Report Overview
Submitted URL
github.com/NebuTech/NBMiner/releases/download/v42.3/NBMiner_42.3_Win.zip
IP
140.82.121.4
ASN
#36459 GITHUB
Submitted
2024-04-23 15:33:41
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
objects.githubusercontent.com | 134060 | 2014-02-06 | 2021-11-01 | 2024-04-23 | 999 B | 12 MB | 185.199.108.133 |
github.com | 1423 | 2007-10-09 | 2016-07-13 | 2024-03-24 | 526 B | 3.9 kB | 140.82.121.4 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
Files detected
URL
objects.githubusercontent.com/github-production-release-asset-2e65be/135897748/1fd9a584-7bc0-412f-9e32-7771f2b3de20?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240423%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240423T153313Z&X-Amz-Expires=300&X-Amz-Signature=22a5c453aed5800c30d78b2ae1fc465d3a193bcd83d3eefac853ccbfcb46447f&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=135897748&response-content-disposition=attachment%3B%20filename%3DNBMiner_42.3_Win.zip&response-content-type=application%2Foctet-stream
IP
185.199.108.133
ASN
#54113 FASTLY
File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
12 MB (11541914 bytes)
Hash
6418d3c7e009dabd832c4a9d34915721
0eec205955abf5744578cfc0a10672ee28afc861
Archive (14)
Filename | Md5 | File type | ||||||
---|---|---|---|---|---|---|---|---|
modify_tdr_delay.reg | 58c1420ffe9046fec8c3cbb71dd90c64 | ASCII text | ||||||
nbminer.exe | a7400236ffab02ae5af5c9a0f61e7300
| PE32+ executable (console) x86-64, for MS Windows, 9 sections | ||||||
nbminer.exe.sha256 | 33f44708b0e435c4f07af7c2c5c34a98 | ASCII text | ||||||
open_web_monitor.url | 067e5b68a8f827a58d1948f1e9adf1a2 | MS Windows 95 Internet shortcut text (URL=<http://127.0.0.1:22333/>), ASCII text | ||||||
readme.md | 17b7861968abf491b2a7eff3c602c4ec
| Unicode text, UTF-8 text, with very long lines (376), with CRLF line terminators | ||||||
start_ae.bat | 6b9bff08bee0fafc24c5dd8e0b90beda
| ASCII text, with CRLF line terminators | ||||||
start_beam.bat | 63e58183edfa38cb01ccaf324f6111a7
| ASCII text, with CRLF line terminators | ||||||
start_config.bat | 838af1b21709a000c8154188f053ad68 | ASCII text, with CRLF line terminators | ||||||
start_conflux.bat | 1d844af625bfdf1288e594ee1e8d6133
| ASCII text, with CRLF line terminators | ||||||
start_ergo.bat | 7d654dde2c56a9a4013f30aa3ee2e139
| ASCII text, with CRLF line terminators | ||||||
start_etc.bat | 715a0a36afd0a8cffe355c1cce1743c4
| ASCII text, with CRLF line terminators | ||||||
start_eth.bat | 432a428c2de6191f569203eefb6cb364
| ASCII text, with CRLF line terminators | ||||||
start_eth_overclock.bat | 3bea17ef6d613fe8edf8d983f4764553
| ASCII text, with CRLF line terminators | ||||||
start_rvn.bat | 8ff7f162656e695c0fed918c3fa2598e
| ASCII text, with CRLF line terminators |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public Nextron YARA rules | malware | Detects mining pool protocol string in Executable |
Public Nextron YARA rules | malware | Detects command line parameters often used by crypto mining software |
Public Nextron YARA rules | malware | Detects mining pool protocol string in Executable |
Public Nextron YARA rules | malware | Detects command line parameters often used by crypto mining software |
Public Nextron YARA rules | malware | Detects mining pool protocol string in Executable |
Public Nextron YARA rules | malware | Detects command line parameters often used by crypto mining software |
Public Nextron YARA rules | malware | Detects mining pool protocol string in Executable |
Public Nextron YARA rules | malware | Detects command line parameters often used by crypto mining software |
Public Nextron YARA rules | malware | Detects mining pool protocol string in Executable |
Public Nextron YARA rules | malware | Detects command line parameters often used by crypto mining software |
Public Nextron YARA rules | malware | Detects mining pool protocol string in Executable |
Public Nextron YARA rules | malware | Detects command line parameters often used by crypto mining software |
Public Nextron YARA rules | malware | Detects mining pool protocol string in Executable |
Public Nextron YARA rules | malware | Detects command line parameters often used by crypto mining software |
Public Nextron YARA rules | malware | Detects mining pool protocol string in Executable |
Public Nextron YARA rules | malware | Detects command line parameters often used by crypto mining software |
Public Nextron YARA rules | malware | Detects mining pool protocol string in Executable |
Public Nextron YARA rules | malware | Detects command line parameters often used by crypto mining software |
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (2)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
github.com/NebuTech/NBMiner/releases/download/v42.3/NBMiner_42.3_Win.zip | 140.82.121.4 | 302 Found | 0 B | |||||||
HTTP Headers
| ||||||||||
objects.githubusercontent.com/github-production-release-asset-2e65be/135897748/1fd9a584-7bc0-412f-9e32-7771f2b3de20?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240423%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240423T153313Z&X-Amz-Expires=300&X-Amz-Signature=22a5c453aed5800c30d78b2ae1fc465d3a193bcd83d3eefac853ccbfcb46447f&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=135897748&response-content-disposition=attachment%3B%20filename%3DNBMiner_42.3_Win.zip&response-content-type=application%2Foctet-stream | 185.199.108.133 | 200 OK | 12 MB | |||||||
Detections
HTTP Headers
| ||||||||||