Report Overview
Visitedpublic
2025-06-24 00:40:04
Tags
Submit Tags
URL
94.26.90.79:8080/mexalz.sh
Finishing URL
about:privatebrowsing
IP / ASN
94.26.90.79
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
94.26.90.79 3 alert(s) on this Host | unknown | unknown | No data | No data | 410 B | 3.0 kB | 94.26.90.79 |
Related reports
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2025-06-24 | medium | 94.26.90.79:8080/mexalz.sh | Detects Generic ShellScript Downloader |
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2025-06-24 | medium | 94.26.90.79 | Sinkholed |
ThreatFox
No alerts detected
File detected
URL
94.26.90.79:8080/mexalz.sh
IP / ASN
94.26.90.79
File Overview
File TypeBourne-Again shell script, ASCII text executable
Size2.7 kB (2670 bytes)
MD581d343ba43c17fd9194057b6f03b8322
SHA1bdf294f6ba6704aed1d2fae49a9eb42f63533eb9
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | Detects Generic ShellScript Downloader |
| VirusTotal | malicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|