Report Overview
Visitedpublic
2025-03-12 20:10:46
Tags
Submit Tags
URL
ashipetakun.com/wp2/tool/Ashipetakun1015.zip
Finishing URL
about:privatebrowsing
IP / ASN
183.90.250.43
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
ashipetakun.com | unknown | 2019-01-16 | 2025-03-12 | 2025-03-12 | 512 B | 12 MB | 183.90.250.43 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
ashipetakun.com/wp2/tool/Ashipetakun1015.zip
IP / ASN
183.90.250.43
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=deflate
Size12 MB (12414379 bytes)
MD575d60681f4bf17d942b956780e6a2879
SHA10a9f4e9405a7748e044a3dcafa9520c50ddd7180
Archive (30)
| Filename | MD5 | File type |
|---|---|---|
| 303ZT.dll | 3fc7c6d35b24a581c3d34d034e1cdd2a | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| 501HW.dll | 693b0a4b7b4974bb9303d5cbf6cb7b98 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| Ashipetakun.exe | 19dea9b66aab937ff4c309d721bd1bb3 | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| AU_W.dll | c5b43e763ca788b92f7b08e3dd897d54 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| AU_WX.dll | 3e982fff8ff2ff411383e8f98d16d81b | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| DynamicJson.dll | 9e09bb9c230f6a8ce0ae1da7d75798ed | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| genre.txt | 5db9945a39eb8f82dfab5a89931c64ae | CSV Non-ISO extended-ASCII text |
| License.dll | f8349906641675952213c83bf0090e9a | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| log4net.config | aa29f555cc956e45d10fce4d34452a3c | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators |
| log4net.dll | 7ea1429e71d83a1ccaa0942c4d7f1c41 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| Ashipetakun.log | 509ff962d7966d0499b577e47b55b54d | Non-ISO extended-ASCII text, with very long lines (360), with CRLF line terminators |
| Ashipetakun.log.2023-04-11 | 92dac154a91de0ae1684b9c4291229e7 | Non-ISO extended-ASCII text, with very long lines (490), with CRLF line terminators |
| Ashipetakun.log.2023-04-19 | aeeb0f80d9cccf57ff530edd7b10ab30 | Non-ISO extended-ASCII text, with CRLF line terminators |
| Ashipetakun.log.2023-04-23 | 87c85c7c93b2bab79b0c540e3bd016f9 | Non-ISO extended-ASCII text, with very long lines (570), with CRLF line terminators |
| Ashipetakun.log.2023-04-24 | 95de7d0fef61ec407234865c0da0dd4f | Non-ISO extended-ASCII text, with CRLF line terminators |
| Ashipetakun.log.2023-05-12 | a091563154987733b8e536942207336a | Non-ISO extended-ASCII text, with very long lines (363), with CRLF, NEL line terminators |
| Ashipetakun.log.2023-05-19 | 8bd504758f17525ea292a4994a224f94 | Non-ISO extended-ASCII text, with CRLF line terminators |
| Ashipetakun.log.2023-08-27 | fbdbef800a59ccb8752da65605af31b6 | Non-ISO extended-ASCII text, with very long lines (490), with CRLF, NEL line terminators |
| Ashipetakun.log.2023-09-01 | 1ed1b843f04dd97170570ed99d080c96 | Non-ISO extended-ASCII text, with CRLF line terminators |
| Ashipetakun.log.2023-11-04 | 197a8375269ba0c671c29b5fb43501d1 | Non-ISO extended-ASCII text, with CRLF line terminators |
| msedgedriver.exe | 0bc7895271e9fe1c963bb4f93c647325 | PE32+ executable (console) x86-64, for MS Windows, 13 sections |
| SB_HW.dll | b3ef723afc45521477e1cb518d70fe7d | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| SB_ZT.dll | a65affa162248af7d91167003e235045 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| useragent.txt | 9a4b62827105c8c4428c0371110bda64 | CSV ASCII text |
| W04.dll | 034b4c028809b379894fc0285fc0dafa | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| WebDriver.dll | eba746c509b4f4039ab3bfa095c90e45 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| Wx02.dll | 017a32033e9e120e8a8020a46a6603e5 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| SQLite.Interop.dll | 19d10199a0f525e3b7416a7814aade1b | PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 8 sections |
| SQLite.Interop.dll | 75278f5ebe41817b2d85aff60f84f7c6 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections |
| �L���b�V���N���A.lnk | 7e5a51d73bb506882f598a5e59e0953d | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Unicoded, MachineID sirius, EnableTargetMetadata KnownFolderID 1AC14E77-02E7-4E5D-B744-2EB1AE5198B7, Archive, ctime=Wed Jun 14 13:09:01 2017, atime=Wed Jun 14 13:09:01 2017, mtime=Thu Mar 30 15:03:43 2017, length=46080, window=normal, IDListSize 0x0139, Root folder "20D04FE0-3AEA-1069-A2D8-08002B30309D", Volume "C:\", LocalBasePath "C:\Windows\System32\rundll32.exe" |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public InfoSec YARA rules | malware | Identifies executable artefacts in shortcut (LNK) files. |
| Public InfoSec YARA rules | malware | Identifies execution artefacts in shortcut (LNK) files. |
| Public InfoSec YARA rules | malware | Identifies shortcut (LNK) file with a long relative path. Might be used in an attempt to hide the path. |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|