Report Overview
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
feiranx.mizbans.site | unknown | unknown | No data | No data | 486 B | 42 kB | 54.37.198.211 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
feiranx.mizbans.site/Remote_.zip
IP
54.37.198.211
ASN
#16276 OVH SAS
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
42 kB (41709 bytes)
Hash
b214a3a2c7e4a1ce770265dc934adede
acb1f49cb72c42fb82bd06646f331a3d2fb8709a
Archive (25)
Filename | Md5 | File type | |||
---|---|---|---|---|---|
sms.txt | 6b87f56904e0bcd54c2599534b90b3d4 | Unicode text, UTF-8 text, with very long lines (545), with CRLF, CR, LF line terminators | |||
jdf.php | df4b6e6c7131bcb694e14c1e9292477b | PHP script, Unicode text, UTF-8 text | |||
ftext.txt | ed7921806e4c671ee8aef04994558f22 | ASCII text, with no line terminators | |||
contact.php | 8aca037110cc31ba16fcff5a01b45a54
| PHP script, Unicode text, UTF-8 text, with CRLF line terminators | |||
num.txt | 54495605f0d9e34a0ba2f039b6b7a0e8 | ASCII text | |||
contact.txt | d5b101473236369625edb1116768531c | ASCII text | |||
smsbomber.txt | 3665a76e271ada5a75368b99f774e404 | ASCII text, with no line terminators | |||
nump | d41d8cd98f00b204e9800998ecf8427e | ||||
Amirsad.php | 093d250df6f97915a6ed39a79b51ef4f | PHP script, Unicode text, UTF-8 text | |||
fsms.txt | d41d8cd98f00b204e9800998ecf8427e | ||||
actionbuy.txt | 3262d48df5d75e3452f0f16b313b7808 | ASCII text, with no line terminators | |||
autohide.txt | 3262d48df5d75e3452f0f16b313b7808 | ASCII text, with no line terminators | |||
id.txt | 99999ebcfdb78df077ad2727fd00969f | ASCII text, with no line terminators | |||
error_log | 702ac8738dd393e76cdf95d2a73d6d7b | ASCII text, with very long lines (2841), with CRLF, LF line terminators | |||
admins | d41d8cd98f00b204e9800998ecf8427e | ||||
bomber.txt | 81c9469f1dd1f7b16fd062742923b9b3 | ASCII text, with no line terminators | |||
sms.php | 7d02a9a8b05438407c9aac1283fcdee6
| PHP script, Unicode text, UTF-8 text | |||
user.txt | 47ac794402167f308b0e3766d328988c | ASCII text, with no line terminators | |||
M2102J20SG-44.json | 393aca7fc169ca6d169fa03574fd4903 | JSON text data | |||
autohide | 3262d48df5d75e3452f0f16b313b7808 | ASCII text, with no line terminators | |||
actionfirst.txt | 3262d48df5d75e3452f0f16b313b7808 | ASCII text, with no line terminators | |||
actionhide.txt | 3262d48df5d75e3452f0f16b313b7808 | ASCII text, with no line terminators | |||
bot.php | a4eef074c4c3815d7c5fe4c6b3fdecaf | PHP script, Unicode text, UTF-8 text | |||
p | 6630b37a5e5c71c236e88b3a567a1ad5 | ASCII text, with no line terminators | |||
requests.php | 90a153978d9835755c2b858f45e448cc | PHP script, Unicode text, UTF-8 text |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public Nextron YARA rules | malware | PHP webshell which only writes an uploaded file to disk |
Public Nextron YARA rules | malware | PHP webshell which only writes an uploaded file to disk |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |
---|---|---|---|---|
feiranx.mizbans.site/Remote_.zip | 54.37.198.211 | 200 OK | 42 kB | |
HTTP Headers
| ||||