Report Overview
Visitedpublic
2025-04-12 21:38:43
Tags
Submit Tags
URL
www-x-jfglzs-x-com.img.addlink.cn/software/jfgl.zip
Finishing URL
about:privatebrowsing
IP / ASN
60.247.153.76
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
www-x-jfglzs-x-com.img.addlink.cn 1 alert(s) on this Host | unknown | 2005-03-23 | 2025-04-12 | 2025-04-12 | 519 B | 7.6 MB | 211.149.251.114 |
Related reports
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
www-x-jfglzs-x-com.img.addlink.cn/software/jfgl.zip
IP / ASN
211.149.251.114
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=deflate
Size7.6 MB (7605493 bytes)
MD526b0f6329f9fb710af9980e5b17dd046
SHA116935d6e67eab711f5877c5d44deb056daa749a3
Archive (10)
| Filename | MD5 | File type |
|---|---|---|
| ��װ������Ƶ.url | 52a1881119a3f00626128c97d3c5c7b7 | Generic INItialization configuration [InternetShortcut] |
| ���ü����ֶι�������Ϣ��������.url | 8c1cab7b465e5cd71d7b4f8495be4a3a | Generic INItialization configuration [InternetShortcut] |
| ��ַ�ڰ�����(������ֱ�ӵ��룬�����ɸ�����ַ��IP).xml | 227086982c925ab64c79c24bfea53a90 | XML 1.0 document, ASCII text, with CRLF line terminators |
| ��1��.�ȹر�defender����.docx | 801464139ac1947ef997a41995447d17 | Microsoft Word 2007+ |
| ��2��.��ֹdefender(���룺123).zip | 98721056b22c9df51b56e99a71b27a6c | Zip archive data, at least v2.0 to extract, compression method=deflate |
| Wub.exe | 82aff8883099cf75462057c4e47e88ac | PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections |
| Wub.ini | ad285356ba487d68323d88a9f364ae3e | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
| Wub_x64.exe | 9d6778f7f274f7ecd4e7e875a7268b64 | PE32+ executable (GUI) x86-64, for MS Windows, 5 sections |
| ��Ҫ˵��.doc | 2cb9d1db6fd05312d82a5a2849811163 | Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1200, Locale ID: 2052, Title: 1,oK5PYb}uQ'3, Author: o(, Template: Normal, Last Saved By: #, Revision Number: 41, Total Editing Time: Wed Jan 10 16:00:00 1900, Create Time/Date: Sat Dec 28 02:21:00 2013, Last Saved Time/Date: Thu Apr 3 01:14:35 2025, Number of Pages: 5, Number of Words: 1778, Number of Characters: 2019, Name of Creating Application: WPS Office_12.1.0.20305_F1E327B, Security: 0 |
| setup(��ѹ���룺123).zip | 9a9dcaf6e90e8283b3e46b0f187d1f18 | Zip archive data, at least v2.0 to extract, compression method=deflate |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public InfoSec YARA rules | malware | Identifies compiled AutoIT script (as EXE). |
| Public InfoSec YARA rules | malware | Identifies compiled AutoIT script (as EXE). |
| VirusTotal | suspicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|