popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

kj.txt

NPKI Antivirus
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 May 25, 2021, 3:18 p.m. May 25, 2021, 3:20 p.m.
Size 4.7KB
Type ASCII text, with very long lines, with CRLF line terminators
MD5 ebf79868631fd00264098d59e917e3e9
SHA256 c8ace209ba66f1dea8990bcabdc43c0c0e799582ab8147e972b0c9ad1078d745
CRC32 1EDA0144
ssdeep 96:8OUoskG3mU+u1ViXyzQX1f0gUe3X87J3aLQ4UtX4QLoBf/ETQjOfjjepUc/:Cosdmxuj0yzCWIn8oZUx7DMAjCpUc/
Yara
  • Antivirus - Contains references to security software

Name Response Post-Analysis Lookup
manstr.myartsonline.com
A 185.176.43.98
185.176.43.98
IP Address Status Action
164.124.101.2 Active Moloch
172.217.25.14 Active Moloch
185.176.43.98 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

suspicious_features POST method with no referer header, POST method with no useragent header suspicious_request POST http://manstr.myartsonline.com/pc/post.php
suspicious_features GET method with no useragent header suspicious_request GET http://manstr.myartsonline.com/pc/kj.down
suspicious_features GET method with no useragent header suspicious_request GET http://manstr.myartsonline.com/pc/del.php?filename=kj
request POST http://manstr.myartsonline.com/pc/post.php
request GET http://manstr.myartsonline.com/pc/kj.down
request GET http://manstr.myartsonline.com/pc/del.php?filename=kj
request POST http://manstr.myartsonline.com/pc/post.php
host 172.217.25.14