Report - ntc.party/uploads/short-url/6EeIrxolOTgvdu29mDWUrLLbNuO.zip

Report Overview

Visitedpublic

2025-04-23 21:54:21

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
ntc.party	unknown	2019-09-06	2019-11-27	2025-04-16	527 B	760 kB	130.255.77.28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

ntc.party/uploads/short-url/6EeIrxolOTgvdu29mDWUrLLbNuO.zip

IP / ASN

130.255.77.28

#29141 Bradler & Krantz GmbH & Co. KG

File Overview

File TypeZip archive data, at least v1.0 to extract, compression method=store

Size759 kB (758865 bytes)

MD54e84fdb9f8f744eb0163e09d8f9feb85

SHA12e9971c6f392081231fb8112c94f4bdc146dcfb2

SHA2564ee177452af11ed2c2e92fd19933b3ccc49b9b340b78a1fda498836458856ea5

Archive (34)

Modified	Filename	Size	MD5	File type
2025-04-08 00:19	!!!get_zapret_first!!!.cmd	3.4 kB	dae6e8a656d99881c6cad2da02eac861	DOS batch file, ASCII text, with CRLF line terminators
2025-01-04 14:57	!!!Win7-8_Change_Windivert!!!.cmd	3.0 kB	21055d4cb2623f20cd112a0c889d2dfb	DOS batch file, ASCII text, with CRLF line terminators
2024-11-24 07:15	0_russia_update_blacklist_file.cmd	136 B	b21cd51b68c923293910c6fe41ab25af	DOS batch file, ASCII text
2025-04-22 18:17	1_preset_russia.cmd	8.8 kB	c97e6c226116a33c379c6f4f6d05381d	DOS batch file, Unicode text, UTF-8 text, with very long lines (373), with CRLF line terminators
2025-04-01 16:53	1_preset_russia_zl.cmd	2.2 kB	79490146fe521f1abbe98ae9c093e1e2	DOS batch file, ASCII text, with CRLF line terminators
2025-04-22 18:30	2_service_install_reinstall.cmd	9.0 kB	f3d35f81ff1f53df5a75d97146cde7e9	DOS batch file, Unicode text, UTF-8 text, with very long lines (1637), with CRLF line terminators
2025-03-27 06:16	2_service_install_reinstall_zl.cmd	2.5 kB	f03f77daeecffdf76a8d6ed51a09a5fd	DOS batch file, ASCII text, with very long lines (1839), with CRLF line terminators
2025-01-26 23:00	3_service_remove.cmd	576 B	ce0032c81d4bc8658880e23f79eed0f4	DOS batch file, Non-ISO extended-ASCII text, with CRLF line terminators
2024-09-22 22:31	quic_1.bin	1.2 kB	312526d39958d89b1f8ab67789ab985f	data
2024-10-30 01:02	quic_2.bin	136 B	9face1abdaf5b0fca2c7b49068c9c6f0	data
2024-11-08 08:48	quic_3.bin	1.4 kB	79be17b482d8ee1e96eec9e16e7a506d	data
2025-04-16 08:07	quic_4.bin	1.2 kB	8829e7a638e4c49ccee34e8d678d7223	data
2024-10-15 18:54	tls_clienthello_1.bin	517 B	db3c0631dd001bb9919ee87984caae3b	data
2024-10-08 19:27	tls_clienthello_2.bin	652 B	7ab7ad857c5b8794fbdf1091b494dc94	data
2025-04-07 14:56	tls_clienthello_2n.bin	681 B	41e47557f16690df1781f67c8712714e	data
2024-09-22 22:31	tls_clienthello_3.bin	517 B	25f535aebfdfce4b84e4fd996cb82ac1	data
2025-01-27 06:47	tls_clienthello_4.bin	517 B	5299f24cf3ef34818300e204cf40c203	data
2025-04-03 14:56	tls_clienthello_5.bin	309 B	5f0875ae43cbac89a49c2a1eb5b16776	data
2025-04-05 17:24	tls_clienthello_6.bin	321 B	be7128431d6f6c42c8b89bf170cfa83b	data
2025-04-07 05:56	tls_clienthello_7.bin	300 B	6650bd85aa8285ab6008f6a546ebf35a	data
2025-04-22 17:29	mycdnlist.txt	417 B	068bcf7d759d30adc324afe58a959655	ASCII text, with CRLF line terminators
2025-04-08 00:20	myhostlist.txt	137 B	8538b296f06c916919a326f1fd3fbb69	ASCII text, with CRLF line terminators
2025-04-01 17:05	netrogat.txt	122 B	d288af952f57826d792f29d760e4688c	ASCII text, with CRLF line terminators
2025-04-22 13:28	russia-blacklist.txt	1.8 MB	c97c0e7743aa0f1da22f6e8c116cc539	ASCII text
2025-01-10 09:13	russia-discord-ipset.txt	11 kB	5f7d71b98b7b53d5f65c23130a0a2df0	ASCII text
2024-11-15 11:05	russia-discord.txt	178 B	bb9efd7c2e78099ddfe6fee392f8b7cd	ASCII text, with CRLF line terminators
2025-01-28 21:27	russia-youtube-rtmps.txt	528 B	cf4537c61505ef4314707a2c2ebb7aba	ASCII text, with CRLF line terminators
2025-04-22 17:27	russia-youtube.txt	378 B	40d0921cdd0ed29b47d54b7e32a8415e	ASCII text, with CRLF line terminators
2024-12-30 11:30	russia-youtubeQ.txt	228 B	7c72e895b6a281c341dc09861412ba74	ASCII text, with CRLF line terminators
2011-10-30 17:02	RBHook.dll	34 kB	72b9f2edaeee0ec2d24c8eb514a4a3cc	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2011-10-30 17:02	RBTray.exe	40 kB	514191333f12932d067325e54c5a4eb8	PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
2005-02-14 19:03	unzip.exe	165 kB	fecf803f7d84d4cfa81277298574d6e6	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 5 sections
2025-01-04 14:59	win_check.cmd	1.2 kB	47ff05d289811f73ac03bdb36ee20269	Non-ISO extended-ASCII text, with CRLF, NEL line terminators
2025-01-26 23:25	!!!��!!!.txt	23 kB	e2dfeb1b4243651297ff374db1a3b8c5	Unicode text, UTF-8 text, with very long lines (628), with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/65

JavaScript (0)

HTTP Transactions (1)

	URL	IP	Response	Size