Report - pastigacorsekali.com/sukuna-panel.zip

Report Overview

Visitedpublic

2025-04-08 00:59:03

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
pastigacorsekali.com	unknown	unknown	No data	No data	505 B	633 kB	66.29.153.153

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

pastigacorsekali.com/sukuna-panel.zip

IP / ASN

66.29.153.153

#22612 NAMECHEAP-NET

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=store

Size633 kB (633037 bytes)

MD5cd5d2a7eef19d37cfc19f3bf565b83de

SHA1a50d79b23151420e7fdbddf3463cd6c8ec3d8b44

SHA25616fbb44b7c668ff8e01e69c41d9880b9f75fe74b6f579e036a61802e9258cfd3

Archive (17)

Modified	Filename	Size	MD5	File type
2024-01-29 22:22	bypass.js	45 kB	9982b80feddea781cadc7e3d6bfdb99c	HTML document, ASCII text, with very long lines (752)
2024-01-29 22:22	CARS.js	12 kB	3165977f241aa97687cf15af9165df13	JavaScript source, ASCII text
2024-01-29 22:22	floodv2.js	627 kB	a0d2234b6ec4702fcdad91c240c107ac	JavaScript source, ASCII text, with very long lines (62616), with CRLF line terminators
2024-01-27 09:40	http-rose.js	24 kB	573dcd8c6b2ac07777ba977d2df1245c	JavaScript source, ASCII text, with CRLF line terminators
2024-01-29 22:22	HTTP.js	10 kB	273731557feb86fe5ce9b191e5502da1	JavaScript source, ASCII text, with CRLF line terminators
2024-01-29 22:22	mix.js	5.1 kB	8cccbbad6c79e0bf46de4498d020aefe	JavaScript source, ASCII text, with very long lines (451)
2024-01-29 22:22	.package-lock.json	31 kB	93a5b077a654666dbf7b54fa921f667a	JSON text data
2024-01-29 22:22	package-lock.json	31 kB	37012ca6abd99da8e0b9d0e65e33e6f1	JSON text data
2024-01-29 22:22	package.json	232 B	8ecd0e5c8ce9daa88cc2d4f3e900baf6	JSON text data
2024-01-29 22:22	proxy.txt	1.0 MB	09c96559fa686b7b33fca4ee837701f6	ASCII text, with CRLF, LF line terminators
2024-01-29 22:22	scrape.py	7.5 kB	2835cf884d2e550ede6a204ad5afb094	Python script, ASCII text executable, with CRLF line terminators
2024-01-29 22:22	TLS.js	8.5 kB	3fae7c7afd775110d0c9e9e71ff11605	ASCII text, with CRLF line terminators
2024-01-29 22:22	ua.txt	3.3 MB	782fe3942e07c86be9f37381ccd2fb31	Unicode text, UTF-8 text, with CRLF line terminators
2024-01-29 22:22	ZX.js	16 kB	36a36d91d83e0eb6b63f4da3ebb35f15	CSV ASCII text
2024-02-03 11:06	main.py	128 kB	e0c5562cd6ce24908caece6078848489	Python script, Unicode text, UTF-8 (with BOM) text executable, with very long lines (1461), with escape sequences
2024-01-29 22:22	paping.py	1.0 kB	2f0cf70c6a188ae7d99ea488bcc093a5	Python script, ASCII text executable
2024-01-29 22:22	requirements.txt	78 B	d4820af014394342b86a2b0ece837a38	ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Scans presence of the found strings using the in-house brute force method
YARAhub by abuse.ch	malware	Scans presence of the found strings using the in-house brute force method

JavaScript (0)

HTTP Transactions (1)

	URL	IP	Response	Size
	GET pastigacorsekali.com/sukuna-panel.zip	66.29.153.153	200 OK	633 kB
URL pastigacorsekali.com/sukuna-panel.zip IP / ASN 66.29.153.153 #22612 NAMECHEAP-NET Requested byN/A Resource Info File typeZip archive data, at least v2.0 to extract, compression method=store First Seen2025-04-08 Last Seen2025-04-08 Times Seen1 Size633 kB (633037 bytes) MD5cd5d2a7eef19d37cfc19f3bf565b83de SHA1a50d79b23151420e7fdbddf3463cd6c8ec3d8b44 SHA25616fbb44b7c668ff8e01e69c41d9880b9f75fe74b6f579e036a61802e9258cfd3 Certificate Info IssuerSectigo Limited Subjectpastigacorsekali.com FingerprintDA:D3:65:D0:1C:DE:C7:D6:A8:84:A4:4A:82:CC:08:09:17:0C:EA:81 ValidityMon, 08 Apr 2024 00:00:00 GMT - Tue, 08 Apr 2025 23:59:59 GMT HTTP Headers `GET /sukuna-panel.zip HTTP/1.1 Host: pastigacorsekali.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/zip last-modified: Sun, 12 May 2024 20:42:53 GMT accept-ranges: bytes content-length: 633037 date: Tue, 08 Apr 2025 00:58:40 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

File detected

Detections

JavaScript (0)

HTTP Transactions (1)

HTTP Headers