Report Overview

  1. Submitted URL

    phpaspshell.com/wp-content/uploads/2022/10/shell.aspx_.zip

  2. IP

    188.114.97.1

    ASN

    #13335 CLOUDFLARENET

  3. Submitted

    2024-04-20 16:30:35

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    0

  4. Threat Detection Systems

    3

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
phpaspshell.comunknown2022-10-112022-10-112024-03-07

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    phpaspshell.com/wp-content/uploads/2022/10/shell.aspx_.zip

  2. IP

    188.114.97.1

  3. ASN

    #13335 CLOUDFLARENET

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=deflate

    Size

    2.4 kB (2378 bytes)

  2. Hash

    4bb090341cc7bf392e375e0e19e6e9a1

    413b746aea6b9d70f344296990d7c20db12465f9

  1. Archive (2)

    2. FilenameMd5File type
    shell.aspx
    bbd4fa71c8007e74bae90d9e65913adc
    		HTML document, ASCII text
    ._shell.aspx
    c6a00d4a72dc6e825bf304f1673dc18b
    		AppleDouble encoded Macintosh file

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    Webshell in c#
    Public Nextron YARA rulesmalware
    ASP webshell searching for writable directories (to hide more webshells ...)
    VirusTotalmalicious
    VirusTotal - Scan result 35/63

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
phpaspshell.com/wp-content/uploads/2022/10/shell.aspx_.zip
188.114.97.1200 OK2.4 kB