Report Overview

  1. Submitted URL

    tyeyeah.github.io/filehost/bsrt/flair70.zip

  2. IP

    185.199.109.153

    ASN

    #54113 FASTLY

  3. Submitted

    2024-05-04 09:25:17

    Access

    public

  4. Website Title

    about:privatebrowsing

  5. Final URL

    about:privatebrowsing

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    0

  4. Threat Detection Systems

    8

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
tyeyeah.github.iounknown2013-03-082023-08-232024-03-27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


Files detected

  1. URL

    tyeyeah.github.io/filehost/bsrt/flair70.zip

  2. IP

    185.199.111.153

  3. ASN

    #54113 FASTLY

  1. File type

    Zip archive data, at least v2.0 to extract, compression method=store

    Size

    4.5 MB (4456282 bytes)

  2. Hash

    17cfea5078d1c30ae5b2b4bdae575ae3

    537f7002af8788f0bc1eece2b5e9245b29ad037b

  1. Archive (136)

    2. FilenameMd5File type
    plb.txt
    26d138ce9caeb34f34b93b5ca239364c
    		C source, ISO-8859 text
    news
    d1fe1758143f627d8fe6700531a5488d
    		ASCII text
    pat.rus
    8bb4e424200881233d2636023e45ca66
    		Non-ISO extended-ASCII text, with LF, NEL line terminators
    pat.txt
    5263952b2bfa3171e9dda568b12938ea
    		ASCII text
    readme.txt
    94033109808eaccac5a682824fdc8758
    		ASCII text
    pcf.txt
    0bcde86f65460b234aea1a7507a5b5ef
    		ASCII text
    crc16.cpp
    ae7335f7046f67fc41737cb1537e9832
    		ASCII text
    sigmake.txt
    51d1be92ce17d492a8ebb94624731eaa
    		ASCII text
    readme
    d2f92ddd122c81990123a7718a4d4ba9
    		ASCII text
    tpdll.idc
    3d7c113d22f6af232ac38fc17188ef3f
    		data
    tpne.idc
    8e0c70b923839462bfd51e51d0c0e767
    		C source, ASCII text
    tpdos.idc
    5aa0e3c28c6978478cdf6d79115fba6a
    		C source, ASCII text
    ptpu.exe
    4ef83b6d1ddae79cf5f22b55177f662c
    		MS-DOS executable, MZ for MS-DOS
    ptpu.txt
    44dbe26584227318a82493004c21cc9b
    		ASCII text
    delphi.sig
    a1579a998b65afe6abbb93a2ebe2db15
    		data
    tptv.sig
    8c1098c273e804ab0365ac0c7407ae12
    		data
    tpsig2.sig
    d5a30bb7259c6276227837428aa6f411
    		data
    tpwin.sig
    c9e40881683080bd2e2eccba6af49399
    		data
    tpdos.sig
    d13650b8d2f65faf57fe4fdffdd88339
    		data
    tpsig2n.sig
    fccc16cfc38e7d27121f7d6950756744
    		data
    tpdpmi.sig
    14092d9d010de9b2ea0c8589b2b42261
    		data
    tptvdpmi.sig
    7a0301417bdf830cd74b625c0f2805a5
    		data
    tpowl.sig
    c531569081380ab27eb605e543cc2400
    		data
    system.idt
    d27e7aabd32215fd533f966488486ae5
    		ASCII text
    system.idt
    f94bf64e62a71e8691142f46a8ca38ff
    		ASCII text
    system.idt
    450b6999d9fef8ab7a9f42bb1dd97802
    		ASCII text
    system.idt
    be58aa1170953ed762e5b83ba829bf69
    		ASCII text
    system.idt
    f76637680205e7988642ef616f22325d
    		ASCII text
    system.idt
    d27e7aabd32215fd533f966488486ae5
    		ASCII text
    system.idt
    69e90ebc67311921bcc22bf8ffb201b6
    		ASCII text
    system.idt
    5550a087dd783486a5a29d7176dc54a0
    		ASCII text
    system.idt
    98676de9a49b819762d8093c7ab627c8
    		ASCII text
    system.idt
    be58aa1170953ed762e5b83ba829bf69
    		ASCII text
    system.idt
    2c085c90140625ec8c59b4a5a306db58
    		ASCII text
    minmax.dll
    35fd722116f17a26e193d828cab68dc9
    		MS-DOS executable, NE for MS Windows 3.x (3.10) (DLL or font)
    readme
    e90e1d93483ae76cb25e571fcc8ef68d
    		ASCII text
    test.exe
    97c11853eabb2d06ad4c8ebbd0efd732
    		MS-DOS executable, NE for MS Windows 3.x (3.10) (EXE)
    ne_wa32.pat
    e64984235cbcbe78f6d7dc6b3d8412d2
    		ASCII text, with very long lines (1204)
    lx_wa32.pat
    c5cda158f8c834be778388444020c734
    		ASCII text
    ne_wa16.pat
    44b6c2479076572dfc4f50d9e6912722
    		ASCII text, with very long lines (731)
    exe_dm.pat
    ba4cf2e29327b675c90aa313f394b487
    		ASCII text, with very long lines (1612)
    pe_gcc.pat
    d6503cb9ab9a0d5ed73008cb5566d9d0
    		ASCII text, with very long lines (1121)
    lx.exc
    fd9d531afc8b4d037379f6dfcdbe8746
    		ASCII text
    lx_b2_15.pat
    68343d075c23a05e83955883b49a9074
    		ASCII text, with very long lines (328)
    ne.exc
    98925229db1e1da0f9d2679cc1e0b382
    		ASCII text
    ne_bh.pat
    006090bf18d4c6109833f42a3df8d1cf
    		ASCII text, with very long lines (1209)
    ne_tp.pat
    d089f3def9936a4eae8214efd013cf9d
    		ASCII text
    pe64_vc.pat
    c356b36f8af1807c48e5ca7de3205287
    		ASCII text, with very long lines (2244)
    exe_wa16.pat
    3a83de8b630156fd1bf4431ccd68edc9
    		ASCII text, with very long lines (1734)
    pe_bh.pat
    72fd3b3756428c2197fd270722730eee
    		ASCII text, with very long lines (1607)
    pe_vaw35.pat
    bf62e071cc4378b637abed8155a2c6a3
    		ASCII text, with very long lines (1064)
    exe_tp.pat
    aaa69bd79c516508f70ed45274a8f822
    		ASCII text
    nlm_exe.pat
    a6ed8b901aee5e9720c421a3d6979b8d
    		ASCII text, with very long lines (1818)
    pe_wa32.pat
    1a8a085f19b2b539d2149c3acc4fcdf1
    		ASCII text
    ne_mv.pat
    26e904b2c7fc492c5676b5c743d418b8
    		ASCII text, with very long lines (1273)
    exe_mq.pat
    ecfd33894e9b7553befed3c087da95ab
    		ASCII text, with very long lines (773)
    pe_sym.pat
    9114c8f477698b5c52ab134c4622a014
    		ASCII text, with very long lines (775)
    startup.bat
    ca3607f46c7055f498594e9c0ba4f0a0
    		DOS batch file, ASCII text
    pe_wu.pat
    ecd57294557436d9fbfec8eacb1edf14
    		ASCII text, with very long lines (6374)
    ne_zr3.pat
    1283b41ffb8d9b0c7724f5012073e2a0
    		ASCII text, with very long lines (646)
    nlm_wa32.pat
    43822eb30d1aecf8461a378eae1df672
    		ASCII text, with very long lines (966)
    exe_az.pat
    5edf534d9d0887376534887a42beb581
    		ASCII text, with very long lines (837)
    pe_bds.pat
    3a47e7cdc6a653862b6056be954f94b8
    		ASCII text
    exe_lat.pat
    b817b37d383b09dfde07176ed7d94f12
    		ASCII text, with very long lines (1842)
    exe_bh.pat
    c8a7f821bf8f88d5a2aa2e2c7c8ede77
    		ASCII text, with very long lines (1770)
    lx_emx.pat
    360c6f07cf5e4744c1903944d53b687d
    		ASCII text, with very long lines (423)
    exe_bc31.pat
    ba3f32713e19f9dcdcff9739bf73a713
    		ASCII text, with very long lines (1748)
    lx_va30.pat
    7680a2fb893d49696302efc9a9090415
    		ASCII text, with very long lines (797)
    lx_high.pat
    21a124735baaba96c54dbe5a500e51f5
    		ASCII text
    pe_ulink.pat
    4f191b70336a4bdf3e34c8cb5953b8ca
    		ASCII text, with very long lines (592)
    le.exc
    727c41d3c5bfe3358b7b8f476d2c150e
    		ASCII text
    pe_dm.pat
    4b79a6c23107b63ac618aa8dd3435758
    		ASCII text, with very long lines (1217)
    pe_vc.pat
    b57b96ace3f38f582a39d2824dad7bd3
    		ASCII text, with very long lines (1872)
    le_vir.pat
    40641a69c072b845ea14c30208cf3bc4
    		ASCII text, with very long lines (316)
    ne_sym.pat
    334db4379cc47aa663e1828e1c99cc60
    		ASCII text, with very long lines (716)
    exe_mv.pat
    d05e776e7a409355d2eb5945de164eb2
    		ASCII text, with very long lines (2539)
    pe64_wu.pat
    2a8c9421609a6990c409d54958121e6a
    		ASCII text, with very long lines (8089)
    le_wa32.pat
    a997031873c27cdcc909266217470995
    		ASCII text, with very long lines (1882)
    exe_sym.pat
    5a50302e5431f4f83fdfdab995edc18a
    		ASCII text, with very long lines (1553)
    pe64_uln.pat
    1ae50eaf03599b3a2b0792fca609ec7e
    		ASCII text, with very long lines (859)
    exe_zr1.pat
    28a0e4327be22ceceb42fddb0f146209
    		ASCII text, with very long lines (1645)
    exe.exc
    5712fcc2e7f7127a4435b2d8ee74a2f2
    		ASCII text
    exe_zr3.pat
    a134a5b302574c658a2edd2825a76de3
    		ASCII text, with very long lines (1536)
    ne_bc31.pat
    2d62cc1f888c3c4f894098317e5fc22f
    		ASCII text, with very long lines (1079)
    le_ndp.pat
    adbf100ffdf99d1a4de57db5c753da05
    		ASCII text, with very long lines (15448)
    psx.pat
    18db7702e52b8a5c1bbd85a3bbee4263
    		ASCII text, with very long lines (935)
    pe_libc.pat
    8df7f02830b09194a240f49aff109a62
    		ASCII text, with very long lines (520)
    psx2.pat
    bf165ba597307d22670cf71bee54f5bf
    		ASCII text, with very long lines (384)
    startup.bat
    a24608a432d69231bd42f252f6c45962
    		DOS batch file, ASCII text
    startup.bat
    52b5050477f2dd3f5dbb0919ba9ce137
    		DOS batch file, ASCII text
    coff_tms.pat
    beecc2cc71ed054a6072f4bc6b06bd24
    		ASCII text, with very long lines (346)
    pe_libc.pat
    87837dc2656fb197eebcf27d973388ea
    		ASCII text
    startup.bat
    8ccee34a488c3cdda62dece6662408a5
    		DOS batch file, ASCII text
    pe_ebclib.pat
    92d1794afce7d4e333e724ab4323ed27
    		ASCII text, with very long lines (820)
    startup.bat
    ace7239015d009dd6e5c2d3a7f716205
    		DOS batch file, ASCII text
    pe_libc.pat
    59bb28f7adb4a8fbaa6cc18c33d0d721
    		ASCII text, with very long lines (931)
    startup.bat
    8ccee34a488c3cdda62dece6662408a5
    		DOS batch file, ASCII text
    startup.bat
    52b5050477f2dd3f5dbb0919ba9ce137
    		DOS batch file, ASCII text
    coff_gnu.pat
    62f9f371d49ad84229757c3486e2fb1a
    		ASCII text
    pelf.rtb
    2f3360fac23b60e2cf055b3f4f723ae6
    		ASCII text
    pelf
    6f42eba9bab347f9fc508d8760a384ee
    		ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux)
    plb
    5eeba7cc7739033d27f9c0f1a3912ab4
    		ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux)
    zipsig
    bb7ceb9b4f6b8e1e9787f3b5b6cf66c3
    		ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux)
    ptmobj
    0f7380ab9c66d34b395814304c659f5b
    		ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux)
    pmacho
    a5c94f29a6174ba131ef5fcbbcddbbef
    		ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux)
    sigmake
    22d5694f32678ad51740ca6619fd4e5b
    		ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux)
    pomf166
    26448b3dff5a84a0048b66e0bc8bf213
    		ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux)
    dumpsig
    8fed24c5af8f178554d451730ce97423
    		ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux)
    pcf
    63b34a6a0f3f382f2052ba33ab1cbd5f
    		ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux)
    ppsx
    bfae8d32c1939f7ed3263d99a4211115
    		ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux)
    pelf.rtb
    1db9c76155f14473cb3debdcacabc03b
    		ASCII text, with CRLF line terminators
    plb.exe
    fa2d6bc4cc495a38b2b6eeb8fbe8f1b8
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    sigmake.exe
    3ff6377322947b7afabe581ccde394f3
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    pmacho.exe
    cb020bbf1841d2820fa09703389b9e47
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    zipsig.exe
    ddd5feb34dd1f5d49b5bf33430b0e09c
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    pelf.exe
    af9c013e44c274085dfb73ce083fefc5
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    ptmobj.exe
    8c94b1644a80ee3e415d27ea02e8289d
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    ppsx.exe
    99fdcb9098d459a495599b345c50c027
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    dumpsig.exe
    e01be1726934255fd34b9f51e255c043
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    pcf.exe
    dcc9ecc3dfe193f1a15aeffbf8e5c050
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    pomf166.exe
    f55811c5826fda073c313af3e1711c27
    		PE32+ executable (console) x86-64, for MS Windows, 5 sections
    pelf.rtb
    2f3360fac23b60e2cf055b3f4f723ae6
    		ASCII text
    pelf
    1e88777390f2f689078587e862456c3a
    		Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>
    plb
    63bbc678ae3ad137c0069cc6484a041f
    		Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>
    zipsig
    7881a611b98a114f67dab3bca55ad54b
    		Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>
    ptmobj
    0e86d3b23bc9ebac3153fdf1452e847f
    		Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>
    pmacho
    bad70834feeda9ed8a6dfa1966e193f0
    		Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>
    sigmake
    bfb0da8266e08d6a9347e582cb476b80
    		Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>
    pomf166
    73ebed0b0c9d446b918f18e13e2c5c99
    		Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>
    dumpsig
    39bb91cd7116bd2d335c1d45bca90149
    		Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>
    pcf
    eea21ec8c0ceb5a3c6da94b4f5072180
    		Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>
    ppsx
    496fdcfd39852c4e93b7ea15b9df5c21
    		Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>
    bc31rtd.exc
    3f24a7f538f185263d9257b2a597f618
    		ASCII text
    readme
    e78f9d63f438cdd896986eedfc5239e8
    		ASCII text
    bctc.bat
    7007ce42c876dece748c73603a6c2633
    		DOS batch file, ASCII text
    ctask.bat
    b6f8f875df1741ca9df4a15a57cfb8b3
    		DOS batch file, ASCII text

    Detections

    AnalyzerVerdictAlert
    YARAhub by abuse.chmalware
    meth_get_eip
    YARAhub by abuse.chmalware
    meth_get_eip
    YARAhub by abuse.chmalware
    meth_get_eip
    YARAhub by abuse.chmalware
    meth_get_eip
    VirusTotalsuspicious
    VirusTotal - Scan result 1/61

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
tyeyeah.github.io/filehost/bsrt/flair70.zip
185.199.111.153200 OK4.5 MB