Report - www.sibrax.com.br/atualiza/backup.zip?r=

Report Overview

Visitedpublic

2024-05-08 00:46:21

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
www.sibrax.com.br	unknown	2004-06-17	2013-11-14 12:05:18	2024-04-18 04:06:43	410 B	7.1 MB	54.207.161.200

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

www.sibrax.com.br/atualiza/backup.zip?r=

IP / ASN

54.207.161.200

#16509 AMAZON-02

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=deflate

Size7.1 MB (7085081 bytes)

MD5159d0b7c4646632eadd6c47ea39fecbc

SHA165b6cead9bf21ee540cc7c63413daba3496e8840

SHA2566f707255a46659809da18f40709407f0ff9f4963008a3fe98d8956760641af14

Archive (24)

Modified	Filename	Size	MD5	File type
2014-02-05 08:27	backup.exe	17 kB	bb055186c34f683776978a3e7e734f3e	PE32 executable (console) Intel 80386, for MS Windows, 4 sections
2008-12-23 15:11	bz2.pyd	78 kB	a95c5057677f782fbb84735f75237e22	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2011-04-02 05:00	cwrsync.cmd	1.8 kB	97b61991e9c607afd9205fae30dfd8a9	DOS batch file, ASCII text, with CRLF line terminators
2014-01-08 12:25	cygcrypto-1.0.0.dll	1.9 MB	d3aa5c72d3447befc0d1c9b6d126d450	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 8 sections
2013-12-06 09:51	cyggcc_s-1.dll	104 kB	72900043b2a4bcd3c4bc945c451ea9d1	PE32 executable (DLL) (console) Intel 80386, for MS Windows, 8 sections
2011-10-16 14:20	cygiconv-2.dll	1.0 MB	87f2a8774017f22bc04026031f241054	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 8 sections
2013-12-06 10:12	cygssp-0.dll	11 kB	d228c266f9b7b53f5b439aab184dbb1e	PE32 executable (DLL) (console) Intel 80386, for MS Windows, 8 sections
2013-12-09 07:57	cygwin1.dll	3.1 MB	227af1af3dfa1b0fa8dc28e196318083	PE32 executable (DLL) (console) Intel 80386, for MS Windows, 13 sections
2013-05-09 18:21	cygz.dll	74 kB	fa05af55d93012dbd920fc5f29f23d32	PE32 executable (DLL) (console) Intel 80386, for MS Windows, 9 sections
2005-08-17 00:05	gbak-1.5.exe	172 kB	88f7b0d206834d10e057341de10d5555	PE32 executable (console) Intel 80386, for MS Windows, 4 sections
2011-10-03 07:29	gbak-2.5.exe	270 kB	2049e0068515b46cedeeb14516d4aefc	PE32 executable (console) Intel 80386, for MS Windows, 4 sections
2014-01-31 13:55	know_hosts	177 B	49d1e840151f31b153e25cf23dfa9879	ASCII text
2014-02-05 08:27	library.zip	1.8 MB	a61ce891535fd7bfe17ca0328da3ec2d	Zip archive data, at least v2.0 to extract, compression method=store
2013-07-12 10:26	MSVCR71.dll	348 kB	ca2f560921b7b8be1cf555a5a18d54c3	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2008-12-23 15:10	python25.dll	2.1 MB	5d3aae05ae3101b161331ae5d8cf8b13	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2014-01-26 08:15	rsync.exe	434 kB	33f86945ce1ad2070c2950382d904063	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 5 sections
2008-12-23 15:11	select.pyd	7.7 kB	bb404bd0e12162369fdcda668f99d722	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2013-11-08 17:19	ssh-keygen.exe	208 kB	7b8e272399ab5dbf9a53c267fe2dbde7	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 6 sections
2013-11-08 17:19	ssh.exe	419 kB	5b8644f7bc301d5ce8cfcf631b8c8f03	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, 6 sections
2008-12-23 15:11	unicodedata.pyd	479 kB	7791a75b16fc346ac2299dae94123d54	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2008-12-23 15:11	w9xpopen.exe	4.6 kB	cb59224ec3079a895b7f60cce0374677	PE32 executable (console) Intel 80386, for MS Windows, 3 sections
2008-12-23 15:11	_hashlib.pyd	324 kB	763b7fddd748d67a1e9d2b7e52bb41de	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2008-12-23 15:11	_socket.pyd	53 kB	9b3d4e11d48fac49051af8aca44af5cc	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2008-12-23 15:11	_ssl.pyd	655 kB	dd2444f0dfe1cfbce561652bd4ba77f3	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

	URL	IP	Response	Size