Report Overview

  1. Submitted URL

    188.119.103.198/1.zip

  2. IP

    188.119.103.198

    ASN

    #212238 Datacamp Limited

  3. Submitted

    2024-04-25 12:36:41

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    1

  4. Threat Detection Systems

    4

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
188.119.103.198unknownunknown2024-04-092024-04-11

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IP 188.119.103.198
ET INFO Dotted Quad Host ZIP Request

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS
SeverityIndicatorAlert
medium188.119.103.198Sinkholed

ThreatFox

No alerts detected


Files detected

  1. URL

    188.119.103.198/1.zip

  2. IP

    188.119.103.198

  3. ASN

    #212238 Datacamp Limited

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=store

    Size

    66 kB (66068 bytes)

  2. Hash

    fc92a1ee57b1b77906426333571de15c

    e093b4c32b080628934d8592fd026134c7a12eee

  1. Archive (43)

    2. FilenameMd5File type
    attack.c
    833fe72f78ed81eefc39929ba3592934
    		C source, ASCII text
    attack.h
    def12387dc1f240211ab3dbaf2c0efd2
    		C source, ASCII text
    attack_tcp.c
    698b30e7f78210afe6b73224aa62c262
    		C source, ASCII text, with very long lines (533)
    attack_udp.c
    ddbae63db19b9e743ac45c287dc25172
    		C source, ASCII text, with very long lines (2066)
    checksum.c
    19671d38817d0beeb6146d9597974ef4
    		C source, ASCII text
    checksum.h
    3b7ce958012a24c5fd24b229533993e9
    		C source, ASCII text
    includes.h
    1ce5f5c6a24ab3ac35ac643bb951d418
    		C source, ASCII text
    killer.c
    0436a341806efd10f418bacbb45023cb
    		C source, ASCII text
    killer.h
    7c212a16f6cb356055ed07721a3b8a06
    		C source, ASCII text
    main.c
    61d556ef3e7665c6a6f74a448198ae67
    		C source, Unicode text, UTF-8 text
    protocol.h
    3f19dc4f09da75db789c4389ad16dbd8
    		C source, ASCII text
    rand.c
    df308f8be2b17395cab248ec692b396e
    		C source, ASCII text
    rand.h
    e1d74f03b670a3e38c02b56562045243
    		C source, ASCII text
    resolv.c
    f6ef157161fa3e33e6b198a3a948935a
    		C source, ASCII text
    resolv.h
    afd4a1d53eea52da602813f6707b458c
    		C source, ASCII text
    table.c
    3bf2c807fe818f9281280338a0add2b5
    		C source, ASCII text
    table.h
    63587996a7050816a75f15fbb150439c
    		C source, ASCII text
    tcp.c
    fdfdbd950f9da3bd5968bc90c5d6007e
    		C source, ASCII text
    tcp.h
    35e8bb96bd5ff01dd031ec4dc83d8f6b
    		C source, ASCII text
    util.c
    2832b595e41c9bc783c9df5633d1b229
    		C source, ASCII text
    util.h
    e5a215258fe335c049c583ed257af8e6
    		C source, ASCII text
    build.sh
    8321e0c6f760016d97125fbc72c154d8
    		Bourne-Again shell script, ASCII text executable, with very long lines (348)
    build.sh
    56af8c2db8c24886208bdf6e95c09506
    		ASCII text
    cnc.c
    1886db4a089095391587af0f7696ed59
    		C source, ASCII text, with very long lines (314), with CRLF line terminators
    listen.go
    9838f00801a77bdb6ee224864cf20d07
    		ASCII text
    logins.txt
    c19fc22aa012818e46e740b80fdd38f7
    		ASCII text
    main.c
    3b351878cfaefeffa193ea932b3a7b4f
    		C source, ASCII text
    enc.c
    f76d5af3bc145d95e580fd036c64355b
    		C source, ASCII text
    help.txt
    eb1a9c8404812fd6148a4e97c0caea4e
    		Unicode text, UTF-8 text, with CRLF line terminators
    binary.c
    d4010cc8adf5b4e8e003ff08551d12fa
    		C source, ASCII text
    connection.c
    53f10cad8ff53a5dbbe7a443b45cdb8e
    		C source, ASCII text
    binary.h
    046c142c0c6704f31956f56233560c03
    		C source, ASCII text
    config.h
    025aa03e59dfb33a6a3a4c1d4f64cffd
    		C source, ASCII text, with CRLF line terminators
    connection.h
    190c0ce83d3efc8870373886e18d59e5
    		C source, ASCII text
    includes.h
    86ca66dd43f2f50c36337f183112d035
    		C source, ASCII text, with CRLF line terminators
    server.h
    8b59749d64c927cc04d2394ef6cd3554
    		C source, ASCII text
    telnet_info.h
    f7656c30fa72aa9f3719cc71c23ee3e7
    		C source, ASCII text
    util.h
    65a883b911f73875783df5ca2179d2e6
    		C source, ASCII text
    main.c
    d00074824f708eb2ab7a70c58692bac8
    		C source, ASCII text
    server.c
    aa178a44c383e170518d112e306e28b1
    		C source, ASCII text
    telnet_info.c
    a993b32c72d626aa3009981b6b9f0181
    		C source, ASCII text
    util.c
    4ed3221722a2061fc606b500e15953c2
    		C source, ASCII text
    tut.txt
    348de995c4a29f5ca65d7c7b4e869fef
    		Unicode text, UTF-8 text, with CRLF line terminators

    Detections

    AnalyzerVerdictAlert
    Elastic Security YARA Rulesmalware
    Linux.Trojan.Gafgyt
    VirusTotalsuspicious
    VirusTotal - Scan result 6/63

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
188.119.103.198/1.zip
188.119.103.198200 OK66 kB