Report - retroachievements.org/bin/RALibretro.zip

Report Overview

Submitted URL
retroachievements.org/bin/RALibretro.zip
IP
172.67.68.23
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 06:07:55
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
retroachievements.org	337883	2012-10-03	2015-02-25	2024-03-12	494 B	2.0 MB	104.26.2.251

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
retroachievements.org/bin/RALibretro.zip
IP
104.26.2.251
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.0 MB (2018534 bytes)
Hash
bf33768e8681d446d46e4ab9f16498ef
f1a8f8728f1d1869331a7886bb4b4754d8ed6086
0ea1e31f67d169459fcb7ffbf47987f9eaadfb42fde0134ac54836a0e8ab739f

Archive (16)

Filename

Md5

File type

cores.json

de2aa98c7d1b4c9497191fd568481fbf

JSON text data

libgcc_s_dw2-1.dll

2f3706e8a4b522a047a02413a41b4936

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

libgcc_s_sjlj-1.dll

4d7d2be60f9bad9f31f13df8fb9f1e08

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 17 sections

libstdc++-6.dll

a674b0d28d64a19f350f0871ab32e767

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

libwinpthread-1.dll

db58f4be03d7a4228af73d7c627f383c

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 11 sections

acherror.wav

aec7108a730a0e6d15681a56707f7343

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

info.wav

3728e8eec8bd19cba3b496336ba3ad3f

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

lb.wav

1ce2ac7c70ab5350e286a79a5531095d

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

lbcancel.wav

f44e02650d3ce4644f854ecda4de940c

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz

bfe1cb275a35140464906adc5d566a7f

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 16000 Hz

overlayBG.png

d2e0c17f004d8baf1bb51219b5312f76

PNG image data, 1024 x 1024, 8-bit/color RGB, non-interlaced

rareunlock.wav

da07cbd2016c0168dfad3babd65937af

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 16000 Hz

theme.json

19dda36bbf257039d1e2bb77f0d9accd

JSON text data

unlock.wav

4d035ee86f836bfed422a975cf65c9cc

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz

RALibretro.exe

cff4c3cbb5eb6521b5be0b799f5be31a

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

SDL2.dll

7a5b9a8bf9ff9ef2eeee6077295bfc9f

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/65

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

retroachievements.org/bin/RALibretro.zip

104.26.2.251

200 OK

2.0 MB

URL User Request GET HTTP/2
retroachievements.org/bin/RALibretro.zip
IP
104.26.2.251:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectretroachievements.org
FingerprintFC:D5:37:F4:E7:B4:B8:BF:72:A9:E9:23:5A:D8:81:3D:E5:DF:EA:46
ValiditySat, 30 Mar 2024 18:03:30 GMT - Fri, 28 Jun 2024 18:03:29 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
2.0 MB (2018534 bytes)
Hash
bf33768e8681d446d46e4ab9f16498ef
f1a8f8728f1d1869331a7886bb4b4754d8ed6086
0ea1e31f67d169459fcb7ffbf47987f9eaadfb42fde0134ac54836a0e8ab739f

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/65

HTTP Headers

GET /bin/RALibretro.zip HTTP/1.1
Host: retroachievements.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 06:07:28 GMT
content-type: application/zip
content-length: 2018534
last-modified: Sat, 27 Jan 2024 19:03:34 GMT
etag: "65b55386-1ecce6"
expires: Thu, 24 Apr 2025 06:07:28 GMT
cache-control: max-age=31536000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPD3BCM8HtVZsr9K%2BHx0kKbMRD2H4PtOVA3zgBDcLIuZDPHUIXQe7kbTniFNVcgGS9GWDammozuUZLWJj5gMUNu89XJ%2BL3Mugg8xrfh0PtJPzGTJZP7tXOvWQaLkf8tAY%2FrDYXu%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793e9cbce250b06-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (16)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers