Report Overview
Visitedpublic
2025-02-18 19:27:37
Tags
Submit Tags
URL
nanzzzzz.xpanelnanz.my.id/SC%20ADD%20CURL%20UTAMA%20LOGO%20GG.zip
Finishing URL
about:privatebrowsing
IP / ASN
172.67.186.117
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
nanzzzzz.xpanelnanz.my.id | unknown | 2024-11-26 | 2025-02-18 | 2025-02-18 | 531 B | 9.4 kB | 172.67.186.117 |
Related reports
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
nanzzzzz.xpanelnanz.my.id/SC%20ADD%20CURL%20UTAMA%20LOGO%20GG.zip
IP / ASN
172.67.186.117
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=deflate
Size8.5 kB (8456 bytes)
MD5a8f618d117ae45c2577fe05cd04cfea9
SHA1f084b094d7c390f2ea71dc1495d1288987ee224d
Archive (13)
| Filename | MD5 | File type |
|---|---|---|
| add.php | 276c8dc3f406eca24424d2fe6db3915b | PHP script, ASCII text, with CRLF line terminators |
| apiii.php | becbd19d60c61442a3fb67c3f2517544 | PHP script, ASCII text, with CRLF line terminators |
| data.php | 7d5ef3a91ca339c33a1689920ed88e81 | PHP script, ASCII text, with CRLF, LF line terminators |
| index.php | bcc09a84c3eca15ce07a6906cbf62a2e | HTML document, ASCII text, with CRLF line terminators |
| add.php | 6c7df1ee2a4ea517564758014de6932b | PHP script, ASCII text, with CRLF line terminators |
| data.json | 79e9f27f547fb486d25784a77e59172c | JSON text data |
| data.php | 42b5df933873b22db14f03214fe659af | PHP script, ASCII text |
| delete.php | 271637d7f749ef7ac3cab5d8e255834e | PHP script, ASCII text, with CRLF line terminators |
| ganti.php | 30c0a44a8765e8e9e075b0fa636f5e5d | PHP script, ASCII text, with CRLF line terminators |
| index.php | c778ec8337385d1ce4a24707dc10da4c | JavaScript source, ASCII text |
| script.js | ac2cf6af18e38908934a3804eb11f5bd | JavaScript source, ASCII text |
| style.css | 1718b9c01b40832f36f05b05b4f5a9a1 | ASCII text |
| script.js | 8d3e305898d02b028b3e6b7d7d9ba47f | ASCII text, with CRLF line terminators |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public Nextron YARA rules | malware | PHP webshell which only writes an uploaded file to disk |
| Public Nextron YARA rules | malware | PHP webshell which only writes an uploaded file to disk |
JavaScript (0)
No JavaScripts
HTTP Transactions (1)
| URL | IP | Response | Size |
|---|