Report Overview

  1. Submitted URL

    github.com/NebuTech/NBMiner/releases/download/v42.3/NBMiner_42.3_Win.zip

  2. IP

    140.82.121.4

    ASN

    #36459 GITHUB

  3. Submitted

    2024-04-23 15:33:41

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  1. urlquery

    0

  2. Network Intrusion Detection

    0

  3. Threat Detection Systems

    20

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
objects.githubusercontent.com1340602014-02-062021-11-012024-04-23
github.com14232007-10-092016-07-132024-03-24

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


Files detected

  1. URL

    objects.githubusercontent.com/github-production-release-asset-2e65be/135897748/1fd9a584-7bc0-412f-9e32-7771f2b3de20?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240423%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240423T153313Z&X-Amz-Expires=300&X-Amz-Signature=22a5c453aed5800c30d78b2ae1fc465d3a193bcd83d3eefac853ccbfcb46447f&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=135897748&response-content-disposition=attachment%3B%20filename%3DNBMiner_42.3_Win.zip&response-content-type=application%2Foctet-stream

  2. IP

    185.199.108.133

  3. ASN

    #54113 FASTLY

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=deflate

    Size

    12 MB (11541914 bytes)

  2. Hash

    6418d3c7e009dabd832c4a9d34915721

    0eec205955abf5744578cfc0a10672ee28afc861

  1. Archive (14)

  2. FilenameMd5File type
    modify_tdr_delay.reg
    58c1420ffe9046fec8c3cbb71dd90c64
    ASCII text
    nbminer.exe
    a7400236ffab02ae5af5c9a0f61e7300
    PE32+ executable (console) x86-64, for MS Windows, 9 sections
    nbminer.exe.sha256
    33f44708b0e435c4f07af7c2c5c34a98
    ASCII text
    open_web_monitor.url
    067e5b68a8f827a58d1948f1e9adf1a2
    MS Windows 95 Internet shortcut text (URL=<http://127.0.0.1:22333/>), ASCII text
    readme.md
    17b7861968abf491b2a7eff3c602c4ec
    Unicode text, UTF-8 text, with very long lines (376), with CRLF line terminators
    start_ae.bat
    6b9bff08bee0fafc24c5dd8e0b90beda
    ASCII text, with CRLF line terminators
    start_beam.bat
    63e58183edfa38cb01ccaf324f6111a7
    ASCII text, with CRLF line terminators
    start_config.bat
    838af1b21709a000c8154188f053ad68
    ASCII text, with CRLF line terminators
    start_conflux.bat
    1d844af625bfdf1288e594ee1e8d6133
    ASCII text, with CRLF line terminators
    start_ergo.bat
    7d654dde2c56a9a4013f30aa3ee2e139
    ASCII text, with CRLF line terminators
    start_etc.bat
    715a0a36afd0a8cffe355c1cce1743c4
    ASCII text, with CRLF line terminators
    start_eth.bat
    432a428c2de6191f569203eefb6cb364
    ASCII text, with CRLF line terminators
    start_eth_overclock.bat
    3bea17ef6d613fe8edf8d983f4764553
    ASCII text, with CRLF line terminators
    start_rvn.bat
    8ff7f162656e695c0fed918c3fa2598e
    ASCII text, with CRLF line terminators

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    Public Nextron YARA rulesmalware
    Detects command line parameters often used by crypto mining software
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    Public Nextron YARA rulesmalware
    Detects command line parameters often used by crypto mining software
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    Public Nextron YARA rulesmalware
    Detects command line parameters often used by crypto mining software
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    Public Nextron YARA rulesmalware
    Detects command line parameters often used by crypto mining software
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    Public Nextron YARA rulesmalware
    Detects command line parameters often used by crypto mining software
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    Public Nextron YARA rulesmalware
    Detects command line parameters often used by crypto mining software
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    Public Nextron YARA rulesmalware
    Detects command line parameters often used by crypto mining software
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    Public Nextron YARA rulesmalware
    Detects command line parameters often used by crypto mining software
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    Public Nextron YARA rulesmalware
    Detects command line parameters often used by crypto mining software
    VirusTotalmalicious

JavaScript (0)

HTTP Transactions (2)

URLIPResponseSize
github.com/NebuTech/NBMiner/releases/download/v42.3/NBMiner_42.3_Win.zip
140.82.121.4302 Found0 B
objects.githubusercontent.com/github-production-release-asset-2e65be/135897748/1fd9a584-7bc0-412f-9e32-7771f2b3de20?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240423%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240423T153313Z&X-Amz-Expires=300&X-Amz-Signature=22a5c453aed5800c30d78b2ae1fc465d3a193bcd83d3eefac853ccbfcb46447f&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=135897748&response-content-disposition=attachment%3B%20filename%3DNBMiner_42.3_Win.zip&response-content-type=application%2Foctet-stream
185.199.108.133200 OK12 MB