Report - noniandjim.com/Jim/MusicStudio/msfile2.zip

Report Overview

Submitted URL
noniandjim.com/Jim/MusicStudio/msfile2.zip
IP
66.96.149.32
ASN
#29873 BIZLAND-SD
Submitted
2024-04-25 09:48:27
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
noniandjim.com	unknown	2006-03-29	2017-06-06	2021-01-27	496 B	475 kB	66.96.149.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
noniandjim.com/Jim/MusicStudio/msfile2.zip
IP
66.96.149.32
ASN
#29873 BIZLAND-SD

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
475 kB (474737 bytes)
Hash
46086f498109039231d0ca2abf1481d3
fdf5b94fcaf2181fbc8bccfdfa787f1ea01267db
0b7c4f2a179422c11b35d9fdc44eddd9df4310f86d176b5dcb0a59b3660d33e8

Archive (54)

Filename

Md5

File type

bucket.cpp

c9f9e10432dd2542a423cb8a24d12474

C source, ASCII text, with CRLF line terminators

bucket.h

32316328e7ef91c0d5fddeb0f6145695

C source, ASCII text, with CRLF line terminators

bucket.obj

329ffaefb361a240b799f028f69600ba

Intel 80386 COFF object file, not stripped, 21 sections, symbol offset=0x1154, 139 symbols, created Wed Mar 2 22:58:03 2011, 1st section name ".drectve"

LABAMBA.SNG

8fc782285e26e5d072ee5e15c7b44150

data

main.obj

98b4ac0ec0fd7f148db2c4e3195130c0

Intel 80386 COFF object file, not stripped, 10 sections, symbol offset=0xacc, 67 symbols, created Fri Mar 4 20:33:59 2011, 1st section name ".drectve"

MBD.SNG

25f8520131824f6e209612fd072ea9cc

data

mbd.txt

7da4ddf4256e805d1e2b92c848da2b58

ISO-8859 text, with CRLF line terminators

MNICMNDY.SNG

3628961e684892bd8fe48d282e4d7c0c

data

MONDAY2V.SNG

d956c866ada7c243b77b4730176420b0

data

msfile2.exe

72593b43c9aac0e7128a0b1c94263aaf

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

msfile2.ilk

1a3245f44d45b51af39a16ee9a96e790

data

msfile2.pch

dc86db43d7560a30db87529e3d4046ad

data

msfile2.pdb

b6bb5b1514ee32cd8583f21b690399af

MSVC program database ver 2.00, 1024*537 bytes

MSplay.obj

f784d0366d69bd4c7c5c019d86ace65c

Intel 80386 COFF object file, not stripped, 144 sections, symbol offset=0x6e61, 781 symbols, created Sun Mar 6 04:09:57 2011, 1st section name ".drectve"

MSTRPZZA.SNG

dbcd78c0f801a65d530356f17c8f2dee

data

MYSTERY.SNG

63dcc83637cee955227fdc3fd581fac4

data

o.txt

d381acce119b3f3a98b1f5776a8c8b33

ASCII text, with CRLF line terminators

ONTHGDY.SNG

aba5ef40db3fa8d5afbf5d64882aae4c

data

PRELUDE.SNG

ef219f6e59266b0b11c3a1a366d98a0e

data

REQUIEM.SNG

d5b091ce02038a57d85e9f4487e6f146

data

RHAPBLUE.SNG

ae2caf1584e78c93d0cccab355941afe

data

SLEEVE.SNG

acded86b2f4a43e5c85dacee034ac705

data

songs.sng

879a67ddd5f757f8e5c789a191a2eb32

ASCII text, with CRLF line terminators

STAR1.SNG

0d1dc77c12f7b61f267e99734cbd1a84

data

STARSPAN.SNG

cb4360a0af54f8df4852d2642f3e7ba9

data

STARTREK.SNG

aa0f689eb87caa0ecde021e4f077ae58

data

TDREAMS.SNG

7981ec1afa1debaf732985cfd409e6e1

data

TESTSLVE.SNG

450a41c360cb43ee07f342338c261b7e

data

TIMESTRM.SNG

49a0eaf5c48d015df21efdffc3ce1859

data

vc60.idb

790b11b5a3ef3a0803768f2f06ae3837

MSVC program database ver 2.00, 1024*49 bytes

vc60.pdb

2a9c372e9007f18ab9aa043184799183

MSVC program database ver 2.00, 4096*13 bytes

WALTZ.SNG

68335b8a35d76497b52aba9ba10d6b62

data

WIERD.SNG

11f3cccec3e01e741b9a68f41664b130

data

ZCOMP.SNG

fd414413a9a2d5c798b5c5b7b58f639a

data

ZSTREAM.SNG

454bcf97c328db6dde035a7b4d38a9aa

data

ZTIME.SNG

e8120c55e2ce0daa4302f07957f71334

data

ZTMSTREM.SNG

4ff7453679d66570fb8a41178982a11a

data

ENTERTAN.SNG

a59031e852921502fe4f9675a3b58835

data

main.cpp

61eaeb8bcdf68e1d516cc0aee8103986

C source, ASCII text, with CRLF line terminators

msfile2.dsp

6c83962fc91c0c76cd848d91c79bf94c

ASCII text, with very long lines (361), with CRLF line terminators

msfile2.dsw

f170aa5792355cb4644e685563b3b722

ASCII text, with CRLF line terminators

msfile2.exe

8757a4a874634bca53dae99cd6eff90a

PE32 executable (console) Intel 80386, for MS Windows, 3 sections

msfile2.ncb

49cc0bec7f091b8d526a50fc95c1e95d

MSVC program database ver 2.00, 1024*81 bytes

msfile2.opt

196f2cef5767c51e54c23bf50f1bd894

Composite Document File V2 Document, Cannot read section info

msfile2.plg

cf26a5373be8ffc67dbe6bdf9b2dbea1

HTML document, ASCII text, with very long lines (411), with CRLF line terminators

MSplay.cpp

d3abdf1f1fcefa41684512fdc70a2209

C source, ASCII text, with CRLF line terminators

MSplay.h

c8ae3817c055d43615a58e9359c9f306

C source, ASCII text, with CRLF line terminators

PRELUDE.SNG

ef219f6e59266b0b11c3a1a366d98a0e

data

bucket.obj

a495b5957cc65ad3cccab3029d531342

Intel 80386 COFF object file, not stripped, 19 sections, symbol offset=0x560, 54 symbols, created Wed Mar 2 22:54:59 2011, 1st section name ".drectve"

main.obj

07b19426af3443b49d4494797c1559c9

Intel 80386 COFF object file, not stripped, 7 sections, symbol offset=0x398, 37 symbols, created Wed Mar 2 22:54:59 2011, 1st section name ".drectve"

msfile2.pch

f4f86b7de381598085484159fb55f44b

data

MSplay.obj

f98ddac3e68766f075719747b99a2e36

Intel 80386 COFF object file, not stripped, 110 sections, symbol offset=0x288d, 350 symbols, created Wed Mar 2 22:57:24 2011, 1st section name ".drectve"

vc60.idb

9fc21116d58ee091844f86f9e83f3bc9

MSVC program database ver 2.00, 1024*33 bytes

RHAPBLUE.SNG

ae2caf1584e78c93d0cccab355941afe

data

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
VirusTotal	suspicious	VirusTotal - Scan result 1/61

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

noniandjim.com/Jim/MusicStudio/msfile2.zip

66.96.149.32

200 OK

475 kB

URL User Request GET HTTP/1.1
noniandjim.com/Jim/MusicStudio/msfile2.zip
IP
66.96.149.32:443
ASN
#29873 BIZLAND-SD

Certificate
IssuerLet's Encrypt
Subject*.noniandjim.com
Fingerprint39:12:9E:C9:28:0F:15:BE:A8:76:87:5E:7E:88:07:0C:0B:31:2F:63
ValidityMon, 25 Mar 2024 08:26:06 GMT - Sun, 23 Jun 2024 08:26:05 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
475 kB (474737 bytes)
Hash
46086f498109039231d0ca2abf1481d3
fdf5b94fcaf2181fbc8bccfdfa787f1ea01267db
0b7c4f2a179422c11b35d9fdc44eddd9df4310f86d176b5dcb0a59b3660d33e8

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/61

HTTP Headers

GET /Jim/MusicStudio/msfile2.zip HTTP/1.1
Host: noniandjim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 09:48:00 GMT
Content-Type: application/zip
Content-Length: 474737
Connection: keep-alive
Server: Apache
Accept-Ranges: bytes
Age: 0

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (54)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers