Report - github.com/UselessGuru/UG-Miner-Binaries/releases/download/TT-Miner/ttminer503.7z

Report Overview

Submitted URL
github.com/UselessGuru/UG-Miner-Binaries/releases/download/TT-Miner/ttminer503.7z
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-03-28 15:21:00
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2024-03-24	535 B	3.9 kB	140.82.121.3
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2024-03-28	992 B	12 MB	185.199.110.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/736663486/3ec76c29-efdd-4bf4-96db-d59c45ca276a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T152010Z&X-Amz-Expires=300&X-Amz-Signature=d3d02ebf5e21e93d0081adf95e5c65baedfa750a2a4bd6956f9122f0717e171a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=736663486&response-content-disposition=attachment%3B%20filename%3Dttminer503.7z&response-content-type=application%2Foctet-stream
IP
185.199.110.133
ASN
#54113 FASTLY

File type
7-zip archive data, version 0.4
Size
12 MB (12488954 bytes)
Hash
d246b2e6fb52b01b5e5d3e3c063fc586
e3a5a323a40d6cd973973512d9afc4b337afa95c
6876cf8311dce7dd2ea1481cbe6f1ef1e82e89f12626c9ba3e7880cf8479b72b

Archive (51)

Filename

Md5

File type

ReadMe.txt

904ca45329bfe027d31b4dff589b68e2

Unicode text, UTF-8 text, with CRLF line terminators

TT-Miner-CKB.bat

ed71af4e64ad4df0094169faf5a576b4

DOS batch file, ASCII text, with CRLF line terminators

TT-Miner-Epic-Sero.bat

72e58fafe92f4984e6610837a6077c5d

DOS batch file, ASCII text, with CRLF line terminators

TT-Miner-Ethash.bat

5c204c88eed3a6486224c461ba9fe145

DOS batch file, ASCII text, with CRLF line terminators

TT-Miner-MTP.bat

3997c8e8ba8f280c5dfe569e8cb751c1

DOS batch file, ASCII text, with CRLF line terminators

TT-Miner-ProgPoW.bat

2fb92e16147aa8f64e4cecef32410e14

DOS batch file, ASCII text, with CRLF line terminators

TT-Miner-Raven.bat

ca9df9e15bbc2fe846e2975bc54e32e8

DOS batch file, ASCII text, with CRLF line terminators

TT-Miner-Sero.bat

9ac08d04fd079ffed2ea3c8394c73101

DOS batch file, ASCII text, with CRLF line terminators

TT-Miner-Ubqhash.bat

d3ddf2261e9a9bf31f51d2505618db1e

DOS batch file, ASCII text, with CRLF line terminators

AlgoEagleSong-C100.dll

e4acdfaa067da7077fb60bdfa1f60124

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoEagleSong-C101.dll

cd0ea37f6d86d78376a9b7f89574434a

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoEagleSong-C102.dll

aa52d6e389a599e2f7c41e0f07f9fe1f

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoEagleSong-C92.dll

b312a05e505ba1c925dc797f12bfd02a

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoEagleSong.dll

3f0ca48353319ceedd76a4ea20d2b8df

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoEthash-C100.dll

d0ea169b62c2f396e4204c799d5b1157

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoEthash-C101.dll

ca48f6a63ae65361d38244a9cd639a5e

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoEthash-C102.dll

49058fb823a2089f139b737a9101af98

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoEthash-C92.dll

b835de47d3bb13fb4340db2d067bfdac

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoEthash.dll

948606245891d263f75d8f4a54127923

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoLyra2Rev3-C100.dll

3cee293dcb9c2eeb8e876d78f7f82ad3

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoLyra2Rev3-C101.dll

e654aba97b2d02fad69c9e86780434aa

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoLyra2Rev3-C102.dll

e5dcff1fbaed0eb4ad939cf99c3bd50a

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoLyra2Rev3-C92.dll

6905f02339eecc8a99b1d4a1d331fa93

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoLyra2Rev3.dll

7f0a73735b2bb453cdc159b755735a5e

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoMTP-C100.dll

5fb09745c504a5616f663920b3713348

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoMTP-C101.dll

9eb3cee6afad7c94a7ca5607664ca867

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoMTP-C102.dll

f9cdbf0d7c26f672e1e715d55335537e

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoMTP-C92.dll

9c6f3222c6b6c1f84eb492b43ee6177d

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoMTP.dll

3a766921c34301e04b7613595ef676ab

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoProgPoW-C100.dll

2d932084f0890187c9445642d267840a

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoProgPoW-C101.dll

e125cefd9d9b0155c24a7bc72cb0c361

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoProgPoW-C102.dll

bacc5345c35d0756d9493ad7f47ab39b

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoProgPoW-C92.dll

4138936816a8e9d25d21fd682fdd55e2

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

AlgoProgPoW.dll

0305d0d03695741c95d4cdb2ea64ed42

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

nvml.dll

ea8a423b80b089e36c770e4e494e9f33

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

nvrtc-builtins64_100.dll

0a0a463e17af03587bc9d89f6aed9ed1

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

nvrtc-builtins64_101.dll

0e63f214c532b5271eada73646d4949e

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

nvrtc-builtins64_102.dll

d816d6c6a543ff4c19486e36546436d8

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

nvrtc-builtins64_110.dll

82e07ce169b823971015af2037d831d9

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

nvrtc-builtins64_92.dll

79ecdc6585ce79779e4500d4bbca4ac9

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 5 sections

nvrtc64_100_0.dll

553113e0299fba3b17c7e16c25fc593d

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

nvrtc64_101_0.dll

28ac2dad24726f52978645483f14efd7

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

nvrtc64_102_0.dll

ee49d4ee7259a23219a20e6498009897

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

nvrtc64_110_0.dll

baaab003a09589e0e9f140758f210f0a

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

nvrtc64_92.dll

75ce028ba3c02783c002d58941901a84

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 7 sections

GetworkRvnVeil.dll

e7c4f96164b8947f7edcf5f939a33713

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

SocketEPIC.dll

1d8c2bffaca2452334796eb44d87fa78

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

SocketEthProxy.dll

cf0057bebafd2c2f47c74209bf80a5ff

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

SocketStratum.dll

9fa1b8ddf02475dc031b1e2286b7e4fb

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

TT-Miner.exe

3768628a6e5ee3ccf226d2cd01e0d48f

PE32+ executable (console) x86-64, for MS Windows, 6 sections

TT-SubSystem.dll

f451282feeb544dd4bb58f2ec03f30a8

PE32+ executable (DLL) (console) x86-64, for MS Windows, 9 sections

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects mining pool protocol string in Executable
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
VirusTotal	malicious	VirusTotal - Scan result 16/61

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

github.com/UselessGuru/UG-Miner-Binaries/releases/download/TT-Miner/ttminer503.7z

140.82.121.3

302 Found

0 B

URL User Request GET HTTP/2
github.com/UselessGuru/UG-Miner-Binaries/releases/download/TT-Miner/ttminer503.7z
IP
140.82.121.3:443
ASN
#36459 GITHUB

Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0
ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /UselessGuru/UG-Miner-Binaries/releases/download/TT-Miner/ttminer503.7z HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: GitHub.com
date: Thu, 28 Mar 2024 15:20:10 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/736663486/3ec76c29-efdd-4bf4-96db-d59c45ca276a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T152010Z&X-Amz-Expires=300&X-Amz-Signature=d3d02ebf5e21e93d0081adf95e5c65baedfa750a2a4bd6956f9122f0717e171a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=736663486&response-content-disposition=attachment%3B%20filename%3Dttminer503.7z&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: 4655:1806DD:123ECCA:12672FC:66058AAA
X-Firefox-Spdy: h2

objects.githubusercontent.com/github-production-release-asset-2e65be/736663486/3ec76c29-efdd-4bf4-96db-d59c45ca276a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T152010Z&X-Amz-Expires=300&X-Amz-Signature=d3d02ebf5e21e93d0081adf95e5c65baedfa750a2a4bd6956f9122f0717e171a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=736663486&response-content-disposition=attachment%3B%20filename%3Dttminer503.7z&response-content-type=application%2Foctet-stream

185.199.110.133

200 OK

12 MB

URL User Request GET HTTP/2
objects.githubusercontent.com/github-production-release-asset-2e65be/736663486/3ec76c29-efdd-4bf4-96db-d59c45ca276a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T152010Z&X-Amz-Expires=300&X-Amz-Signature=d3d02ebf5e21e93d0081adf95e5c65baedfa750a2a4bd6956f9122f0717e171a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=736663486&response-content-disposition=attachment%3B%20filename%3Dttminer503.7z&response-content-type=application%2Foctet-stream
IP
185.199.110.133:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type
7-zip archive data, version 0.4
Size
12 MB (12488954 bytes)
Hash
d246b2e6fb52b01b5e5d3e3c063fc586
e3a5a323a40d6cd973973512d9afc4b337afa95c
6876cf8311dce7dd2ea1481cbe6f1ef1e82e89f12626c9ba3e7880cf8479b72b

Detections

Analyzer	Verdict	Alert
VirusTotal	malicious	VirusTotal - Scan result 16/61

HTTP Headers

GET /github-production-release-asset-2e65be/736663486/3ec76c29-efdd-4bf4-96db-d59c45ca276a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240328%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240328T152010Z&X-Amz-Expires=300&X-Amz-Signature=d3d02ebf5e21e93d0081adf95e5c65baedfa750a2a4bd6956f9122f0717e171a&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=736663486&response-content-disposition=attachment%3B%20filename%3Dttminer503.7z&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-md5: 0kay5vtSsBteXT48Bj/Fhg==
last-modified: Thu, 28 Dec 2023 15:32:59 GMT
etag: "0x8DC07BA459BA2D8"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6bde196f-501e-0045-6723-8134b6000000
x-ms-version: 2020-10-02
x-ms-creation-time: Thu, 28 Dec 2023 15:32:59 GMT
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=ttminer503.7z
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 0
date: Thu, 28 Mar 2024 15:20:11 GMT
x-served-by: cache-iad-kiad7000122-IAD, cache-hel1410024-HEL
x-cache: HIT, MISS
x-cache-hits: 4, 0
x-timer: S1711639211.620724,VS0,VE503
content-length: 12488954
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (51)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers