Report Overview
Submitted URL
antiseretbosanjaisokab.efile.biz.id/SC%20PANEL%20JASTEB%20ROHYS%20STORE%20AUTO%20RESS%202.zip
IP
104.21.60.237
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-23 08:47:01
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
antiseretbosanjaisokab.efile.biz.id | unknown | unknown | No data | No data | 547 B | 2.2 MB | 104.21.60.237 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
Files detected
URL
antiseretbosanjaisokab.efile.biz.id/SC%20PANEL%20JASTEB%20ROHYS%20STORE%20AUTO%20RESS%202.zip
IP
104.21.60.237
ASN
#13335 CLOUDFLARENET
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
2.2 MB (2222159 bytes)
Hash
50ed411831bc0cdd0b33848553f8a44e
422631b42d3ca0c9fd46a64a895df2ba064c5f4f
Archive (19)
Filename | Md5 | File type | |||
---|---|---|---|---|---|
apiii.php | 1c646754bb1eb29298db58dc5eca386f | PHP script, ASCII text | |||
085640775825.php | f89df5c1193a1d46afe70250037ed6bb | JavaScript source, ASCII text | |||
add.php | 6c7df1ee2a4ea517564758014de6932b | PHP script, ASCII text, with CRLF line terminators | |||
data.json | a2b18eb40394f1fca1bec0205a6db0e5 | JSON text data | |||
data.php | 9aaeb95887dc0524ef496cdb792be6e5 | PHP script, ASCII text | |||
delete.php | 271637d7f749ef7ac3cab5d8e255834e
| PHP script, ASCII text, with CRLF line terminators | |||
ganti.php | 30c0a44a8765e8e9e075b0fa636f5e5d
| PHP script, ASCII text, with CRLF line terminators | |||
index.php | 70108388c92dfa32673db505a659893b | HTML document, ASCII text, with very long lines (706) | |||
script.js | ac2cf6af18e38908934a3804eb11f5bd | JavaScript source, ASCII text | |||
style.css | 1718b9c01b40832f36f05b05b4f5a9a1 | ASCII text | |||
index.php | 6793526b0355090ee60f01f739eb2223 | HTML document, ASCII text, with very long lines (55615) | |||
index2.php | 9ed5bc9eec261a5dec3256bed5149872 | PHP script, ASCII text | |||
log-cpr.php | f591c03bc28af6e96eaacd5b70aebf3d | PHP script, ASCII text, with very long lines (2787) | |||
log-gen.php | 9d297d59664d0780618a9aa6552b7fbb | PHP script, ASCII text, with very long lines (53022) | |||
log-ip.php | 995be493d35a279f5693dbea6ba6c7bc | PHP script, ASCII text, with very long lines (986) | |||
logo.gif | c4795a824cb2af554bd0aa533ed2ace1 | ISO Media, MP4 Base Media v1 [ISO 14496-12:2003] | |||
logo.png | c755667d140888501b9902a21c714e0d | PNG image data, 2452 x 2560, 8-bit/color RGBA, non-interlaced | |||
send.php | 74abb82fa3e4f9cd091c1a9a6fd3102c | PHP script, Unicode text, UTF-8 text | |||
a1.mp3 | 88e944a60d45a517756d1a918ebe0115 | Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public Nextron YARA rules | malware | PHP webshell which only writes an uploaded file to disk |
Public Nextron YARA rules | malware | PHP webshell which only writes an uploaded file to disk |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |
---|---|---|---|---|
antiseretbosanjaisokab.efile.biz.id/SC%20PANEL%20JASTEB%20ROHYS%20STORE%20AUTO%20RESS%202.zip | 104.21.60.237 | 200 OK | 2.2 MB | |
HTTP Headers
| ||||