Report - andreasen.org/misc/16k.zip

Report Overview

Submitted URL
andreasen.org/misc/16k.zip
IP
216.24.57.252
ASN
#397273 RENDER
Submitted
2024-05-05 06:58:54
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
andreasen.org	unknown	1998-08-30	2022-03-24	2024-03-05	480 B	407 kB	216.24.57.252

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
andreasen.org/misc/16k.zip
IP
216.24.57.252
ASN
#397273 RENDER

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
406 kB (406096 bytes)
Hash
2bc575167f14ef8038bb4f99a1b90497
63e091355c5d055ef86ca8e40bead49019fcf653
29cefa0fc878c441ffa1b7fe7e1afb659cb1ec7a575cfd998db80f0b771b168f

Archive (182)

Filename

Md5

File type

amused.c

30a2af42331eddd93f49db70c54f3703

C source, ASCII text, with CRLF line terminators

readme.txt

346c391ec5ccc7d69d29b08daf59aa12

ASCII text

qposmud.c

d806a944d570c15aa2366f6e1438540d

C source, ASCII text, with CRLF line terminators

sparse.py

386e263add254bf98202ec6c21138a1a

Python script, ASCII text executable, with very long lines (316), with CRLF line terminators

sparse.htm

9e1016be55b8ae9c217750895ba489b7

HTML document, ASCII text, with CRLF line terminators

server.tcl

de8bafbb26a657593ab1d195753ee216

ASCII text

Test

d8e8fca2dc0f896fd7cb4cb0031ba249

ASCII text

Zoia

d8e8fca2dc0f896fd7cb4cb0031ba249

ASCII text

editor.tcl

558c915fed454d85e1efc029f3208686

ASCII text

comtable.tcl

afff7a89aed67051e80ea94928a2cb71

ASCII text

log.Apr-24-09:28:06

839b22d4d1d041c5c59e71adaf23d5a9

ASCII text

log.Apr-24-09:41:54

d41d8cd98f00b204e9800998ecf8427e

log.Apr-24-09:23:46

839b22d4d1d041c5c59e71adaf23d5a9

ASCII text

log.Apr-24-09:22:11

d41d8cd98f00b204e9800998ecf8427e

log.Apr-24-09:29:11

839b22d4d1d041c5c59e71adaf23d5a9

ASCII text

user

ff81083845212f8040bb73790e671ece

ASCII text

cmdgo.tcl

13489a276a1df86812b9b676d6edf6f5

ASCII text

cmdshout.tcl

f10f0e312b43ca515ae860393a453166

ASCII text

cmdsay.tcl

4dfa9293060b31e973db25890dfe089a

ASCII text

startup

f3fdffa64c958ebadcd5e37f17793951

C shell script, ASCII text executable

cmdtell.tcl

fe9202dd97a760f9530c8a3bea8e482e

ASCII text

zen.tcl

9041f0b4369d1187a57b106902b59955

ASCII text

room.dat

026cd5eb551defe2f235a7d3c4e45e5f

ASCII text

question

247ad6ab0280698c9c503735651df67b

Non-ISO extended-ASCII text

cmdusers.tcl

3ce2588e43023afa86adf2d512628403

ASCII text

comeditor.tcl

92cc9d2955e490d72618f00b0ad9ab6b

ASCII text

reboot

d41d8cd98f00b204e9800998ecf8427e

cmdtop.tcl

79d5a91c22cccd4630f28181765f8c95

ASCII text

cmdga.tcl

56feb4b32e428b6a9dc66ed417f85be5

ASCII text

room.tcl

81178f5a8eb46678329d322d159fa99f

ASCII text

cmdqui.tcl

de27e13ce80969e92a25782603429073

ASCII text

cmdcommands.tcl

a0aa87c681a4a7cea1a2e678bc7bad8c

ASCII text

crappotalk.png

cf86fb0589d45d820659946e784aee18

PNG image data, 150 x 145, 8-bit/color RGBA, non-interlaced

output

204d70aead53b8fe6614533341fb702c

Non-ISO extended-ASCII text, with LF, NEL line terminators

index.shtml

2e8d20f29857fe8146f11c1d5b149a3e

HTML document, ASCII text

user.ps

135912111d0dbfb5fd97a478c0238aa0

PostScript document text conforming DSC level 2.0

cmdlook.tcl

6bb87dd3cd7375e27c1128590217927a

ASCII text

noun

64388393976cd929fde715728baadf32

ASCII text

cmdtcl.tcl

38c8533e54363b9af97da112bc2ebb4c

ASCII text

cmdtime.tcl

a7d72d4e48a2a58f56033402e61b76ed

ASCII text

mudftp.tcl

965832a1f8f21d16adecdf49896fb8e3

ASCII text

mantra

d63c8a7c358b43d04e59c1aea17f3c65

Non-ISO extended-ASCII text, with LF, NEL line terminators

cmdemote.tcl

c5731c05bda5d69d2a604b97736b2315

ASCII text

cmdwho.tcl

64f77b459ec55f69e6e92d9c23e2c744

ASCII text

README

036d42ab82939e47d59a4880ec38ac04

ASCII text

cmdshutdown.tcl

c12583df824a3eb7fcabe3d6a4f6d793

ASCII text

cmdquit.tcl

f7e35297e5436682f5dd16ee5a666d04

ASCII text

Makefile

4bb39e16927c185554b072ebcbd512ab

ASCII text

sixteen.c

0e133c5d039540c4142bdbe4f35a06ff

C source, ASCII text

2cbc39756d23d402b700bed0ac56b1c5

Bourne-Again shell script, ASCII text executable

README

a761cddd26d24f70f74c12a8ee7e39f3

ASCII text

tmd.c

dfbeb9915f24eb206d0af854b37d1bef

C source, ASCII text

readme.txt

b2db9f8f57c7f245c69fc3431feed47f

ASCII text

mobs.def

8c02946c5add0befbd256145faae23a3

ASCII text

mobs.idx

3a0b1a46812a5e21e1200816fc21803e

ASCII text

setup.README

cdbf8ddb416106d83bf25c81744860e8

ASCII text

rooms.def

ae85de482fd32c056d360412174345c5

ASCII text

smud.c

cbeb8a893f833b6938263cabc98ad5ac

C source, ASCII text

signals.adb

6e259095409ec470669ffe36c3a8601b

ASCII text

sockets-mud.adb

be2fa640bf403f29e1b24b27addc474e

ASCII text

sockets-mud.ads

9b32b6f567a2245b834eaa75292d9ef1

ASCII text

signals.ads

56c553409bcb542244b7dc2b479577bf

ASCII text

README.txt

f3e406ce1f38c4aaa20c1062b58baa60

ASCII text

tinyadamud.adb

f8fad2eb0a1fe2f834682f537edf04bf

ASCII text

db.py

b4acd47a667dbc0d21aac1325b331700

Python script, ASCII text executable

comm.pyc

ba882d9614334d57ea0e147bcb26472f

python 1.5 byte-compiled

pygmy.py

415d25aaaf3e2c9a5dd79c26f599f350

Python script, ASCII text executable

util.pyc

1d4c710953201f9b2d2b974a9308290c

python 1.5 byte-compiled

mkgz.py

2c500b588e1122ea21e33889b5fa7c3c

Python script, ASCII text executable

namespace.pyc

62646762a3ed60826ae72d4e9da5b60e

python 1.5 byte-compiled

counter%single

692fcd245cdecf9e66b01ef44aba5eac

data

counter.py

77836196e0e0eac45e29501b2ce42a0d

Python script, ASCII text executable

ftp_conn.py

3db3691aa4516a72a0ff42f5734a90ac

Python script, ASCII text executable

user_conn.py

44f477320bb44f72f756e95bf38e08fb

Python script, ASCII text executable

static%single

749882e6ab8fac1fb9009f5f94955c71

data

dynamic.py

e7958a93d2345eb72e043b45ab323b8a

Python script, ASCII text executable

conn.py

aa156870dac4d9d4a90a9ccfc223fc4f

Python script, ASCII text executable

config.py

7317ac2edf19ceafa520230e31c63d6c

Python script, ASCII text executable

dynamic%single

e430ad494bb601d1ffeb55993a082963

data

main.py

ee3b5144a4013495dcf7fecdf210974a

Python script, ASCII text executable

static.py

ecd288e0e7447516743d3a54948a625c

Python script, ASCII text executable

ftp_conn.py~

75cff7cad16b1cde5de0131da7d1865b

Python script, ASCII text executable

user_conn%1

f0e39731515aa84252526b4195b27a6b

data

main%single

9e0d020d8e00223bb919d72f2fd6dd89

data

player.py

d70d9dd58f8db710c63b405840520c9d

Python script, ASCII text executable

namespace.py

d2e84e8ade644462e39b686e1abcdae9

Python script, ASCII text executable

util.py

91d9c84c7b7c66664d30bc00dd488caf

Python script, ASCII text executable

comm.py

710420a16ecbce99baf4733547af24e4

Python script, ASCII text executable

data.gz

8c103f1ff20b690625557c255fb3b5b5

gzip compressed data, was "data", last modified: Mon Apr 24 23:18:58 2000, max compression

README

7103c4dcb062cf22ec651fe3429c617d

ASCII text

db.pyc

e92a4cd715c225d8aa0507fb0b5b0d2f

python 1.5 byte-compiled

COPYING

475adb736e4112384e97162f32b36340

ASCII text

mud.cpp

64b9bc900adc65174eadca530250179e

C++ source, ASCII text, with very long lines (492)

Makefile

fa54743b8c625340b6941b58b755b4bc

makefile script, ASCII text

README

535b6350c0fdcfd54304f619474a9d4f

ASCII text

docs.txt

d34d3fc379a887d9e50737a9cee7ce8d

ASCII text

Cmd_Look.class

0be6c56bcb98e0a9751554b9b62144cb

compiled Java class data, version 45.3

Cmd.class

8726541c38d142018c1e4456143c0e10

compiled Java class data, version 45.3

Msg.class

1032dfa44f2192e7b9507ed9d176904c

compiled Java class data, version 45.3

Cmd_Go.class

7179a8d5df8536d99f15a57501519fc8

compiled Java class data, version 45.3

Cmd_Emote.class

3df34211c779369e5e55b43ed678a447

compiled Java class data, version 45.3

MObj.class

e9de5cebd51fcf652f01cac8a7fdbc61

compiled Java class data, version 45.3

Cmd_Soul.class

8f2d7095cf80af11184dda6726eadc1f

compiled Java class data, version 45.3

Cmd_Gossip.class

05ed8d124794525f539f1bc7d8c285c0

compiled Java class data, version 45.3

MM.class

5192fe86f24d1771deae91e6346a7771

compiled Java class data, version 45.3

Cmd_Zap.class

abf0b2fd522101dae101a1f368784710

compiled Java class data, version 45.3

Cmd_Put.class

8076ea3f62d5f2e8bc87c88c95c72022

compiled Java class data, version 45.3

Cmd_Unlink.class

173d127b920d9c46d0d56fa787e8c20f

compiled Java class data, version 45.3

Squish.class

3f1ed2b48d2e000e1f7701cb22b97da0

compiled Java class data, version 45.3

Cmd_Say.class

efd90432ecaa0a9c23f1cd68a58c9ba3

compiled Java class data, version 45.3

Cmd_Tell.class

9179cb7096f32266bc60744fcb0dfbed

compiled Java class data, version 45.3

Cmd_Link.class

e8909281dc297a7e73acc4df7763c5e9

compiled Java class data, version 45.3

Cmd_Get.class

23626e92dd01c78c0b086d2add6bc5d9

compiled Java class data, version 45.3

MObj.java

4162adc586c0df8a08c4119bee727dd9

Perl5 module source, ASCII text

MM.java

cd32ae9fc6e8f120113bbd5541f4897c

Perl5 module source, ASCII text

seqANSI.bin

e2c34483fd51bf414c28d70f9b90d64c

zlib compressed data

mud.py

011a4161b5c6dc32196232fb07ca4861

Python script, ISO-8859 text executable, with CRLF line terminators

strings.bin

c9659e3390d2292f6e19ffee3e4a127e

zlib compressed data

map1.inf.bin

d95952261d7e5386e53357c50f81cf71

zlib compressed data

eqslot.bin

7b021b114cb0ce11a9611f64f829b0c1

zlib compressed data

cMap.c

b85b8f945ae9ccec8522e143b5c63f33

C source, ISO-8859 text, with CRLF line terminators

intro.bin

1c776f6865694f3bdefebe54c4a9bd3e

zlib compressed data

commands.bin

3bae96acc075497d36663d0dd86447d9

zlib compressed data

map1.bin

d39c9e6b3a921e1cf7f7642bc81846fa

zlib compressed data

cMap.so

1c03770eb7520c33ca48facb9ceafd27

ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV)

protoMUD.cc

3e5c4b9b26a10c67b958df8688afd077

C source, ASCII text

README.TXT

5f28d7caae4d2c3e12e55d762eb062e1

ASCII text

protoMUD

5230b796c2c0528200c57ccbc7c4826b

ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV)

fc.py

ee863c0c59495793fb5082b9af1ea7bd

Python script, ASCII text executable

passwd

87197eee20ac33ef0c1fa21f417508fe

zlib compressed data

cmds

290c94407341b0273360d8a6df5dfcc2

zlib compressed data

passwd

be08b5b622011a1f42a638c37367787f

zlib compressed data

cmds

34d39dd8f433cace84d22e03cfd35125

zlib compressed data

res

c51d02a466acfb4405b7501f11fedc37

zlib compressed data

room

472aa8b0e6c65aa0214d34232ab6f22e

zlib compressed data

res

48199553d74d445e6573b7e375e98351

zlib compressed data

room

182a2068f6b83a0177e7b1e5b4606040

zlib compressed data

fresnel.py

475326a98b318935555badde4570d618

Python script, ASCII text executable

fb.py

e061996a5216ac1efd2f44527a83e7c6

Python script, ASCII text executable

LICENSE

00be3d299d1fb8a1d1cc599e8c340658

ASCII text

FACS

713fb100e766a380caf8c3f58405cc76

ASCII text

CMDS

8cee9e38f0c0caac40afada4b1627494

ASCII text

BITS

20f4df230af91cd98e2e38373366e152

ASCII text

fx.py

c1e6c354898a4eafb08f42a182a29c06

Python script, ASCII text executable

ff.py

24695a6cb2e589f99c06dbb12605ce0d

Python script, ASCII text executable

README

3553941e55566f10f631856749a38f8f

ASCII text

mughi.cc

634685fb3ef005a9f6a71f633657a86a

C++ source, ASCII text

mug16.cc

8af355fbd9db9313852221fa20d52de4

C++ source, ASCII text

test.log

39b66dfeabc968b517984b3388671bfe

ASCII text

socket.c

93c52bdc84aa243d1d7ac629337bec40

C source, ASCII text

16.py

85ef2cfa234c8582952ac18ed7968713

Python script, ASCII text executable

Makefile

f7114fb896724eb0c842532ccae85132

ASCII text

util.c

7b5827b9b9450bebbe1715b118a70fc4

C source, ASCII text

db.c

9f7f4f0d15f5b8fd9bcff33b50b32d36

C source, ASCII text

macros.h

e28f2637d6457b590de13f4753c6296a

ASCII text

features.txt

c069e8caf5f1cb80e932f5108602f05c

ASCII text

ADVICE

40afd4dba1041dc78e7bd5a2ebcb57ee

ASCII text

stdh.h

140041ba6098a1f4b83f48bfdc3d3ce8

C source, ASCII text

main.c

a6e0c227c181cf633d139854ecd771b3

C source, ASCII text

structs.h

733f40901b02673c185a66f1cb096ee2

C source, ASCII text

io.c

6ae55ec9615edee9ff9be76412ca1730

C source, ASCII text

variables.h

d39e3caf9814e0dbf7e9528f11a1880f

ASCII text

typedefs.h

8921f27e84977ce81274496170d03404

ASCII text

README

ff03d4567828c2bcddc14c745f11e327

ASCII text

comm.c

8adb10ee0154c26502f3a74ff649dcfb

C source, ASCII text

Borlak

b480e0bbc44ecc1f0650988b699991b3

ASCII text, with CRLF, CR, LF line terminators

evt.py

7a67ce7772f2a975e9c3f3750c3c1155

Python script, ASCII text executable

mkdirs.py

3b34970b4d1713338b14b9fefbe9124c

Python script, ASCII text executable

event.txt

0a594d16aca55420c538fcfd8a93d7d9

ASCII text

obj.py

4fc29a4ef112adcd5cef283eee786ac1

Python script, ASCII text executable

7d82ab307dfc7068d1795ba1d0bebe3e

Python script, ASCII text executable

world.py

bbcd4103295af8f25aad5398f4a47132

Python script, ASCII text executable

player.py

cd38081debaa9f6920f5e2832e233a34

Python script, ASCII text executable

g.py

173a013fc720215df86c3770763afe0a

ASCII text

serenity.txt

5762f1fd8a7e708c7a071eccae0ab918

ASCII text

license.txt

01326364eb877c18eefffe24fff73669

ASCII text

seren.py

1959a29787b1c705e9ca616acf36a1a8

Python script, ASCII text executable

comm.py

fb91903dffe0db5713e94a3cdea1b159

Python script, ASCII text executable

cmds.py

cb83f37a919fa640df89bdc2d9a3b200

Python script, ASCII text executable

glad.c

d5648739ad1f20b3196bf58b65c8efea

C source, ASCII text

commands.c

f8814bd758410df440951a16e4da223f

ASCII text

glad.txt

77505d6ef467c2267ed66b56cb53af08

ASCII text

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	andreasen.org/misc/16k.zip	216.24.57.252	200 OK	406 kB
URL User Request GET HTTP/2 andreasen.org/misc/16k.zip IP 216.24.57.252:443 ASN #397273 RENDER Certificate IssuerLet's Encrypt Subjectandreasen.org Fingerprint65:6B:65:61:F9:AC:42:92:D5:BF:10:59:09:15:5D:43:29:D4:8E:40 ValidityFri, 03 May 2024 00:26:41 GMT - Thu, 01 Aug 2024 00:26:40 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 406 kB (406096 bytes) Hash 2bc575167f14ef8038bb4f99a1b90497 63e091355c5d055ef86ca8e40bead49019fcf653 29cefa0fc878c441ffa1b7fe7e1afb659cb1ec7a575cfd998db80f0b771b168f HTTP Headers `GET /misc/16k.zip HTTP/1.1 Host: andreasen.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 05 May 2024 06:58:27 GMT content-type: application/zip content-length: 406096 cf-ray: 87eed797ec8b5691-OSL cf-cache-status: DYNAMIC cache-control: public, max-age=0, s-maxage=300 etag: "2bc575167f14ef8038bb4f99a1b90497" last-modified: Wed, 23 Mar 2022 21:32:57 UTC strict-transport-security: max-age=9999999 vary: Accept-Encoding cache-tag: srv-c8tostnho1ko5ah3rbu0 cloudflare-cdn-cache-control: public, max-age=300 x-content-type-options: nosniff server: cloudflare alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

andreasen.org/misc/16k.zip

216.24.57.252

200 OK

406 kB

URL User Request GET HTTP/2
andreasen.org/misc/16k.zip
IP
216.24.57.252:443
ASN
#397273 RENDER

Certificate
IssuerLet's Encrypt
Subjectandreasen.org
Fingerprint65:6B:65:61:F9:AC:42:92:D5:BF:10:59:09:15:5D:43:29:D4:8E:40
ValidityFri, 03 May 2024 00:26:41 GMT - Thu, 01 Aug 2024 00:26:40 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
406 kB (406096 bytes)
Hash
2bc575167f14ef8038bb4f99a1b90497
63e091355c5d055ef86ca8e40bead49019fcf653
29cefa0fc878c441ffa1b7fe7e1afb659cb1ec7a575cfd998db80f0b771b168f

HTTP Headers

GET /misc/16k.zip HTTP/1.1
Host: andreasen.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 06:58:27 GMT
content-type: application/zip
content-length: 406096
cf-ray: 87eed797ec8b5691-OSL
cf-cache-status: DYNAMIC
cache-control: public, max-age=0, s-maxage=300
etag: "2bc575167f14ef8038bb4f99a1b90497"
last-modified: Wed, 23 Mar 2022 21:32:57 UTC
strict-transport-security: max-age=9999999
vary: Accept-Encoding
cache-tag: srv-c8tostnho1ko5ah3rbu0
cloudflare-cdn-cache-control: public, max-age=300
x-content-type-options: nosniff
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (182)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers