{"report_id":"bd5a6e8e-2e3c-481a-b8a2-5b1fa7e970a7","version":6,"status":"done","tags":[],"date":"2025-05-05T06:32:01Z","url":{"schema":"http","addr":"bayanbox.ir/download/6495477456719586602/NLBrute-1.2-x64-1.2-x64-VPN-Edition.zip","fqdn":"bayanbox.ir","domain":"bayanbox.ir","tld":"ir"},"ip":{"addr":"31.214.168.209","port":0,"asn":60976,"as":"Parsan Lin Co. PJS","country":"Iran","country_code":"IR"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-14T06:32:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"bayanbox.ir","ip":{"addr":"31.214.168.209","port":443,"asn":60976,"as":"Parsan Lin Co. PJS","country":"Iran","country_code":"IR"},"domain_registered":"unknown","domain_rank":218537,"first_seen":"2012-12-21T05:05:12Z","last_seen":"2025-04-26T00:52:09.193495Z","alert_count":1,"request_count":1,"received_data":18933024,"sent_data":548,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"c579d1ee0c4a57b0b5a4869b1d211365","sha1":"ff0539fa7d26084484d3e143df4a1b2a79475147","sha256":"cc418d0486916cfaf9a1da062d764a2e4ff5ed5930eaa88d977ba2e2c2b95d10","sha512":"4b7c5986465ce912532d84b061ba4c3e8c565d596ddc492b7711647a3f59cfce88f10f089619fcb6b79ab4b110e6c11233b9ce97e88540538ffec54bec64853d","magic":"Zip archive data, at least v1.0 to extract, compression method=store","size":18932530,"url":{"schema":"https","addr":"bayanbox.ir/download/6495477456719586602/NLBrute-1.2-x64-1.2-x64-VPN-Edition.zip","fqdn":"bayanbox.ir","domain":"bayanbox.ir","tld":"ir"},"ip":{"addr":"31.214.168.209","port":443,"asn":60976,"as":"Parsan Lin Co. PJS","country":"Iran","country_code":"IR"},"archive":[{"path":"NLBrute 1.2 x64 \u0026 VPN - KeyGen/NLBrute 1.2 x64 \u0026 VPN - KeyGen.exe","filename":"NLBrute 1.2 x64 \u0026 VPN - KeyGen.exe","modified":"2017-04-19T12:14:51+03:00","Modified":"","magic":"PE32 executable (console) Intel 80386, for MS Windows, 10 sections","size":2583040,"md5":"62b039b2af7bf5f6abf35ef903024300","sha1":"4ae220e451482e839619c2e927752468e0eda8d5","sha256":"83d7f6eaf7fe075503ea6a0bc726633c34595a6eae7edd7deab95ab4d4a66fd5","sha512":"8abcf2fb422465fa578eb59e2788317ef88360551b675c964e03475a865e22dd4b86550bb442c1823fa72de059cedb438cac34538dcb291ccdb22fd34ee5433e","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2025-04-22","alert":"Scan result 45/72","trigger":"83d7f6eaf7fe075503ea6a0bc726633c34595a6eae7edd7deab95ab4d4a66fd5","verdict":"malicious","severity":"","comment":"malicious - 45/72","link":"https://www.virustotal.com/gui/file/83d7f6eaf7fe075503ea6a0bc726633c34595a6eae7edd7deab95ab4d4a66fd5","meta":null}]}},{"path":"NLBrute 1.2 x64 \u0026 VPN.exe","filename":"NLBrute 1.2 x64 \u0026 VPN.exe","modified":"2017-03-18T21:26:33+03:00","Modified":"","magic":"PE32+ executable (GUI) x86-64, for MS Windows, 9 sections","size":7865856,"md5":"91608c3ee9c91a2a1155abf519f97e92","sha1":"4950ce47bfe4f73e2c0372196527d247bc8a0c9f","sha256":"6e0dcbb9710aced2a00c8863b2fe295a9e7677a07d6fc4bbb100714d2ddf0d4d","sha512":"813ec8a6cc8bf5a42d8d534187e3c3bdbbe875286733aa82bfcf9a63c14b74d7ddd2c26758a154e9ed5b677166317b6c7c1e5d4fc408a48d5857904c19994066","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2025-03-07","alert":"Scan result 56/72","trigger":"6e0dcbb9710aced2a00c8863b2fe295a9e7677a07d6fc4bbb100714d2ddf0d4d","verdict":"malicious","severity":"","comment":"malicious - 56/72","link":"https://www.virustotal.com/gui/file/6e0dcbb9710aced2a00c8863b2fe295a9e7677a07d6fc4bbb100714d2ddf0d4d","meta":null}]}},{"path":"NLBrute 1.2 x64.exe","filename":"NLBrute 1.2 x64.exe","modified":"2016-08-04T04:47:10+03:00","Modified":"","magic":"PE32+ executable (GUI) x86-64, for MS Windows, 10 sections","size":9123328,"md5":"78dee6d98ef0305edf5e264f4b9e3389","sha1":"e89564f142b0900357ea5be5dfa5ec12a21f91ea","sha256":"f109dce14b8d7911ba69d6ac1309da3b93461c724cf327fd7be5d73eaae21572","sha512":"254a1dfd30dfed73de864cbca51c5673c4723796b9c3ccfc62cf8dd67b09abfe2786e8cf76ac0465f3a7582ab2a8c2c8ca163517fc4e607443b9cf9a4949fe7d","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2025-04-05","alert":"Scan result 54/72","trigger":"f109dce14b8d7911ba69d6ac1309da3b93461c724cf327fd7be5d73eaae21572","verdict":"malicious","severity":"","comment":"malicious - 54/72","link":"https://www.virustotal.com/gui/file/f109dce14b8d7911ba69d6ac1309da3b93461c724cf327fd7be5d73eaae21572","meta":null}]}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-02","alert":"Scan result 53/69","trigger":"cc418d0486916cfaf9a1da062d764a2e4ff5ed5930eaa88d977ba2e2c2b95d10","verdict":"malicious","severity":"","comment":"malicious - 53/69","link":"https://www.virustotal.com/gui/file/cc418d0486916cfaf9a1da062d764a2e4ff5ed5930eaa88d977ba2e2c2b95d10","meta":null}]}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"c579d1ee0c4a57b0b5a4869b1d211365","sha1":"ff0539fa7d26084484d3e143df4a1b2a79475147","sha256":"cc418d0486916cfaf9a1da062d764a2e4ff5ed5930eaa88d977ba2e2c2b95d10","sha512":"4b7c5986465ce912532d84b061ba4c3e8c565d596ddc492b7711647a3f59cfce88f10f089619fcb6b79ab4b110e6c11233b9ce97e88540538ffec54bec64853d","magic":"Zip archive data, at least v1.0 to extract, compression method=store","size":18932530,"url":{"schema":"https","addr":"bayanbox.ir/download/6495477456719586602/NLBrute-1.2-x64-1.2-x64-VPN-Edition.zip","fqdn":"bayanbox.ir","domain":"bayanbox.ir","tld":"ir"},"ip":{"addr":"31.214.168.209","port":443,"asn":60976,"as":"Parsan Lin Co. PJS","country":"Iran","country_code":"IR"},"archive":[{"path":"NLBrute 1.2 x64 \u0026 VPN - KeyGen/NLBrute 1.2 x64 \u0026 VPN - KeyGen.exe","filename":"NLBrute 1.2 x64 \u0026 VPN - KeyGen.exe","modified":"2017-04-19T12:14:51+03:00","Modified":"","magic":"PE32 executable (console) Intel 80386, for MS Windows, 10 sections","size":2583040,"md5":"62b039b2af7bf5f6abf35ef903024300","sha1":"4ae220e451482e839619c2e927752468e0eda8d5","sha256":"83d7f6eaf7fe075503ea6a0bc726633c34595a6eae7edd7deab95ab4d4a66fd5","sha512":"8abcf2fb422465fa578eb59e2788317ef88360551b675c964e03475a865e22dd4b86550bb442c1823fa72de059cedb438cac34538dcb291ccdb22fd34ee5433e","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2025-04-22","alert":"Scan result 45/72","trigger":"83d7f6eaf7fe075503ea6a0bc726633c34595a6eae7edd7deab95ab4d4a66fd5","verdict":"malicious","severity":"","comment":"malicious - 45/72","link":"https://www.virustotal.com/gui/file/83d7f6eaf7fe075503ea6a0bc726633c34595a6eae7edd7deab95ab4d4a66fd5","meta":null}]}},{"path":"NLBrute 1.2 x64 \u0026 VPN.exe","filename":"NLBrute 1.2 x64 \u0026 VPN.exe","modified":"2017-03-18T21:26:33+03:00","Modified":"","magic":"PE32+ executable (GUI) x86-64, for MS Windows, 9 sections","size":7865856,"md5":"91608c3ee9c91a2a1155abf519f97e92","sha1":"4950ce47bfe4f73e2c0372196527d247bc8a0c9f","sha256":"6e0dcbb9710aced2a00c8863b2fe295a9e7677a07d6fc4bbb100714d2ddf0d4d","sha512":"813ec8a6cc8bf5a42d8d534187e3c3bdbbe875286733aa82bfcf9a63c14b74d7ddd2c26758a154e9ed5b677166317b6c7c1e5d4fc408a48d5857904c19994066","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2025-03-07","alert":"Scan result 56/72","trigger":"6e0dcbb9710aced2a00c8863b2fe295a9e7677a07d6fc4bbb100714d2ddf0d4d","verdict":"malicious","severity":"","comment":"malicious - 56/72","link":"https://www.virustotal.com/gui/file/6e0dcbb9710aced2a00c8863b2fe295a9e7677a07d6fc4bbb100714d2ddf0d4d","meta":null}]}},{"path":"NLBrute 1.2 x64.exe","filename":"NLBrute 1.2 x64.exe","modified":"2016-08-04T04:47:10+03:00","Modified":"","magic":"PE32+ executable (GUI) x86-64, for MS Windows, 10 sections","size":9123328,"md5":"78dee6d98ef0305edf5e264f4b9e3389","sha1":"e89564f142b0900357ea5be5dfa5ec12a21f91ea","sha256":"f109dce14b8d7911ba69d6ac1309da3b93461c724cf327fd7be5d73eaae21572","sha512":"254a1dfd30dfed73de864cbca51c5673c4723796b9c3ccfc62cf8dd67b09abfe2786e8cf76ac0465f3a7582ab2a8c2c8ca163517fc4e607443b9cf9a4949fe7d","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2025-04-05","alert":"Scan result 54/72","trigger":"f109dce14b8d7911ba69d6ac1309da3b93461c724cf327fd7be5d73eaae21572","verdict":"malicious","severity":"","comment":"malicious - 54/72","link":"https://www.virustotal.com/gui/file/f109dce14b8d7911ba69d6ac1309da3b93461c724cf327fd7be5d73eaae21572","meta":null}]}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-02","alert":"Scan result 53/69","trigger":"cc418d0486916cfaf9a1da062d764a2e4ff5ed5930eaa88d977ba2e2c2b95d10","verdict":"malicious","severity":"","comment":"malicious - 53/69","link":"https://www.virustotal.com/gui/file/cc418d0486916cfaf9a1da062d764a2e4ff5ed5930eaa88d977ba2e2c2b95d10","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"bayanbox.ir/download/6495477456719586602/NLBrute-1.2-x64-1.2-x64-VPN-Edition.zip","fqdn":"bayanbox.ir","domain":"bayanbox.ir","tld":"ir"},"ip":{"addr":"31.214.168.209","port":443,"asn":60976,"as":"Parsan Lin Co. PJS","country":"Iran","country_code":"IR"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-05-05T06:31:25.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bayan.ir","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 09 Apr 2025 16:16:39 GMT","end":"Tue, 08 Jul 2025 16:16:38 GMT"},"fingerprint":{"sha1":"26:B6:75:50:89:AF:15:6E:DF:C9:71:73:55:B9:9C:08:02:3C:31:74","sha256":"28:6B:A4:86:C4:B9:C1:24:54:66:66:ED:9E:A7:A2:82:D9:ED:F2:C6:81:CB:DE:90:F6:A0:0F:3B:58:8A:F5:8E"}}},"request":{"raw":"GET /download/6495477456719586602/NLBrute-1.2-x64-1.2-x64-VPN-Edition.zip HTTP/1.1\r\nHost: bayanbox.ir\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 May 2025 06:31:26 GMT\r\ncontent-type: application/zip\r\ncontent-length: 18932530\r\ncontent-disposition: attachment; filename*=utf-8''NLBrute%201.2%20x64%20%26%201.2%20x64%20VPN%20Edition.zip\r\nexpires: Thu, 08 May 2025 06:31:26 GMT\r\ncontent-md5: xXnR7gxKV7C1pIabHSETZQ==\r\nlast-modified: Sun, 30 Apr 2017 15:41:33 GMT\r\netag: \"c579d1ee0c4a57b0b5a4869b1d211365\"\r\ncache-control: public\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18932530,"size_decoded":0,"mime_type":"application/zip","magic":"Zip archive data, at least v1.0 to extract, compression method=store","md5":"c579d1ee0c4a57b0b5a4869b1d211365","sha1":"ff0539fa7d26084484d3e143df4a1b2a79475147","sha256":"cc418d0486916cfaf9a1da062d764a2e4ff5ed5930eaa88d977ba2e2c2b95d10","sha512":"4b7c5986465ce912532d84b061ba4c3e8c565d596ddc492b7711647a3f59cfce88f10f089619fcb6b79ab4b110e6c11233b9ce97e88540538ffec54bec64853d","ssdeep":"393216:aQbJMhKTEZA8hixFCNd2pBKHw3GSRzAJEMLPojKVMM7:uhKbsNCBKQ3nRzA7PaKOM7","tlshash":"15173382a9ebe7a4cc41f3a0d2f31e218f74444a11ff6338150fba1a76d36556853f6a","first_seen":"2025-05-05T06:32:06.894724Z","last_seen":"2025-05-05T06:32:06.894724Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16033,"timings":{"blocked":346,"dns":11,"connect":106,"send":0,"wait":128,"receive":15212,"ssl":226},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-02","alert":"Scan result 53/69","trigger":"cc418d0486916cfaf9a1da062d764a2e4ff5ed5930eaa88d977ba2e2c2b95d10","verdict":"malicious","severity":"","comment":"malicious - 53/69","link":"https://www.virustotal.com/gui/file/cc418d0486916cfaf9a1da062d764a2e4ff5ed5930eaa88d977ba2e2c2b95d10","meta":null}],"urlquery":null}}]}