Report Overview

  1. Submitted URL

    besttheme.net/download/wordpress/whitemag.zip

  2. IP

    148.72.158.137

    ASN

    #30083 AS-30083-GO-DADDY-COM-LLC

  3. Submitted

    2024-03-28 11:04:14

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    0

  4. Threat Detection Systems

    3

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
besttheme.netunknown2010-05-122012-08-072024-02-10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    besttheme.net/download/wordpress/whitemag.zip

  2. IP

    148.72.158.137

  3. ASN

    #30083 AS-30083-GO-DADDY-COM-LLC

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=deflate

    Size

    362 kB (361705 bytes)

  2. Hash

    c4ef647ba78dbaaa8e08e59ce8618cb9

    2822cf38a23e6077f49f60b71cd2bc08af562e79

  1. Archive (121)

    2. FilenameMd5File type
    404.php
    4d15ee432e9f853e63a2a9b278cadb6d
    		PHP script, ASCII text, with CRLF line terminators
    admin-functions.php
    a26fffec31203074de77c0445fdc0d4a
    		JavaScript source, ASCII text, with very long lines (306)
    admin-interface.php
    54874eb6f6005ebbaa8b22de02838b0f
    		JavaScript source, ASCII text
    admin-style.css
    6293787ab9b4640785856719f20384f3
    		ASCII text
    colorpicker.css
    93b007836cafea87253f845c5c360e64
    		ASCII text
    2cl.png
    6d309b5032c6981e7f0f947b014efaf7
    		PNG image data, 45 x 36, 8-bit/color RGBA, non-interlaced
    2cr.png
    8236f70c466b02601d9b9357467d0735
    		PNG image data, 45 x 36, 8-bit/color RGBA, non-interlaced
    3cm.png
    336290ffeb0804c86ae7e2eb9346adab
    		PNG image data, 45 x 36, 8-bit/color RGBA, non-interlaced
    3cr.png
    01eaaf0c119937bb69edd4518b3a7335
    		PNG image data, 45 x 36, 8-bit/color RGBA, non-interlaced
    accept.png
    b1225bb3ee3bde028fd50a9b962288ef
    		PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
    blank.gif
    d60a1cb0e1e9b9a8abc64214bb749a55
    		GIF image data, version 89a, 3 x 3
    colorpicker_background.png
    a79f1a2a81bfe3ed1c2ca4c41b8e1fbf
    		PNG image data, 356 x 176, 8-bit/color RGBA, non-interlaced
    colorpicker_hex.png
    16d6870c36e379c06fb26ebd2e16bf44
    		PNG image data, 72 x 44, 8-bit/color RGB, non-interlaced
    colorpicker_hsb_b.png
    2be4e81b4a5c98674abe6fc60b447e9a
    		PNG image data, 62 x 66, 8-bit/color RGB, non-interlaced
    colorpicker_hsb_h.png
    d47409a203bedc76b26dc60b71a69f6b
    		PNG image data, 62 x 66, 8-bit/color RGB, non-interlaced
    colorpicker_hsb_s.png
    5ff5e43ab6b7b41b6123bfab692a9b19
    		PNG image data, 62 x 66, 8-bit/color RGB, non-interlaced
    colorpicker_indic.gif
    f485d07540a89502e36dc1a55cec05d0
    		GIF image data, version 89a, 35 x 9
    colorpicker_overlay.png
    c7a33805ffda0d32bd2a9904c8b02750
    		PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
    colorpicker_rgb_b.png
    2be4e81b4a5c98674abe6fc60b447e9a
    		PNG image data, 62 x 66, 8-bit/color RGB, non-interlaced
    colorpicker_rgb_g.png
    dc17f953a6febbe174e92b54690586c3
    		PNG image data, 62 x 66, 8-bit/color RGB, non-interlaced
    colorpicker_rgb_r.png
    87eeb205d093b713b68a341771f4ee27
    		PNG image data, 62 x 66, 8-bit/color RGB, non-interlaced
    colorpicker_select.gif
    cec464162af0cce10348e7bb7701ef86
    		GIF image data, version 89a, 11 x 11
    colorpicker_submit.png
    12d1746e6b52e007f1b78d772d9248ba
    		PNG image data, 22 x 44, 8-bit/color RGB, non-interlaced
    select.png
    e88aeeb3bfac6ed9a684a0a43fdc88c4
    		PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
    favicon.ico
    a2dec47a071074d1fd4e7309c408479c
    		MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
    icon_option.png
    bb7bf03dd044b11aa1f74dea63415c8b
    		PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
    loading-bottom.gif
    e87507f98b78b46470a9ad225b9fd26f
    		GIF image data, version 89a, 16 x 16
    ui-bg_flat_0_aaaaaa_40x100.png
    2a44fbdb7360c60122bcf6dcef0387d8
    		PNG image data, 40 x 100, 8-bit/color RGBA, non-interlaced
    warning.png
    52518eb7721ea8209114bd23fdd3e380
    		PNG image data, 24 x 19, 8-bit/color RGBA, non-interlaced
    wrench.png
    891212eeda066b3aefb5fc0505ee74c0
    		PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
    ajaxupload.js
    55f42798522a2a86f8929f6ccef2f742
    		JavaScript source, ASCII text
    colorpicker.js
    b1ad418f2b4e126f1ae31cdd8077fe39
    		JavaScript source, ASCII text, with very long lines (1023)
    jquery.maskedinput-1.2.2.js
    f333a820c778d314464c4d2b837bd2dc
    		JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
    theme-functions.php
    844f9c32615cd9a73563db7733971905
    		PHP script, ASCII text
    theme-options.php
    07eea0be039ec7000c0193149733bf17
    		PHP script, ASCII text, with CRLF line terminators
    archive.php
    fb4f05652c42a08af24597c2100d0e8a
    		PHP script, ASCII text, with CRLF line terminators
    attachment.php
    c52d43b55ff99eb2fb3b76a13e5f3fbf
    		PHP script, ASCII text
    author.php
    0070061f894e34a0afabe785ee718074
    		PHP script, ASCII text, with CRLF line terminators
    category.php
    4035871239784034de02921ceef7dee3
    		PHP script, ASCII text, with CRLF line terminators
    comments.php
    4a0fecc7478d57633b415b54a94f76eb
    		PHP script, ASCII text
    editor-style.css
    d12040ae04d6cbad3f3b88a04da20141
    		ASCII text
    editor-style-rtl.css
    056e395a920d36ee40b398ac8e173879
    		ASCII text
    acosmin.eot
    8ffdc2303c22e4e05bcfaaf1e002b1fd
    		Embedded OpenType (EOT), Calvert MT family
    acosmin.TTF
    6ba200ecfed8d94250eb564774664c73
    		TrueType Font data, 17 tables, 1st "LTSH", 21 names, Macintosh, Digitized data copyright � 2000 The Monotype Corporation. All rights reserved. Calvert � is a tr
    acosmin2.eot
    8c7debdc1c9a1ebbc8a32ff89c5cb3a4
    		Embedded OpenType (EOT), Calvert MT family
    acosmin2.TTF
    8b33ead30b5235d068341a344814f3ad
    		TrueType Font data, 17 tables, 1st "LTSH", 21 names, Macintosh, Digitized data copyright � 2000 The Monotype Corporation. All rights reserved. Calvert � is a tr
    footer.php
    9a285b25679c722ff417e8875ee0df71
    		PHP script, ASCII text, with very long lines (708), with CRLF line terminators
    functions.php
    df799419a06ab86fc47c1e850cdc3320
    		PHP script, ASCII text, with very long lines (623), with CRLF line terminators
    header.php
    753088620509cb7e5ed123fb97d8212f
    		JavaScript source, ASCII text, with CRLF line terminators
    accessbg.png
    6050415245e64d22dc96549a48dbd1de
    		PNG image data, 8 x 49, 8-bit/color RGB, non-interlaced
    defaultthumb.jpg
    2d7570cd54629943d6aa721bb52972e9
    		JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 281x106, components 3
    footbg.png
    9e9b93bc186ffdaf3c9681dd91b1d11c
    		PNG image data, 102 x 119, 8-bit/color RGBA, non-interlaced
    footcopybg.png
    ffe0741011721868d9f123ddd4b99ef1
    		PNG image data, 129 x 26, 8-bit/color RGBA, non-interlaced
    footlibg.png
    71c4a588a875dc39d726676de282aa7e
    		PNG image data, 127 x 9, 8-bit/color RGBA, non-interlaced
    insidebar.png
    6f29259a0301a6229b012d2de25170ac
    		PNG image data, 14 x 14, 8-bit/color RGB, non-interlaced
    nav_bg.gif
    3d89053066a78797f056ffbbc1d2a7ef
    		GIF image data, version 89a, 55 x 55
    nav_seperator.gif
    0fbd04ebb07592782579659089d3644a
    		GIF image data, version 89a, 2 x 54
    sliderbg.png
    df0884a85e5f42f5d785847b939472a1
    		PNG image data, 37 x 43, 8-bit/color RGB, non-interlaced
    fb.png
    0603e11fa8b9a27e98eceee723c90c35
    		PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
    flickr.png
    56a9535277e61e16598dbd30279f96eb
    		PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
    rss.png
    c1bdd23987a191fd50e0b3b1fd9eb5be
    		PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
    tw.png
    0ad4ceeac0e7e2af31ba803673a08300
    		PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
    youtube.png
    057fd9352d4652a2d7e1af31e6f419e9
    		PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
    index.php
    0a041230a677b36b0b7b188d4e57373a
    		PHP script, ASCII text, with CRLF line terminators
    blue_auto.png
    280c788f7c379483875a70dade239240
    		PNG image data, 9 x 26, 8-bit/color RGBA, non-interlaced
    blue_next.png
    2d3e1480aec878a035d03552b5696218
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    blue_pager.png
    95eb02ba0d83ca51b279f8395f7a5687
    		PNG image data, 19 x 40, 8-bit/color RGBA, non-interlaced
    blue_prev.png
    5578fe15c19b7fbc85d4844f8f22dbdf
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    bx_styles.css
    cb0d0cd034b56ec504a2526b626ce140
    		ASCII text, with CRLF line terminators
    gray_auto.png
    e97aead6061066363187e69f980a73c2
    		PNG image data, 9 x 26, 8-bit/color RGBA, non-interlaced
    gray_next.png
    5c7b89c4c38e64370ab0790217a4494c
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    gray_pager.png
    4468832bf43c1df1acb8edfd5ec21aef
    		PNG image data, 19 x 40, 8-bit/color RGBA, non-interlaced
    gray_prev.png
    567eade488349fdc68ba73799ad366ce
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    green_auto.png
    3e99f3a9074885fe04264009af60bf58
    		PNG image data, 9 x 26, 8-bit/color RGBA, non-interlaced
    green_next.png
    cb67f2b0c0d348d58ba0eab46d1297d7
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    green_pager.png
    3d503ad4790e510d50d0f45661ca4a5c
    		PNG image data, 19 x 40, 8-bit/color RGBA, non-interlaced
    green_prev.png
    66215a1c8bdf25f8bd2fbe88d0ac78be
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    orange_auto.png
    5f623c4e94b3346880b877b9d59ec065
    		PNG image data, 9 x 26, 8-bit/color RGBA, non-interlaced
    orange_next.png
    e20405162b3ebcf9d53c7892887a64bd
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    orange_pager.png
    8785cf196ac13695f4143a658866dcea
    		PNG image data, 19 x 40, 8-bit/color RGBA, non-interlaced
    orange_prev.png
    f265ce84d603bad93272d4e2ddd9ad22
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    purple_auto.png
    7618e514e2f851485b6dcd9d4b34d73b
    		PNG image data, 9 x 26, 8-bit/color RGBA, non-interlaced
    purple_next.png
    cab777bd128187aa60d8f262eeb4fd63
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    purple_pager.png
    95e9ed7f22ca12d21be1045bae2e1a10
    		PNG image data, 19 x 40, 8-bit/color RGBA, non-interlaced
    purple_prev.png
    12db6de0f384126431e758562e0002bf
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    red_auto.png
    678b239e9f3cbb955b1d928021f6c468
    		PNG image data, 9 x 26, 8-bit/color RGBA, non-interlaced
    red_next.png
    a0a9bc8ca9d6be265d309e411e9c9f71
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    red_pager.png
    279cabe2b1066472808093d02e89d4f2
    		PNG image data, 19 x 40, 8-bit/color RGBA, non-interlaced
    red_prev.png
    892bbe7607928e3c2ed5ef1e04775106
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    yellow_auto.png
    3c542c8fafb46e8680cc208fc7d82cb3
    		PNG image data, 9 x 26, 8-bit/color RGBA, non-interlaced
    yellow_next.png
    5b328916214a28cd583164df70af7274
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    yellow_pager.png
    38fe2ab562da40877465feba115e7b6a
    		PNG image data, 19 x 40, 8-bit/color RGBA, non-interlaced
    yellow_prev.png
    d4a7799092b56d7640570661ebc6019e
    		PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced
    jquery.bxSlider.js
    a6814fa497f2c3ad94424557fb1d0787
    		JavaScript source, ASCII text, with CRLF line terminators
    jquery.bxSlider.min.js
    eaae873c82c45ec124b98f000452c517
    		JavaScript source, Unicode text, UTF-8 text, with very long lines (1540)
    loop.php
    f2c48964ddf6b0aede226876a668c359
    		PHP script, ASCII text, with CRLF line terminators
    loop-attachment.php
    8171e6adb9cc4a641c469d4da7c2ee5c
    		PHP script, ASCII text
    loop-page.php
    d3a6bfb4a31bfdf1fc90ae6393bebf61
    		PHP script, ASCII text, with CRLF line terminators
    loop-single.php
    34671aa4515b1a975ecb70adaa1cf2ef
    		PHP script, ASCII text, with CRLF line terminators
    onecolumn-page.php
    192f1d8d59f7bf5313058e0930fcef8b
    		PHP script, ASCII text
    page.php
    dc46159ac4da6e4d5de6b312bb8e74e3
    		PHP script, ASCII text, with CRLF line terminators
    pagenavi-css.css
    43aadfcc603e690508f60c88a6a14373
    		ASCII text, with CRLF line terminators
    rtl.css
    28c6b498c77f9a6de8f99d3339009904
    		ASCII text
    screenshot.png
    8ef26c8ea4a5626791de0c4ccdc586d8
    		PNG image data, 300 x 225, 8-bit/color RGB, non-interlaced
    search.php
    8919e93bb59912fa96f6ec71b6dca979
    		PHP script, ASCII text, with CRLF line terminators
    searchform.php
    728e7367936f013848c0c6f1cd9fd86b
    		ASCII text, with CRLF line terminators
    sidebar.php
    81ab8cb509748a88a59d4bfbbf3680c3
    		PHP script, ASCII text, with CRLF line terminators
    sidebar-footer.php
    06fbb9036371df0097ee6286de1e0080
    		PHP script, ASCII text, with CRLF line terminators
    single.php
    c3c1245f228c714640ce78e7e3c58b90
    		PHP script, ASCII text, with CRLF line terminators
    arrows.png
    09b24f1a73b9eeb5cc62db7ec0b60bca
    		PNG image data, 60 x 30, 8-bit/color RGBA, non-interlaced
    bullets.png
    4f6bd150388593455b1509d0184489ff
    		PNG image data, 22 x 44, 8-bit/color RGBA, non-interlaced
    loading.gif
    95b2bc5ffc8bcebebd46c4762c07444e
    		GIF image data, version 89a, 16 x 16
    jquery.nivo.slider.js
    31f46136f40fc3e95cc6e37160a27fd2
    		JavaScript source, ASCII text, with CRLF line terminators
    nivo-slider.css
    c6cdba920a9776556da6ade323c8416c
    		ASCII text, with CRLF line terminators
    jquery-1.4.3.min.js
    e4958bd2e32d9fcd6115a585ed17a9cc
    		JavaScript source, ASCII text, with very long lines (561)
    slider.php
    58778ae9983b99eb88b2ce5b0cda1370
    		JavaScript source, ASCII text, with CRLF line terminators
    style.css
    360f55d3ed988b92ea907866fd4f743a
    		ASCII text, with CRLF line terminators
    socialmedia.php
    21eed50f841e23d8e4893b65cf065dcc
    		HTML document, ASCII text, with CRLF line terminators
    style.css
    2d5b807f97454d999e290bdc6d8c3926
    		ASCII text, with CRLF line terminators
    tag.php
    860b4ffc49332fb9b8baddf0d8125d8a
    		PHP script, ASCII text, with CRLF line terminators
    wp-pagenavi.php
    a840e50e53240c770675feceaba9bbff
    		PHP script, ASCII text, with CRLF line terminators

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    php webshell containing base64 encoded payload
    Public Nextron YARA rulesmalware
    PHP webshell which directly eval()s obfuscated string
    VirusTotalsuspicious
    VirusTotal - Scan result 2/63

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
besttheme.net/download/wordpress/whitemag.zip
148.72.158.137200 OK362 kB