Report Overview

  1. Submitted URL

    phoenixminer.info/downloads/PhoenixMiner_6.2c_Windows.zip

  2. IP

    185.66.89.249

    ASN

    #30860 Virtual Systems LLC

  3. Submitted

    2024-03-28 15:30:08

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    0

  4. Threat Detection Systems

    6

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
phoenixminer.info4671842021-03-102021-03-102024-01-09

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    phoenixminer.info/downloads/PhoenixMiner_6.2c_Windows.zip

  2. IP

    185.66.89.249

  3. ASN

    #30860 Virtual Systems LLC

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=store

    Size

    5.4 MB (5408368 bytes)

  2. Hash

    bc9e74640e9497972cd00bd49feebbd7

    33b4c5f25115e147fdc959182328e5760e5dffa9

  1. Archive (44)

    2. FilenameMd5File type
    config.txt
    7be2dbfa0ea8411903f9da88b6f32317
    		ASCII text, with CRLF line terminators
    API.html
    a9e9cdb7bc41a0b9ed1ab27ec0369c4d
    		HTML document, Unicode text, UTF-8 text, with very long lines (1055), with CRLF line terminators
    arguments.html
    9f8c5291cfd3fe32aad8f556fb09858e
    		HTML document, Unicode text, UTF-8 text, with very long lines (2007), with CRLF line terminators
    config-files.html
    61a40e1cb85fcb18a972009ba9ad109d
    		HTML document, Unicode text, UTF-8 text, with very long lines (368), with CRLF line terminators
    faq.html
    69d46be559a6f7d914e916a27b520acd
    		HTML document, Unicode text, UTF-8 text, with CRLF line terminators
    features.html
    25c90a1a478f3839400354f86ad9abcd
    		HTML document, Unicode text, UTF-8 text, with very long lines (403), with CRLF line terminators
    genindex.html
    130fe87df6d062d3238232be5fd195db
    		JavaScript source, ASCII text, with CRLF line terminators
    hw-control.html
    e7cd5bb1ebd1cc5dc4866f501d06b74f
    		HTML document, Unicode text, UTF-8 text, with very long lines (478), with CRLF line terminators
    index.html
    a5b91e583f51a01a35029a6fbfc32a0f
    		HTML document, ASCII text, with CRLF line terminators
    interactive.html
    a780bfaceaca63d4a827de2d89fb19a2
    		HTML document, Unicode text, UTF-8 text, with very long lines (869), with CRLF line terminators
    intro.html
    0e53eeaf8a47e13244f82d2c21e9b5cd
    		HTML document, Unicode text, UTF-8 text, with CRLF line terminators
    quick-start.html
    895f01d340a8ce8ae1379c632333ed6d
    		HTML document, Unicode text, UTF-8 text, with very long lines (476), with CRLF line terminators
    remote.html
    2fea061a112d6ef527b857371435b45e
    		JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
    search.html
    6c3f268c3f847fb9ebb0f8be1e0c667e
    		JavaScript source, ASCII text, with CRLF line terminators
    searchindex.js
    9bca0c1eac1305d97971a7175b795551
    		ASCII text, with very long lines (14327), with no line terminators
    troubleshooting.html
    79e51f7f8c0072b199a976d7498559e5
    		HTML document, Unicode text, UTF-8 text, with CRLF line terminators
    basic.css
    74959365a001bef5b1784c3028654536
    		ASCII text, with CRLF line terminators
    badge_only.css
    73352185a4fadd4d3b6990d42aded2a7
    		Unicode text, UTF-8 (with BOM) text, with very long lines (3367)
    theme.css
    5181601063f49bf210d1e544fbed09de
    		Unicode text, UTF-8 text, with very long lines (58598)
    doctools.js
    226eae3f0a364b5cacb1c083ce19c262
    		JavaScript source, ASCII text
    documentation_options.js
    23d2a418e2c8d6b0a658e5a47d35377f
    		ASCII text, with CRLF line terminators
    file.png
    ba0c95766a77a6c598a7ca542f1db738
    		PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
    fontawesome-webfont.ttf
    b06871f281fee6b241d60582ae9369b9
    		TrueType Font data, 13 tables, 1st "FFTM", 24 names, Macintosh
    jquery-3.4.1.js
    11c05eb286ed576526bf4543760785b9
    		JavaScript source, ASCII text
    jquery.js
    220afd743d9e9643852e31a135a9f3ae
    		JavaScript source, ASCII text, with very long lines (65451)
    modernizr.min.js
    42306a279a9e831515347ae319181cd1
    		JavaScript source, ASCII text, with very long lines (14756)
    theme.js
    2ed16d9d17fd262dbb5e37d2357761be
    		JavaScript source, ASCII text, with very long lines (4336)
    language_data.js
    7cc2ab7bf8d84cd775fb2655b5c1c5c9
    		JavaScript source, ASCII text, with CRLF line terminators
    minus.png
    36b1a4b05451c7acde7ced60b2f6bc21
    		PNG image data, 11 x 11, 8-bit grayscale, non-interlaced
    plus.png
    0d7849fd4d4148b7f78cab60a087633a
    		PNG image data, 11 x 11, 8-bit grayscale, non-interlaced
    pygments.css
    aef7931044a13463a2bb487ac680bc33
    		ASCII text, with CRLF line terminators
    searchtools.js
    f98c7c175b3a76034fb2b8d0039729c8
    		JavaScript source, ASCII text
    underscore-1.3.1.js
    4eb64db36175fefa3e36b9e57606512c
    		JavaScript source, ASCII text
    underscore.js
    b538b8a3ed2c5519b19409eace25c38b
    		JavaScript source, ASCII text, with very long lines (522)
    dpools.txt
    25c2e29ae4ec60560cf9f43a2f46f91d
    		ASCII text, with CRLF line terminators
    EIO.dll
    535d726e60039ab367310081ba9dc8ff
    		PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
    EIO.exe
    2d9d28d2c05d9057fb3d6549230a7f40
    		PE32 executable (console) Intel 80386, for MS Windows, 6 sections
    epools_example.txt
    c5560dabaca5a986c5e0e0abc60633ab
    		ASCII text, with CRLF line terminators
    IOMap64.sys
    58f3637bd3affa7e55d6b9796f0fc6a8
    		PE32+ executable (native) x86-64, for MS Windows, 6 sections
    PhoenixMiner.exe
    51ff42d909a879d42eb5f0e643aab806
    		PE32+ executable (console) x86-64, for MS Windows, 8 sections
    Readme.txt
    ba9e670a6e5ec62e68586835adbca9c0
    		Unicode text, UTF-8 text, with CRLF line terminators
    ReleaseNotes.txt
    98810ad4ec3ec8f1bbdc7c83c787676a
    		ASCII text, with very long lines (335), with CRLF line terminators
    start_miner.bat
    729053729653980b816e7d7ef9ad113f
    		ASCII text, with CRLF line terminators
    start_miner_etc.bat
    8d49113df3b146156114662cef624061
    		ASCII text, with CRLF line terminators

    Detections

    AnalyzerVerdictAlert
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    YARAhub by abuse.chmalware
    signed_sys_with_vulnerablity
    Public Nextron YARA rulesmalware
    Detects mining pool protocol string in Executable
    VirusTotalmalicious
    VirusTotal - Scan result 50/67

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
phoenixminer.info/downloads/PhoenixMiner_6.2c_Windows.zip
185.66.89.249200 OK5.4 MB