Report - bullywiiplaza.website/jdlb/JDuel.Links.Bot.zip

Report Overview

Visitedpublic

2024-10-19 23:57:07

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
bullywiiplaza.website	unknown	2019-04-27	2019-05-18	2024-01-01	500 B	5.8 MB	198.54.116.15

Related reports

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

bullywiiplaza.website/jdlb/JDuel.Links.Bot.zip

IP / ASN

198.54.116.15

#22612 NAMECHEAP-NET

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=deflate

Size5.8 MB (5752987 bytes)

MD50a68a03f93727eae9bb4833a2f5a7833

SHA1385104f4a6df98f29e3e02d2594ab6bb63d319af

SHA2569ecba10ad9d206b7a33f8871f3d83ac859458ab08e7204fa3532f2af5cfe6f41

Archive (18)

Modified	Filename	Size	MD5	File type
2024-08-11 09:29	boost_filesystem-vc143-mt-x64-1_84.dll	137 kB	306e96d9f88958e76eba3e01c84a653f	PE32+ executable (DLL) (console) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	bz2.dll	75 kB	5b68e99f06042f0c0ce8420cdb46b27e	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	curlpp.dll	218 kB	96544b52f830521072b9cbee0d5be1af	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	fmt.dll	141 kB	b37309e5f35388c96c3ef707468d158b	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	JDuel Links Bot.exe	2.0 MB	bbf93dfc085ffdb748e29467b03abe71	PE32+ executable (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	jpeg62.dll	676 kB	f1d14265348d092b6a889ddded33b6c8	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	libcurl.dll	571 kB	6b8ae6235c7cda4434ed5ffa44b150de	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	liblzma.dll	185 kB	de6b5e6f37ca816b2c9715248826cb17	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	libpng16.dll	202 kB	7940dc5e572e9de421715cf4a405c43f	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	libzippp.dll	52 kB	a869e3ad5fd3d49e98ff49fb3ca2f8cb	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	minizip.dll	47 kB	8a9641cf006da5bc9de3a1e3651ab213	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	pcre2-16.dll	526 kB	513fd5270e5259d04f3c5b567fb7476c	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:30	README.txt	230 B	24b5f2e86fbd614d55fc13b0d904afac	ASCII text, with CRLF line terminators
2024-08-11 09:29	tiff.dll	459 kB	a7827ee61491ba350bafc93c988e5e45	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	wxbase32u_vc_custom.dll	2.6 MB	b0f8e07f8a8941dfd620252dfa7350cf	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	wxmsw32u_core_vc_custom.dll	7.7 MB	eec0eafff5996a3d8156eec3c8543ef2	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	zip.dll	111 kB	030bfb56939d7fc22e3451a756207cd4	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2024-08-11 09:29	zlib1.dll	90 kB	428d93284f9d941af35091d47f909137	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	pe_detect_tls_callbacks
YARAhub by abuse.ch	malware	pe_detect_tls_callbacks
YARAhub by abuse.ch	malware	pe_detect_tls_callbacks
YARAhub by abuse.ch	malware	pe_detect_tls_callbacks
YARAhub by abuse.ch	malware	pe_detect_tls_callbacks
YARAhub by abuse.ch	malware	pe_detect_tls_callbacks
VirusTotal	suspicious	VirusTotal - Scan result 1/70

JavaScript (0)

HTTP Transactions (1)

	URL	IP	Response	Size