Report Overview
Visitedpublic
2025-03-21 19:35:08
Tags
Submit Tags
URL
github.com/TOP-executors/JJsploit/releases/download/v2.1.0/JJSPLOIT.V2.exe
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.4
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
objects.githubusercontent.com 3 alert(s) on this Domain | 134060 | 2014-02-06 | 2021-11-01 | 2025-03-19 | 972 B | 3.3 MB |  185.199.108.133 | |
github.com | 1423 | 2007-10-09 | 2016-07-13 | 2025-03-19 | 542 B | 3.3 MB | 140.82.121.4 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2025-03-21 | medium | objects.githubusercontent.com/github-production-release-asset-2e65be/877772159/a8b6bd16-5f97-4a30-8808-65c761396f62?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250321%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250321T193446Z&X-Amz-Expires=300&X-Amz-Signature=316af5ba4ff82c8014162aeb47d7efecdca500852c65ee3183787bcc6d6aacf7&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DJJSPLOIT.V2.exe&response-content-type=application%2Foctet-stream | Detects QuasarRAT malware |
| 2025-03-21 | medium | objects.githubusercontent.com/github-production-release-asset-2e65be/877772159/a8b6bd16-5f97-4a30-8808-65c761396f62?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250321%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250321T193446Z&X-Amz-Expires=300&X-Amz-Signature=316af5ba4ff82c8014162aeb47d7efecdca500852c65ee3183787bcc6d6aacf7&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DJJSPLOIT.V2.exe&response-content-type=application%2Foctet-stream | Identify QuasarRAT samples |
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
objects.githubusercontent.com/github-production-release-asset-2e65be/877772159/a8b6bd16-5f97-4a30-8808-65c761396f62?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250321%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250321T193446Z&X-Amz-Expires=300&X-Amz-Signature=316af5ba4ff82c8014162aeb47d7efecdca500852c65ee3183787bcc6d6aacf7&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DJJSPLOIT.V2.exe&response-content-type=application%2Foctet-stream
IP / ASN
185.199.108.133
File Overview
File TypePE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
Size3.3 MB (3266048 bytes)
MD5d4a776ea55e24d3124a6e0759fb0ac44
SHA1f5932d234baccc992ca910ff12044e8965229852
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| Public Nextron YARA rules | malware | Detects QuasarRAT malware |
| YARAhub by abuse.ch | malware | Identify QuasarRAT samples |
| VirusTotal | malicious |
JavaScript (0)
No JavaScripts
HTTP Transactions (2)
| URL | IP | Response | Size |
|---|