Report Overview
Submitted URL
www.cnvwvendas.com.br/public.zip
IP
162.241.181.26
ASN
#19871 NETWORK-SOLUTIONS-HOSTING
Submitted
2024-03-28 08:26:37
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
www.cnvwvendas.com.br | unknown | unknown | 2019-07-11 | 2024-03-28 | 486 B | 2.0 MB | 162.241.181.26 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
www.cnvwvendas.com.br/public.zip
IP
162.241.181.26
ASN
#19871 NETWORK-SOLUTIONS-HOSTING
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
2.0 MB (2016597 bytes)
Hash
7c10219568a1658c69b7dd8d1b3d756b
928329efc021bca853bb55a8929caf27a7f881a3
Archive (54)
Filename | Md5 | File type | ||||||
---|---|---|---|---|---|---|---|---|
.htaccess | 6759b7effbacb6febbc8271be08f0c25 | Unicode text, UTF-8 text | ||||||
error_log | 285f3cc4294d805c8acc87d0ab31c053 | ASCII text | ||||||
ssmsnaur.php | 924925480fcce4a533c8817fde2e4aeb
| PHP script, ASCII text, with CRLF line terminators | ||||||
database_connection.php | 709f580abac99348c03af4cedd7567c5 | PHP script, ASCII text | ||||||
DB.class.php | 8bdf3fce42d0711afbf718db6f16185a | PHP script, ASCII text | ||||||
error_log | adbc003f4c977883d7d75d2bb1368051 | ASCII text | ||||||
index.php | 7afcfecb17459f3df5d69205a4f047fb | HTML document, Unicode text, UTF-8 text, with very long lines (461) | ||||||
index_alterada.php | cd0d32d14b54eb8910bdd28937bb858e | HTML document, Unicode text, UTF-8 text, with very long lines (461) | ||||||
obrigado.php | 5e783889fd33696a2ed942b4ddc9631f | HTML document, Unicode text, UTF-8 text, with very long lines (461) | ||||||
ajax-loader.gif | c5cd7f5300576ab4c88202b42f6ded62 | GIF image data, version 89a, 32 x 32 | ||||||
config.rb | c47857bcaf2a4cf98b1bce99c48d4cd9 | ASCII text | ||||||
slick.eot | ced611daf7709cc778da928fec876475 | Embedded OpenType (EOT), slick family | ||||||
slick.svg | f97e3bbf73254b0112091d0192f17aec | SVG Scalable Vector Graphics image | ||||||
slick.ttf | d41f55a78e6f49a5512878df1737e58a | TrueType Font data, 13 tables, 1st "FFTM", 12 names, Macintosh, type 1 string | ||||||
slick.woff | b7c9e1e479de3b53f1e4e30ebac2403a | Web Open Font Format, CFF, length 1380, version 1.0 | ||||||
slick-theme.css | f9faba678c4d6dcfdde69e5b11b37a2e | Unicode text, UTF-8 text | ||||||
slick-theme.less | c7c46d5960843c56fdfc63a789349434 | Unicode text, UTF-8 text | ||||||
slick-theme.scss | e97dc549d5450ebd34fe128eefc69cd6 | Unicode text, UTF-8 text | ||||||
slick.css | f38b2db10e01b1572732a3191d538707 | ASCII text | ||||||
slick.js | 36f5dfaf4ab9fc2ebf345c1e348de969 | JavaScript source, ASCII text | ||||||
slick.less | f5309cf6905194850b44fb78b8028b95 | ASCII text | ||||||
slick.min.js | 16a791ccc8e9d34fc76accfadfdd5e4f | JavaScript source, ASCII text, with very long lines (53179) | ||||||
slick.scss | f5309cf6905194850b44fb78b8028b95 | ASCII text | ||||||
starry.min.css | 8608ab872813badb56941553c7871c93 | assembler source, ASCII text, with very long lines (669) | ||||||
itaudisplay_bd-webfont.woff2 | 943eded538dde6a0dfafee5453aa6dcf | Web Open Font Format (Version 2), TrueType, length 20492, version 1.0 | ||||||
itaudisplay_lt-webfont.woff2 | c2237a47b207b79d49dacbc6767f094b | Web Open Font Format (Version 2), TrueType, length 19856, version 1.0 | ||||||
itaudisplay_xbd-webfont.woff2 | 195620c524ec7c323db8fa3ceccb9cd2 | Web Open Font Format (Version 2), TrueType, length 20244, version 1.0 | ||||||
itaufonts_master_24px_v44.woff | 6ba4cc7698106f7750e81641aeeaea27 | Web Open Font Format, TrueType, length 179616, version 1.0 | ||||||
ItauText_Bd.woff2 | 6c8fe1156552769b5e65e3fc1eb81395 | Web Open Font Format (Version 2), TrueType, length 18140, version 1.0 | ||||||
ItauText_Lt.woff2 | f755825cfc33424de53229ed51a48547 | Web Open Font Format (Version 2), TrueType, length 17508, version 1.0 | ||||||
ItauText_Rg.woff2 | 4c9045c151fd584835340bef1292fa48 | Web Open Font Format (Version 2), TrueType, length 17892, version 1.0 | ||||||
ItauText_XBd.woff2 | 0497e59a98e9b5907eada6a161b29c6a | Web Open Font Format (Version 2), TrueType, length 18808, version 1.0 | ||||||
propostaenviada.jpg | a7c3dec58be3fefd2b17e3f2a4ecf159 | JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=447, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=796], baseline, precision 8, 796x447, components 3 | ||||||
Banco_Central_do_Brasil_logo-1.png | 591e271c52cc5f5a35287970a05ab22f | PNG image data, 3000 x 755, 8-bit colormap, non-interlaced | ||||||
cadeado.jpg | 897ab157cd8554b2f77f34beb5b2f4e6 | JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 688x136, components 3 | ||||||
dep1.png | fb2408bc64c4670f4a196b722d438020 | PNG image data, 321 x 276, 8-bit colormap, non-interlaced | ||||||
dep2.png | c67cff497f67daaa08cbdf1679cef4fe | PNG image data, 321 x 276, 8-bit colormap, non-interlaced | ||||||
dep3.png | 717101782f1a7c9c81e130f9a2760e5f | PNG image data, 321 x 276, 8-bit colormap, non-interlaced | ||||||
dep4.png | ed6ebdc6cf60fa7a64087a168a0b7ca0 | PNG image data, 321 x 276, 8-bit colormap, non-interlaced | ||||||
dep5.png | dee266429d0bba720792528177a71ce8 | PNG image data, 321 x 276, 8-bit colormap, non-interlaced | ||||||
entidades.jpg | 4f4a621896ba5ef0d575b8cc96c5cd13 | JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 688x136, components 3 | ||||||
ic_depoi.png | 3f438c317559b9beb122e35a246fabed | PNG image data, 69 x 69, 8-bit colormap, non-interlaced | ||||||
ic_faq.png | 79223a2e367147d610d0029d2734277a | PNG image data, 69 x 69, 8-bit colormap, non-interlaced | ||||||
logo.png | db26fca8e822bc7f47132a1923062850 | PNG image data, 272 x 42, 8-bit colormap, non-interlaced | ||||||
m-slide.jpg | 8a752e34c4c00fba18818077dd3e3e8d | JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3 | ||||||
man-phone.jpg | c2f4e7c7e68db3c8ab3260c0c2fc3411 | JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 358x320, components 3 | ||||||
mcafee.png | cabcd1a3d457755d4a5b7b041a61bd05 | PNG image data, 860 x 348, 8-bit colormap, non-interlaced | ||||||
propostaenviada.jpg | 59c166f7106509a465c05d33434aa325 | JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 796x447, components 3 | ||||||
slide.jpg | 0b39097dfb4c7df29d41a213c0dbf114 | JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=629, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1423], progressive, precision 8, 1423x629, components 3 | ||||||
slide1.jpg | 5097dbe07219cd9de125dfb37d6971cf | JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1423x629, components 3 | ||||||
ssl.png | f6927e8df079d7c74b60fc18d8a8ad80 | PNG image data, 519 x 231, 8-bit colormap, non-interlaced | ||||||
mask.min.js | e89d326e0218c78fe207ae20685e59fe | JavaScript source, ASCII text, with very long lines (542) | ||||||
error_log | 651f94c270e7b0c777df4b68d210f9bf | ASCII text | ||||||
send.php | 13ab7bc3412dd3b82c95bccdfb9cd5d7 | HTML document, ASCII text |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public Nextron YARA rules | malware | php webshell having some kind of input and some kind of payload. restricted to small files or big ones inclusing suspicious strings |
Public Nextron YARA rules | malware | PHP webshell which eval()s obfuscated string |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |
---|---|---|---|---|
www.cnvwvendas.com.br/public.zip | 162.241.181.26 | 200 OK | 2.0 MB | |
HTTP Headers
| ||||