Report Overview
Visitedpublic
2026-01-04 06:54:33
Submit Tags
URL
x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Finishing URL
x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
IP / ASN
185.199.109.153
Title
Deep Analysis of Snake Keylogger - XJunior
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
4
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
x-junior.github.io 5 alert(s) on this Host | unknown | 2013-03-08 | 2022-06-07 | 2025-12-06 | 22 kB | 6.0 MB | 185.199.109.153 |      |
cdn.jsdelivr.net | 1678 | 2012-05-16 | 2012-09-30 | 2025-12-28 | 2.1 kB | 230 kB | 151.101.193.229 |
Varnish (Caching)
Varnish is a reverse caching proxy.Ruby (Programming languages)
Ruby is an open-source object-oriented programming language.Fastly (CDN)
Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video & streaming services.GitHub Pages (PaaS)
GitHub Pages is a static site hosting service.Jekyll (Static site generator)
Jekyll is a blog-aware, static site generator for personal, project, or organisation sites.Related reports
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | x-junior.github.io/assets/js/lunr/lunr-store.js | malware | Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen |
| YARAhub by abuse.ch | x-junior.github.io/assets/js/lunr/lunr-store.js | malware | Detects file containing Telegram Bot API |
| YARAhub by abuse.ch | x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html | malware | Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen |
| YARAhub by abuse.ch | x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html | malware | Detects file containing Telegram Bot API |
Telegram Bot detected (1)
URL
x-junior.github.io/assets/js/lunr/lunr-store.js
IP / ASN
185.199.109.153
Token
5392870078:AAEZf0ajeo_PMkBddeC_JE--NP4u4367N6c
Bot Overview
User ID5392870078
UsernameMagicallogs_bot
First NameMagicallogs
Last NameN/A
Chat Info
Chat ID1856108848
Chat Typeprivate
TitleN/A
User Count2
Admins0
Pending Msgs0
JavaScript (6)
No JavaScripts
HTTP Transactions (46)
| URL | IP | Response | Size |
|---|