHA16c57cb5b7781572dfb8052165e23161c58897f64
Archive (5)
| Filename | MD5 | File type |
|---|---|---|
| Cookie.zip | 3d2768095e43118a5eaaefc9666cf81d | Zip archive data, at least v2.0 to extract, compression method=deflate |
| cat.jpeg | 946bfb326d063f47d3fb99f273044363 | DOS batch file, ASCII text, with very long lines (5528), with CRLF line terminators |
| cat.siu | 946bfb326d063f47d3fb99f273044363 | DOS batch file, ASCII text, with very long lines (5528), with CRLF line terminators |
| chim.siu | f0941b097b92b150cbdc834f9acd10a7 | DOS batch file, ASCII text, with very long lines (5020), with CRLF line terminators |
| min2.png | 1829ce6688b3251d1a7787cea6390354 | DOS batch file, ASCII text, with very long lines (4489), with CRLF line terminators |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public Nextron YARA rules | malware | Detects suspicious PowerShell code that downloads from web sites |
| Public Nextron YARA rules | malware | Detects suspicious PowerShell code that downloads from web sites |
| Public Nextron YARA rules | malware | Detects suspicious PowerShell code that downloads from web sites |
| Public Nextron YARA rules | malware | Detects suspicious PowerShell code that downloads from web sites |
| VirusTotal | malicious | |
| ClamAV | malicious | Js.Infostealer.CookieStealer-10036722-0 |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|