Report - www.apple2works.com/marklim/sciibinx.zip

Report Overview

Submitted URL
www.apple2works.com/marklim/sciibinx.zip
IP
129.121.31.190
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2024-04-24 17:02:48
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.apple2works.com	unknown	2020-06-10	2022-07-18	2023-09-02	410 B	462 kB	129.121.31.190

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.apple2works.com/marklim/sciibinx.zip
IP
129.121.31.190
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
461 kB (461390 bytes)
Hash
5c441ace91e44954c4799e6212a1aefa
d0b0ad54b1c2a3fa347eb85b76170a0cdab228b1
b2082da399b788a5211eb438ab18a90b2c3952f314c38b584e1973a8d4c4fb21

Archive (52)

Filename

Md5

File type

SCIIBinX

965d2fbc2b4b77f08af5cdab93b15a25

Mach-O universal binary with 3 architectures: [i386: - Mach-O i386 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|BINDS_TO_WEAK>] [ - ppc_7400: - Mach-O ppc_7400 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|BINDS_TO_WEAK>] [ - x86_64: - Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|BINDS_TO_WEAK>]

._SCIIBinX

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._MacOS

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

sciibin.icns

87c7e674de45365e0613fa7c3ededf74

Mac OS X icon, 189614 bytes, "is32" type

._sciibin.icns

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

MainMenu.nib

a82e8adddc3ba27184c68801623ffa1e

Apple binary property list

._MainMenu.nib

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

InfoPlist.strings

d72878bb656f235c73b049056cd30dba

Unicode text, UTF-16, big-endian text

._InfoPlist.strings

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

Credits.rtf

ad3adb53c0d60d6d7a8f325b45b348dc

Rich Text Format data, version 1, ANSI, code page 1252

._Credits.rtf

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

Readme.rtf

8d3c05c13de788b38f50fe60b51539f0

Rich Text Format data, version 1, ANSI, code page 1252

._Readme.rtf

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._English.lproj

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._Resources

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

SpotlightBSQ

50e2511bf06e07d8e1cddf00f58d348c

Mach-O universal binary with 3 architectures: [i386: - Mach-O i386 bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] [ - ppc_7400: - Mach-O ppc_7400 bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] [ - x86_64: - Mach-O 64-bit x86_64 bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>]

._SpotlightBSQ

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._MacOS

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

InfoPlist.strings

baa1ec5d7b2390ee9dd2b913be19fe2a

Unicode text, UTF-16, big-endian text

._InfoPlist.strings

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

schema.strings

2286f08ebdf85daac48e4f75496497a7

Unicode text, UTF-16, big-endian text

._schema.strings

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._English.lproj

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

schema.xml

dd784e6868b4dc678de401ca64ffb929

XML 1.0 document, ASCII text

._schema.xml

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._Resources

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

Info.plist

5c0add75ac7a13989eca345df1eb302f

XML 1.0 document, ASCII text

._Info.plist

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._Contents

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._SpotlightBSQ.mdimporter

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._Spotlight

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

QuickLookBSQ

7a3fbfd52fa79f04afae7ade22510367

Mach-O universal binary with 3 architectures: [i386: - Mach-O i386 bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] [ - ppc_7400: - Mach-O ppc_7400 bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>] [ - x86_64: - Mach-O 64-bit x86_64 bundle, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|WEAK_DEFINES|BINDS_TO_WEAK>]

._QuickLookBSQ

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._MacOS

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

sciibin.png

4bc7e660d5d80308f647519a489e7bd4

PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced

._sciibin.png

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

InfoPlist.strings

81801fbb5aea14bfe8767eb165dbfd8f

Unicode text, UTF-16, big-endian text

._InfoPlist.strings

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._English.lproj

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._Resources

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

Info.plist

56bbdc37da8d2cf99dd9a8e81d67d3af

XML 1.0 document, ASCII text

._Info.plist

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._Contents

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._QuickLookBSQ.qlgenerator

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._QuickLook

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._Library

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

Info.plist

9027d69229859de8ef1b3b7f1818e49c

XML 1.0 document, ASCII text

._Info.plist

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

PkgInfo

23b7d7d024abb0f558420e098800bf27

ASCII text, with no line terminators

._PkgInfo

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._Contents

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

._SCIIBinX.app

7961c1fc74ec39f5d3bd7bb2dcf6d155

AppleDouble encoded Macintosh file

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.apple2works.com/marklim/sciibinx.zip

129.121.31.190

200 OK

461 kB

URL User Request GET HTTP/1.1
www.apple2works.com/marklim/sciibinx.zip
IP
129.121.31.190:80
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
461 kB (461390 bytes)
Hash
5c441ace91e44954c4799e6212a1aefa
d0b0ad54b1c2a3fa347eb85b76170a0cdab228b1
b2082da399b788a5211eb438ab18a90b2c3952f314c38b584e1973a8d4c4fb21

HTTP Headers

GET /marklim/sciibinx.zip HTTP/1.1
Host: www.apple2works.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 17:02:23 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 30 Nov 2023 17:07:19 GMT
Accept-Ranges: bytes
Content-Length: 461390
Keep-Alive: timeout=5, max=75
Content-Type: application/zip