Report Overview
Visitedpublic
2025-09-24 04:47:11
Tags
Submit Tags
URL
thecommunity.kesug.com/uploads/payload_1758598200_8012.txt
Finishing URL
thecommunity.kesug.com/uploads/payload_1758598200_8012.txt?i=1
IP / ASN
185.27.134.98
Title
thecommunity.kesug.com/uploads/payload_1758598200_8012.txt?i=1
Suspicious - Base64 encoded file
Detections
urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
6
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
thecommunity.kesug.com 22 alert(s) on this Host | unknown | 2023-08-16 | 2025-09-23 | 2025-09-23 | 2.2 kB | 52 kB | 185.27.134.98 |   |
errors.infinityfree.net | 3024566 | 2015-04-18 | 2022-05-27 | 2025-09-23 | 451 B | 610 B |  104.26.8.174 |  |
Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.OpenResty (Web servers)
OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Related reports
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| Nextron YARA rules | thecommunity.kesug.com/uploads/payload_1758598200_8012.txt?i=1 | malware | Detects an base64 encoded executable with reversed characters |
| DigiCert UltraDNS | thecommunity.kesug.com | malicious | Sinkholed |
| Hagezi Threat Feed | thecommunity.kesug.com | malicious | Sinkholed |
| Cloudflare DNS | thecommunity.kesug.com | malicious | Sinkholed |
| DNS0 Zero | thecommunity.kesug.com | malicious | Sinkholed |
| Quad9 DNS | thecommunity.kesug.com | malicious | Sinkholed |
File detected
URL
thecommunity.kesug.com/uploads/payload_1758598200_8012.txt?i=1
IP / ASN
185.27.134.98
File Overview
File TypePE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
Size37 kB (37239 bytes)
MD51920231370397e4d736a6ac738df2c7f
SHA1960685772a94ab710da77e7acbbe164a0582c9bf
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| VirusTotal | malicious |
JavaScript (2)
No JavaScripts
HTTP Transactions (5)
| URL | IP | Response | Size |
|---|