Report - ambil-bntuan-mdani.biz.id/userdata11111111111.zip

Report Overview

Visitedpublic

2025-04-25 13:50:24

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
ambil-bntuan-mdani.biz.id	unknown	2025-04-12	2025-04-25	2025-04-25	517 B	1.2 MB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

ambil-bntuan-mdani.biz.id/userdata11111111111.zip

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

File Overview

File TypeZip archive data, at least v1.0 to extract, compression method=store

Size1.2 MB (1177207 bytes)

MD5069a3644dd2a46b41b929be305b1ab23

SHA17e09560dcfd8a81f36a433f4d54a9a5da9da6490

SHA2560d84625b3c9f8b9731fd0489dc7dde438886c0bad296dc328169feead353db63

Archive (27)

Modified	Filename	Size	MD5	File type
2025-04-13 17:32	1.jpg	709 kB	4b85e0511e128463c2596f9c79e73c98	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 2560x1412, components 3
2025-01-05 22:29	intlTelInput.css	25 kB	0cac8da422bea4dc70779e61d20e95a4	ASCII text
2025-01-05 22:29	flags@2xc4cac4ca.png	184 kB	e1c092e127943ec4289c847c5768b644	PNG image data, 11524 x 30, 8-bit/color RGBA, non-interlaced
2025-01-05 22:29	flagsc4cac4ca.html	2.8 kB	7f69d419f05d6a88987d9b69df46e48f	HTML document, ASCII text, with very long lines (355)
2025-01-05 22:29	bootstrap.min.css	233 kB	991bf098e7b63f2023b3eb9bf433e4d3	Unicode text, UTF-8 text, with very long lines (65342)
2025-01-05 22:29	custom.css	905 B	b3cee82a12b358cfbc1a049f7681aee3	assembler source, ASCII text
2025-01-05 22:29	menebus.css	1.2 kB	01b2e2466c45402c1432d76ff17b0204	ASCII text, with CRLF line terminators
2025-01-05 22:29	favicon.html	315 B	a34ac19f4afae63adc5d2f7bc970c07f	HTML document, ASCII text
2025-01-05 22:29	firstData.php	1.3 kB	98393297f1a9de9923a846fb0d64480e	PHP script, Unicode text, UTF-8 text
2025-01-05 22:29	fourData.php	2.4 kB	3f4b3a698097ee0654f9338ba5711221	PHP script, Unicode text, UTF-8 text
2025-01-05 22:29	Jata Negara@3x.gif	16 kB	ad7ce4b882bcb138d73ebe92e5c7bf3f	GIF image data, version 89a, 195 x 153
2025-01-08 09:26	lgh.jpg	73 kB	d9aa0f43663e70bc35491ec38af63eac	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x905, components 3
2025-01-05 22:29	madani.png	7.6 kB	a9c67cdcdda82e355165427364c171c0	PNG image data, 300 x 118, 8-bit colormap, non-interlaced
2025-01-05 22:29	malaysia.jpg	21 kB	86cc6a633132e07723d9f0e96fda29df	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 256x204, components 3
2025-04-15 12:10	index.html	32 kB	25564b04da500dd60b98325120090877	HTML document, Unicode text, UTF-8 text, with CRLF line terminators
2025-01-05 22:29	bootstrap.min.js	92 kB	a0c459bc3c9d5200cc5292a9a345d26e	JavaScript source, ASCII text, with very long lines (65299)
2025-01-05 22:29	bs-init.js	900 B	ec5d4df3c798a2943b2ecbac76ebfde0	JavaScript source, ASCII text
2025-01-05 22:29	clipboard.js.download	39 kB	2058ff746156567147094803be92a701	JavaScript source, Unicode text, UTF-8 text, with very long lines (585)
2025-01-05 22:29	index.js.download	5.8 kB	4b1085a1db7ab681d68326e9cdc1519c	JavaScript source, Unicode text, UTF-8 text
2025-01-05 22:29	intlTelInput.js	97 kB	2e714fc3a8734f2aefaa3af813379047	JavaScript source, Unicode text, UTF-8 text, with very long lines (9977)
2025-01-05 22:29	jquery-3.4.1.min.js.download	88 kB	220afd743d9e9643852e31a135a9f3ae	JavaScript source, ASCII text, with very long lines (65451)
2025-01-05 22:29	script.js	3.4 kB	e2ca41efdf45309a7a8ccbb040439fc1	JavaScript source, ASCII text
2025-01-05 22:29	utils.js	784 kB	7f4da62ef44a3624d9fe2f6cb38590c6	JavaScript source, ASCII text, with very long lines (65536), with no line terminators
2025-01-05 22:29	vue.min.js.download	94 kB	fb192338844efe86ec759a40152fcb8e	JavaScript source, ASCII text, with very long lines (65449)
2025-01-05 22:29	secondData.php	1.3 kB	4ff4f72c5f47ae077118d50c7431a225	PHP script, Unicode text, UTF-8 text
2025-01-05 22:29	telegram.php	107 B	0c407f9fe0023da20fc43f73a80cc66c	PHP script, ASCII text, with CRLF line terminators
2025-01-05 22:29	thirdData.php	1.4 kB	cb16f833b5f0833416a2890d6eb3a86f	PHP script, Unicode text, UTF-8 text

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detects file containing Telegram Bot API
YARAhub by abuse.ch	malware	Detects file containing Telegram Bot API
YARAhub by abuse.ch	malware	Detects file containing Telegram Bot API
YARAhub by abuse.ch	malware	Detects file containing Telegram Bot API

JavaScript (0)

HTTP Transactions (1)

	URL	IP	Response	Size