Report - rvn.suprnova.cc/cpuminer-multi-rel1.3.3-x64.7z

Report Overview

Visited public
2025-03-26 11:34:31
Tags
URL
rvn.suprnova.cc/cpuminer-multi-rel1.3.3-x64.7z
Finishing URL
about:privatebrowsing
IP / ASN
5.39.65.109
#16276 OVH SAS
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
rvn.suprnova.cc	unknown	2013-03-16	2018-02-01	2023-08-24	514 B	1.4 MB	5.39.65.109

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
rvn.suprnova.cc/cpuminer-multi-rel1.3.3-x64.7z
IP
5.39.65.109
ASN
#16276 OVH SAS

File type
7-zip archive data, version 0.4
Size
1.4 MB (1397829 bytes)
Hash
dea32e6d4a4c5817b8a372a871d69577
6f241ea6e85993a1c05c9f141141903106de594a
36082c14272c57fa43fb8aa85c62d2c20678ecb82ccd461e9d143e7e18994e3c

Archive (10)

Filename

Md5

File type

index.php

e6c92c7840add47de4bbd8060ead4c9a

PHP script, Unicode text, UTF-8 text, with CRLF line terminators

local-sample.php

4582429aed7d41857eaca58ec1e6cf4b

PHP script, ASCII text, with CRLF line terminators

websocket.htm

e0b0b9bd04620eafe556802648efbb33

HTML document, ASCII text, with CRLF line terminators

HELP.txt

58cc5806fc6cb5a285ea1125eaa31cf5

ASCII text, with CRLF line terminators

LICENSE.txt

dcd1bc877b1e7dbf673ab9e2a0c58dcd

ASCII text, with CRLF line terminators

RUN-RVN.cmd

c9ae1705ac6f87d9caabf0250860dd9f

ASCII text, with CRLF line terminators

README.txt

33f7e060a923f9c7cd4a731804161a1c

Unicode text, UTF-8 text, with CRLF line terminators

NEWS.txt

cbcc5aae9a840283d35cada79a6b1873

ASCII text, with CRLF line terminators

cpuminer-x64.exe

068acb420c2072d229a75a33466a39c6

PE32+ executable (console) x86-64, for MS Windows, 3 sections

msvcr120.dll

9c861c079dd81762b6c54e37597b7712

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects Crypto Miner strings
Public Nextron YARA rules	malware	Detects mining pool protocol string in Executable
Public Nextron YARA rules	malware	Detects command line parameters often used by crypto mining software
VirusTotal	malicious	VirusTotal - Scan result 30/62

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

rvn.suprnova.cc/cpuminer-multi-rel1.3.3-x64.7z

5.39.65.109

200 OK

1.4 MB

URL User Request GET
rvn.suprnova.cc/cpuminer-multi-rel1.3.3-x64.7z
IP
5.39.65.109:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subjectsuprnova.cc
Fingerprint0E:7C:1B:83:B6:F2:6C:D1:48:90:20:02:EF:BC:DF:B3:BD:70:5D:65
ValiditySun, 02 Feb 2025 19:38:16 GMT - Sat, 03 May 2025 19:38:15 GMT

File type
7-zip archive data, version 0.4
Size
1.4 MB (1397829 bytes)
Hash
dea32e6d4a4c5817b8a372a871d69577
6f241ea6e85993a1c05c9f141141903106de594a
36082c14272c57fa43fb8aa85c62d2c20678ecb82ccd461e9d143e7e18994e3c

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 30/62

HTTP Headers

GET /cpuminer-multi-rel1.3.3-x64.7z HTTP/1.1
Host: rvn.suprnova.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 26 Mar 2025 11:34:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: DENY
Last-Modified: Mon, 28 May 2018 21:08:56 GMT
ETag: "155445-56d4a868dca00"
Accept-Ranges: bytes
Content-Length: 1397829
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-7z-compressed

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (10)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers