Report - nirvtek.com/downloads/2TheRRedline.zip

Report Overview

Submitted URL
nirvtek.com/downloads/2TheRRedline.zip
IP
192.64.117.188
ASN
#22612 NAMECHEAP-NET
Submitted
2024-05-04 15:37:16
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nirvtek.com	unknown	2012-01-05	2015-03-12	2024-01-18	492 B	16 MB	192.64.117.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
nirvtek.com/downloads/2TheRRedline.zip
IP
192.64.117.188
ASN
#22612 NAMECHEAP-NET

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
16 MB (16174176 bytes)
Hash
472b6907b16a9f524d65a93c89bef33e
053d0debbe26a3b1b4c6ab7b56dd202e94b1d0f5
1363968ca3a926900eb3796a29ade4b5a8d09038875c2ee519a1218958cb4ee2

Archive (246)

Filename

Md5

File type

aa_tjesc.xm

b1dddc432e4af34c413ee2f8db0c393b

Fasttracker II module sound data Title: "The Jungle Escape FastTracker v2.00 "

artifact.xm

13c145a4dc2555314dc5bfe4ff7c1d4d

Fasttracker II module sound data Title: "The Artifact FastTracker v2.00 "

beginnin.xm

1e012adbdb4fa06006b496ffc7966e36

Fasttracker II module sound data Title: " FastTracker v2.00 "

citadel.xm

3f55bab3c01728c87663f5c155a50572

Fasttracker II module sound data Title: " FastTracker v2.00 "

DumpPaletted.test

6d7876435e56f404d97361389c15ba13

data

MIDAS11.DLL

58b9557c524e3ed3e6f81d651d0753f5

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 6 sections

nCubed.exe

9a646b3c5154914b44812ee9af3a8137

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

nCubed_data_0000.asm

bbb0cb6d99eb51d59dc84b15c9b7deab

ASCII text, with CRLF line terminators

nCubed_idata.asm

b87839146b3ffda97149982646ab0449

ASCII text, with CRLF line terminators

nCubed_rdata.asm

dad924f26802d6b83cf6a35b2fae6ca6

ASCII text, with CRLF line terminators

nCubed_text_0000.asm

14a3246b183bd0f0777a3942cef8391e

ASCII text, with CRLF line terminators

nCubed_text_0000.dis

c88ffccc1285aa832d9ada47a0b94e37

ASCII text, with very long lines (340), with CRLF line terminators

nCubed_text_0001.asm

c09d239ea7d5ec2986f7e64574dd912b

ASCII text, with CRLF line terminators

nCubed_text_0001.dis

fc2952957dc91443555561c4aea87cd7

ASCII text, with CRLF line terminators

readme.txt

b4a4a32571653c135aaac04920840219

ASCII text, with CRLF line terminators

Rendition.cfg

b8cd341d17f9972d427b21977ba24480

ASCII text, with CRLF line terminators

aa_tjesc.xm

b1dddc432e4af34c413ee2f8db0c393b

Fasttracker II module sound data Title: "The Jungle Escape FastTracker v2.00 "

MIDAS11.DLL

58b9557c524e3ed3e6f81d651d0753f5

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 6 sections

nfinal.exe

b1633ffb05613a023f1bef4d27917f7f

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

readme.txt

114aa7ac5f35dc885433c152704f6972

ASCII text, with CRLF line terminators

eyeball.bmp

575a9c9eafcb6f99296187d9628287dd

PC bitmap, Windows 3.x format, 64 x 64 x 24, image size 12288, cbSize 12342, bits offset 54

license.txt

1de88c80ac6423fd7a8981457e72c6f5

Non-ISO extended-ASCII text, with CRLF line terminators

R3.bat

2a6cc1e68010b2a0e73416ad437da5cc

ASCII text, with CRLF line terminators

R3.EXE

e097f59dc217c64bf080b99856c1b206

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

readme.txt

c55fe47bc80b319bab09b651128ab915

Non-ISO extended-ASCII text, with CRLF line terminators

Rendition.cfg

67f47680c665eab68f89f0eb9e1ff447

ASCII text, with CRLF line terminators

RSXNT.DLL

f42a803b3d9c02c95bc107fae049cdb8

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

stars.bmp

e133738efadadd2b8b02ea59982e3b89

PC bitmap, Windows 3.x format, 256 x 256 x 24, image size 196608, cbSize 196662, bits offset 54

CREDIT.BMP

94565998ca1a2fb64b3cd1d83b3ded64

PC bitmap, Windows 3.x format, 384 x 32 x 24, image size 36864, cbSize 36918, bits offset 54

FACE.BMP

a792ced180d7abfafd0950733dfe5010

PC bitmap, Windows 3.x format, 128 x 224 x 24, image size 86016, cbSize 86070, bits offset 54

GOLD.BMP

e79b651a81b3558e7f508384c23d174a

PC bitmap, Windows 3.x format, 128 x 128 x 24, image size 49152, cbSize 49206, bits offset 54

LAUGH.WAV

fc4ca6e2ad0ac9f74bc8da3ad81bef8d

RIFF (little-endian) data, WAVE audio, Microsoft ADPCM, mono 22050 Hz

LENS1.BMP

d613097d52ba6416bba1d499724c5bd5

PC bitmap, Windows 3.x format, 64 x 64 x 24, image size 12288, cbSize 12342, bits offset 54

LENS2.BMP

473e0454dc722fa42614984bff3db4d4

PC bitmap, Windows 3.x format, 64 x 64 x 24, image size 12288, cbSize 12342, bits offset 54

LENS3.BMP

b04a0f76e57af85c0e90978a486c8994

PC bitmap, Windows 3.x format, 32 x 32 x 24, image size 3072, cbSize 3126, bits offset 54

LENS4.BMP

121d624f071452f0545c889ab4bdac6c

PC bitmap, Windows 3.x format, 32 x 32 x 24, image size 3072, cbSize 3126, bits offset 54

LICENSE.DOC

efdd15f65aba2ae960427484f40c7243

Composite Document File V2 Document, Little Endian, Os: Windows, Version 4.0, Code page: 1252, Title: R3 License Agreement, Author: Chris Lundie, Template: Normal.dot, Last Saved By: Chris Lundie, Revision Number: 7, Name of Creating Application: Microsoft Word 8.0, Total Editing Time: 09:00, Create Time/Date: Wed Apr 22 06:52:00 1998, Last Saved Time/Date: Wed Apr 22 07:06:00 1998, Number of Pages: 1, Number of Words: 557, Number of Characters: 3179, Security: 0

LICENSE.TXT

1de88c80ac6423fd7a8981457e72c6f5

Non-ISO extended-ASCII text, with CRLF line terminators

R3-2.EXE

b27669dbfecd79c55811f449736624ee

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

R3.MID

efccb609845a637e0b00ced58a1b70b9

Standard MIDI data (format 1) using 14 tracks at 1/480

README.DOC

9a67a37bdf8c9339edd0bff8dd33bd4d

Composite Document File V2 Document, Little Endian, Os: Windows, Version 4.0, Code page: 1252, Title: R3 README, Author: Chris Lundie, Template: Normal.dot, Last Saved By: Chris Lundie, Revision Number: 14, Name of Creating Application: Microsoft Word 8.0, Total Editing Time: 20:00, Create Time/Date: Fri May 1 23:51:00 1998, Last Saved Time/Date: Sat May 9 01:25:00 1998, Number of Pages: 1, Number of Words: 423, Number of Characters: 2414, Security: 0

README.TXT

ecc0a417b11da8f85164c42622e08208

ISO-8859 text, with CRLF line terminators

RESIST.WAV

f7a4153da82c5e9793aad5e92d2217bd

RIFF (little-endian) data, WAVE audio, Microsoft ADPCM, mono 22050 Hz

RSXNT.DLL

f42a803b3d9c02c95bc107fae049cdb8

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections

SPLASH.WAV

c5826c339d31c2a0251244ddd1fe87e4

RIFF (little-endian) data, WAVE audio, Microsoft ADPCM, stereo 22050 Hz

STARS.BMP

e133738efadadd2b8b02ea59982e3b89

PC bitmap, Windows 3.x format, 256 x 256 x 24, image size 196608, cbSize 196662, bits offset 54

agony.bmp

1b1b9e7da6a0c31b4fb5275d2b3ccb9f

PC bitmap, Windows 3.x format, 256 x 256 x 24, resolution 2834 x 2834 px/m, cbSize 196664, bits offset 54

AKKA.DAT

590b18c98bbca395c54202b8764930bc

data

BLADES.DAT

1a674550cad430b6c110253a30cf5a1f

data

kivi.bmp

d9fc4fccd8846e95c3397bf120040d6a

PC bitmap, Windows 3.x format, 128 x 128 x 24, resolution 2834 x 2834 px/m, cbSize 49208, bits offset 54

OLUT.DAT

bfa9e8edac725b67d80480458bb07879

OpenPGP Public Key

OUTO.DAT

8ece3be9702b80fdb14c470648c500d6

data

phong.bmp

b4d3e4dd374f0884ad6b54212b2bb70b

PC bitmap, Windows 3.x format, 128 x 128 x 24, resolution 2834 x 2834 px/m, cbSize 49208, bits offset 54

Readme.txt

8b52cea25c5899a533e3d6d356e2fced

ASCII text, with CRLF line terminators

Readme_new.txt

c82ff65b09dffedd409f0110d83fb544

ASCII text, with CRLF line terminators

RRBench.exe

99179f857fd7732a18ebba13a98cd90a

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

RRBench.txt

6bb06234a8640ece76ad7c494d003b9e

ISO-8859 text, with CRLF line terminators

RRBench_No_Sync.exe

de6182c85dfc6cfc418225283564cb46

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

RRBench_User_Sync.exe

d2faaebb112a712b6ac93b72e46de690

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

talo.BMP

abbc3bcd03735b7989cca5a4ff95b8ba

PC bitmap, Windows 3.x format, 256 x 256 x 24, resolution 2834 x 2834 px/m, cbSize 196664, bits offset 54

trice2.dat

c3daeb2352566c97856ef43599b19286

data

valob.bmp

632b1d4c3ff79602ca789b0674f9ca75

PC bitmap, Windows 3.x format, 128 x 128 x 24, resolution 2834 x 2834 px/m, cbSize 49208, bits offset 54

Bumpall.bmp

b2adbdbec0dc9c85bf74e0be981c7337

PC bitmap, Windows 3.x format, 256 x 512 x 24, resolution 2834 x 2834 px/m, cbSize 393272, bits offset 54

car7.dat

932efe260ff356027cc5a682518d0f0c

MIPSEB-LE MIPS-III ECOFF executable not stripped - version 66.97

carall2.BMP

bc971ed1e9538729e7ff670e7767564b

PC bitmap, Windows 3.x format, 512 x 512 x 24, resolution 2834 x 2834 px/m, cbSize 786488, bits offset 54

car_base.dat

36ea5ee3e9dc4916c79efa2ef9e8fb67

data

d1.mod

da4d1a5d687aff6ae517c369a9661800

4-channel Protracker module sound data Title: "divinealku"

d3.mod

2a5a4ecdb3edd76f8206d6d5aa8ff210

4-channel Protracker module sound data Title: "lost"

Dark.BMP

28f2b025aaf9149eea4dc7ef42b93011

PC bitmap, Windows 3.x format, 640 x 480 x 24, resolution 2834 x 2834 px/m, cbSize 921656, bits offset 54

Dump512x512.r5g6b5

3fac41921e1d285fc92f841411bbdfcf

data

Keiju.BMP

41ca22f479344670dda03f0238319aab

PC bitmap, Windows 3.x format, 640 x 480 x 24, resolution 2834 x 2834 px/m, cbSize 921656, bits offset 54

kuva.dat

835f161d472a38ea208e24ad113e3437

data

Matomies.BMP

779aacf4ca292622042cf9dfcdfe086e

PC bitmap, Windows 3.x format, 640 x 480 x 24, resolution 2834 x 2834 px/m, cbSize 921656, bits offset 54

naama.dat

25225ddc281474431dfa530025a53eee

data

readme.txt

7052454ca6f8770f9089627a267a8136

ASCII text, with CRLF line terminators

Rendition.cfg

5de8ba7a82916fe3bd215b34d4946d2f

ASCII text, with CRLF line terminators

rride4.dat

71e423edfb4b7f90f2974b17f45fce6a

data

RRide_music.exe

29c9a95159711769f029edecb82ed10e

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

RRide_nomusic.exe

19f76266b2706799205b5f575abf0876

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

taivas.dat

c5a7595043918bb8438aa7c34a1d8ac1

data

teksti.bmp

0796e0a4aeeba454abc1401772d19c38

PC bitmap, Windows 3.x format, 128 x 512 x 24, image size 196608, resolution 3790 x 3800 px/m, cbSize 196662, bits offset 54

Bump2.bmp

fec1a034175cef9d155c3fc3ce56e1c7

PC bitmap, Windows 3.x format, 254 x 256 x 24, resolution 2834 x 2834 px/m, cbSize 195640, bits offset 54

Bump3.bmp

989c509aaf5d5ebcd8f111df6d955023

PC bitmap, Windows 3.x format, 253 x 255 x 24, resolution 2834 x 2834 px/m, cbSize 193856, bits offset 54

Bumpall.bmp

b2adbdbec0dc9c85bf74e0be981c7337

PC bitmap, Windows 3.x format, 256 x 512 x 24, resolution 2834 x 2834 px/m, cbSize 393272, bits offset 54

car7.dat

932efe260ff356027cc5a682518d0f0c

MIPSEB-LE MIPS-III ECOFF executable not stripped - version 66.97

carall3.BMP

db8b5a8ecc252c501d337e884422b845

PC bitmap, Windows 3.x format, 512 x 512 x 24, resolution 2834 x 2834 px/m, cbSize 786488, bits offset 54

d1.mod

da4d1a5d687aff6ae517c369a9661800

4-channel Protracker module sound data Title: "divinealku"

d2.mod

2f106f247214e241b7c44dfd6623291e

4-channel Protracker module sound data Title: "mod.divineloppu"

Dark.BMP

28f2b025aaf9149eea4dc7ef42b93011

PC bitmap, Windows 3.x format, 640 x 480 x 24, resolution 2834 x 2834 px/m, cbSize 921656, bits offset 54

Keiju.BMP

41ca22f479344670dda03f0238319aab

PC bitmap, Windows 3.x format, 640 x 480 x 24, resolution 2834 x 2834 px/m, cbSize 921656, bits offset 54

kuva.dat

835f161d472a38ea208e24ad113e3437

data

Matomies.BMP

779aacf4ca292622042cf9dfcdfe086e

PC bitmap, Windows 3.x format, 640 x 480 x 24, resolution 2834 x 2834 px/m, cbSize 921656, bits offset 54

midas11.dll

588c306ddfd10c958a0714c4392afdf4

PE32 executable (DLL) (console) Intel 80386, for MS Windows, 6 sections

midas_license.txt

3b43d8b14f5ff270129527b983e718c8

ASCII text

naama.dat

25225ddc281474431dfa530025a53eee

data

piikki2.dat

7c99bd75878705ca12551a11dbc21f1b

data

readme.txt

075eed7db36ae8409264d7c3a47c062a

ASCII text, with CRLF line terminators

readme_v3.txt

76d2b13e9f264b11a227187fb1845446

ASCII text, with CRLF line terminators

RRide3_music.exe

8cfc2782bcfb78f0d358bc87fb87ac71

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

RRide3_nomusic.exe

b18535b5b7f96ef13ba4a1a9a02e1723

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

rride4.dat

71e423edfb4b7f90f2974b17f45fce6a

data

RRide_music2.5.exe

6072578fe1d88c3b4f4a23ab2191f467

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

RRide_nomusic2.5.exe

361164057fa5a2f221014835c15d8c2c

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

stone3.bmp

278ae816264b3e5fca0bd60259f4df53

PC bitmap, Windows 3.x format, 640 x 480 x 24, resolution 2834 x 2834 px/m, cbSize 921656, bits offset 54

taivas.dat

c5a7595043918bb8438aa7c34a1d8ac1

data

teksti.bmp

0796e0a4aeeba454abc1401772d19c38

PC bitmap, Windows 3.x format, 128 x 512 x 24, image size 196608, resolution 3790 x 3800 px/m, cbSize 196662, bits offset 54

lotta.bmp

f282596492e24ce3aa16695d7ef576cb

PC bitmap, Windows 3.x format, 400 x 550 x 24, image size 660000, resolution 2952 x 2952 px/m, cbSize 660014, bits offset 54

Polar.bmp

11235697ec1c029c89344316dda692ef

PC bitmap, Windows 3.x format, 640 x 480 x 24, image size 921600, resolution 5905 x 5905 px/m, cbSize 921614, bits offset 54

ps.msh

bdaa63f321f257356071351b7f82636b

ASCII text, with CRLF line terminators

readme.txt

6a9d3fb523d1f059775bcb60e10c37f1

ASCII text, with CRLF line terminators

rend1.msh

e460f65bbd9dc06787f16a68715ca521

ASCII text, with CRLF line terminators

rend2.msh

8dcba9233ecc248d1eb94af38cf0ca22

ASCII text, with CRLF line terminators

rend3.msh

bcdf5146f54327d0103b17acb652764a

ASCII text, with CRLF line terminators

rend4.msh

b3844e7f0faeda1692e165e542a47f04

ASCII text, with CRLF line terminators

rend5.msh

9d5eddc4c016c831fb0c6bcd0c916259

ASCII text, with CRLF line terminators

rend6.msh

962ecc7a128f03727d38b377f8d04809

ASCII text, with CRLF line terminators

rlogo.bmp

ddede271e1c9dc217df0964676492ba4

PC bitmap, Windows 3.x format, 256 x 256 x 24, image size 196608, cbSize 196662, bits offset 54

rlogo_i.bmp

b5a5b400583e7fcd0aa62c74258c572b

PC bitmap, Windows 3.x format, 256 x 256 x 24, image size 196608, resolution 2952 x 2952 px/m, cbSize 196622, bits offset 54

scenery.bmp

03ba8d29a5d33b1dbe913ea797147cde

PC bitmap, Windows 3.x format, 128 x 128 x 24, image size 49152, cbSize 49206, bits offset 54

Seal.bmp

ecce98049a49e36649f48ca5ec552fb0

PC bitmap, Windows 3.x format, 640 x 480 x 24, image size 921600, resolution 5905 x 5905 px/m, cbSize 921614, bits offset 54

Texture.400.550.id10.rgb

ab09a54122976189735767f06f8b3e9a

data

Texture.400.550.id2.rgb

d79c5dc7b24c45733634b45ba3ac2089

data

Texture.400.550.id3.rgb

c88e67e8d77f22fd2472bd1154de7bfc

data

Texture.400.550.id5.rgb

137ea16a9f7ce53959e1add819887a42

data

Texture.400.550.id6.rgb

6662bebbd7fea108f12966ca65d8fa8e

PC bitmap, Windows 3.x format, 400 x 550 x 24, image size 660000, resolution 2952 x 2952 px/m, cbSize 660014, bits offset 54

Texture.400.550.id7.rgb

d149099cfa28fa2e9999d1b222920530

data

Texture.400.550.id8.rgb

571321c464e216bbad8c36fa685998a6

data

Texture.400.550.id9.rgb

0f31c59dfad7a07735e7e68038634d56

data

verite.bmp

dcadb3391b49ba5769330a47177d01af

PC bitmap, Windows 3.x format, 256 x 256 x 24, resolution 2834 x 2834 px/m, cbSize 196664, bits offset 54

verite_i.bmp

51faf9907278ee90a49f9584fd947617

PC bitmap, Windows 3.x format, 256 x 256 x 24, image size 196608, resolution 2834 x 2834 px/m, cbSize 196622, bits offset 54

vsize.exe

5102537ffb9d732dece9b69d732124da

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

README.HTML

d0e3d059094c08bad1d327bd18532e2a

HTML document, ASCII text, with very long lines (700), with CRLF line terminators

readme.txt

d503bd016f3f3a19e67219b08fec168d

ASCII text, with CRLF line terminators

Rendition.cfg

06e738ceca1f3f31f86ce12703fb6bd2

ASCII text, with CRLF line terminators

rrmorph.exe

16e18be6bd3e532a9fb50c6bd6b9d474

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

rrmorph_console.exe

62ad4beb9935a3e30c4d7efcaa6c8bb0

PE32 executable (console) Intel 80386, for MS Windows, 4 sections

rrmorph_fullscreen.exe

7fb4bbb74559493e04a689be2cac05f1

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

us.jpg

f81fd83f8dbe5961573b11d3c9517549

JPEG image data, JFIF standard 1.00, aspect ratio, density 150x150, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 383x265, components 3

vsize.exe

5102537ffb9d732dece9b69d732124da

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

000000.MOD

67a1650ce42005d9f80428d6a45cf802

4-channel Protracker module sound data Title: "00.00.00"

BACKDRP.PLG

9f2d7e019716415bccffc34e791f2723

ASCII text, with CRLF line terminators

BOX.PLG

a3a925932d8313ffcac11043ad327909

ASCII text, with CRLF line terminators

Box2.plg

d59c8ac26d0a88c6ea7cbedc8431d9a7

ASCII text, with CRLF line terminators

CAR.PLG

c64e51a1d5814a55a9a337fc3e7daf30

ASCII text, with CRLF line terminators

cool.out

f46cabf1735fd652cbb7c3cca03c3b0d

ASCII text, with CRLF line terminators

cool.plg

67a62373d94a5a9e588cc358db04c722

ASCII text, with CRLF line terminators

dj.bmp

dc31fe801a2ff012ea51ba3d4ba7beb5

PC bitmap, Windows 3.x format, 256 x 256 x 24, image size 196608, resolution 2808 x 2808 px/m, cbSize 196662, bits offset 54

font.pcx

34da0283f3b5eb6b32dfca07e0b2b8d9

ASCII text, with CRLF line terminators

FPLANE.PLG

7becdac1b1958a0a4bb242abcc564b9e

ASCII text, with CRLF line terminators

FREAKY.PLG

6d83217ee1d64c93177a2a8e71b22a4f

ASCII text, with CRLF line terminators

FSHIP.PLG

b89ffeba45163483dfbd7de47f74e104

ASCII text, with CRLF line terminators

object.plg

3648759d3c1b0d76d23fef7e2276c616

ASCII text, with CRLF line terminators

PCUBE.PLG

7d06fb897b73ad362358e1bedfeb21fb

ASCII text, with CRLF line terminators

PLANE.PLG

6108ca426de16e5a6e014ae449c24507

ASCII text, with CRLF line terminators

PRY.PLG

cce6326d3f905fd1b94a718e63c340ca

ASCII text, with CRLF line terminators

readme.txt

f48c4f0cd317163bddc03dba88423955

ASCII text, with CRLF line terminators

Rendition.cfg

bb44f8ba2bd54b9bcbaff90f33befd40

ASCII text, with CRLF line terminators

SHIP.PLG

dc027238948607fda8a8d313d913be45

ASCII text, with CRLF line terminators

tdhdemo.exe

8bf6fb507faad2593daef0ffd561b57b

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

TEST.PLG

d38b936c0fe6f46e69430773f882cc6e

ASCII text, with CRLF line terminators

title.bmp

71ff470af3a4f7d2015994cc47cdbd47

PC bitmap, Windows 3.x format, 256 x 256 x 24, image size 196608, cbSize 196662, bits offset 54

water.BMP

243379149efc4849312d345d08b2bc3b

PC bitmap, Windows 3.x format, 256 x 256 x 24, resolution 2834 x 2834 px/m, cbSize 196664, bits offset 54

BCWDEF.CSM

c167718e3fd3cbedc386c2f97fa27f01

data

Demo.cpp

c29a71339bbea6171a300c9052774d05

C source, ASCII text, with CRLF line terminators

DEMO.DEF

31b5c940ea82eb96ebb1a0fa0adada8c

ASCII text, with CRLF line terminators

Demo.exe

013dd569016df59d7780a5132ea68c17

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

Demo.ilk

0f4534c6930e802b6b4e5bac34cf7893

data

Demo.mak

ba91480780af57b63b1db6febff240e4

ASCII text, with CRLF line terminators

Demo.mdp

18d15c5713b3f8510799546de0d34428

data

Demo.ncb

6a3532d31519acfe7c6b24ff9cf62481

MSVC program database ver 2.00, 1024*41 bytes

Demo.obj

347cfa0ecaf98a2c603a89802db8ecd0

Intel 80386 COFF object file, not stripped, 5 sections, symbol offset=0x21aa, 60 symbols, created Thu Apr 16 01:19:07 1998, 1st section name ".drectve"

Demo.pch

da4a1bb5e629f60761b59d03fa424c81

data

Demo.pdb

b6f505322c99711572dde79c2c726e45

MSVC program database ver 2.00, 1024*353 bytes

MCIMIDAS.DRV

34e762b8b39b6ab765a15e410aba90c1

MS-DOS executable, NE for MS Windows 3.x (3.10) (DLL or font)

ncb

660ff4851f85e87c8ff870e9ba60bb02

MSVC program database ver 2.00, 1024*33 bytes

OEMSETUP.INF

84a2e69af8d325b138e5ae9e43165c05

data

README.WRI

1dc922c421b362f4a69a18c29d08871f

Microsoft Write 3.0 (Windows) Document, 314 pages, MIDAS for Windows 1.03�

Shortcut to Demo.exe.lnk

169c33a58bbd8550b4b9fcc3298265c3

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Tue Mar 31 12:26:44 1998, mtime=Tue Mar 31 07:00:00 1998, atime=Thu Apr 16 04:19:12 1998, length=71168, window=hide

TECHNOLO.MOD

552fe4f457ea4aa79158bce53a4ca9ce

4-channel Protracker module sound data Title: "technology"

vc40.idb

4dc6d59c5d2feb1fd6deea48e9d271c6

MSVC program database ver 2.00, 1024*105 bytes

vc40.pdb

62d1db4f8b32d0429840a5aed75adb0f

MSVC program database ver 2.00, 4096*13 bytes

000000.MOD

67a1650ce42005d9f80428d6a45cf802

4-channel Protracker module sound data Title: "00.00.00"

BACKDRP.PLG

9f2d7e019716415bccffc34e791f2723

ASCII text, with CRLF line terminators

BOX.PLG

a3a925932d8313ffcac11043ad327909

ASCII text, with CRLF line terminators

Box2.plg

d59c8ac26d0a88c6ea7cbedc8431d9a7

ASCII text, with CRLF line terminators

CAR.PLG

c64e51a1d5814a55a9a337fc3e7daf30

ASCII text, with CRLF line terminators

cool.plg

67a62373d94a5a9e588cc358db04c722

ASCII text, with CRLF line terminators

dj.bmp

dc31fe801a2ff012ea51ba3d4ba7beb5

PC bitmap, Windows 3.x format, 256 x 256 x 24, image size 196608, resolution 2808 x 2808 px/m, cbSize 196662, bits offset 54

font.pcx

34da0283f3b5eb6b32dfca07e0b2b8d9

ASCII text, with CRLF line terminators

FPLANE.PLG

7becdac1b1958a0a4bb242abcc564b9e

ASCII text, with CRLF line terminators

FREAKY.PLG

6d83217ee1d64c93177a2a8e71b22a4f

ASCII text, with CRLF line terminators

FSHIP.PLG

b89ffeba45163483dfbd7de47f74e104

ASCII text, with CRLF line terminators

object.plg

3648759d3c1b0d76d23fef7e2276c616

ASCII text, with CRLF line terminators

PCUBE.PLG

7d06fb897b73ad362358e1bedfeb21fb

ASCII text, with CRLF line terminators

PLANE.PLG

6108ca426de16e5a6e014ae449c24507

ASCII text, with CRLF line terminators

PRY.PLG

cce6326d3f905fd1b94a718e63c340ca

ASCII text, with CRLF line terminators

readme.txt

a6262a4bb41480a2f202108d075c05e9

ASCII text, with CRLF line terminators

SHIP.PLG

dc027238948607fda8a8d313d913be45

ASCII text, with CRLF line terminators

tdhdemo2.exe

6396a24dfb95fffdcdc389c097af3ec4

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

title.bmp

71ff470af3a4f7d2015994cc47cdbd47

PC bitmap, Windows 3.x format, 256 x 256 x 24, image size 196608, cbSize 196662, bits offset 54

water.BMP

243379149efc4849312d345d08b2bc3b

PC bitmap, Windows 3.x format, 256 x 256 x 24, resolution 2834 x 2834 px/m, cbSize 196664, bits offset 54

BCWDEF.CSM

c167718e3fd3cbedc386c2f97fa27f01

data

Demo.cpp

c29a71339bbea6171a300c9052774d05

C source, ASCII text, with CRLF line terminators

DEMO.DEF

31b5c940ea82eb96ebb1a0fa0adada8c

ASCII text, with CRLF line terminators

Demo.exe

013dd569016df59d7780a5132ea68c17

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

Demo.ilk

0f4534c6930e802b6b4e5bac34cf7893

data

Demo.mak

ba91480780af57b63b1db6febff240e4

ASCII text, with CRLF line terminators

Demo.mdp

18d15c5713b3f8510799546de0d34428

data

Demo.ncb

6a3532d31519acfe7c6b24ff9cf62481

MSVC program database ver 2.00, 1024*41 bytes

Demo.obj

347cfa0ecaf98a2c603a89802db8ecd0

Intel 80386 COFF object file, not stripped, 5 sections, symbol offset=0x21aa, 60 symbols, created Thu Apr 16 01:19:07 1998, 1st section name ".drectve"

Demo.pch

da4a1bb5e629f60761b59d03fa424c81

data

Demo.pdb

b6f505322c99711572dde79c2c726e45

MSVC program database ver 2.00, 1024*353 bytes

MCIMIDAS.DRV

34e762b8b39b6ab765a15e410aba90c1

MS-DOS executable, NE for MS Windows 3.x (3.10) (DLL or font)

ncb

660ff4851f85e87c8ff870e9ba60bb02

MSVC program database ver 2.00, 1024*33 bytes

OEMSETUP.INF

84a2e69af8d325b138e5ae9e43165c05

data

README.WRI

1dc922c421b362f4a69a18c29d08871f

Microsoft Write 3.0 (Windows) Document, 314 pages, MIDAS for Windows 1.03�

Shortcut to Demo.exe.lnk

313ad725f1919d2d16bc7a306ca2dfc3

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Sun Apr 12 23:32:50 1998, mtime=Sun Apr 12 04:00:00 1998, atime=Sun Apr 12 23:32:50 1998, length=52078, window=hide

TECHNOLO.MOD

552fe4f457ea4aa79158bce53a4ca9ce

4-channel Protracker module sound data Title: "technology"

vc40.idb

4dc6d59c5d2feb1fd6deea48e9d271c6

MSVC program database ver 2.00, 1024*105 bytes

vc40.pdb

62d1db4f8b32d0429840a5aed75adb0f

MSVC program database ver 2.00, 4096*13 bytes

readme.txt

c3f8289c9394295098fb5f73459c5996

ASCII text, with very long lines (697), with CRLF line terminators

Rendition.cfg

d2057bd07859c53db40fcf2e33fb297e

ASCII text, with CRLF line terminators

failure.wav

aba27d6c20c335181fc0595fa70901f6

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 24000 Hz

success.wav

9fd77f8f1df123c91beec575d91bfb45

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 24000 Hz

willtell.mid

30279b7ac6ec353605238f5fd2a2a9c1

Standard MIDI data (format 1) using 10 tracks at 1/192

tex01.txt

f9892679496240a20f8e2557908fb73d

ASCII text, with CRLF line terminators

words.txt

68b0ab19cfd669ba9f3ddc78d6eb87d2

ASCII text, with CRLF line terminators

drop.bmp

de557009c21e309fe4fd4e2537ecead6

PC bitmap, Windows 3.x format, 128 x 128 x 24, image size 49152, resolution 2834 x 2834 px/m, cbSize 49206, bits offset 54

glaze.bmp

7cca4c648a6e33cbaae30a6512c50529

PC bitmap, Windows 3.x format, 128 x 128 x 24, image size 49152, resolution 2834 x 2834 px/m, cbSize 49206, bits offset 54

haze.bmp

00aa9117c1d633d92f676cb519fa76c9

PC bitmap, Windows 3.x format, 128 x 128 x 24, image size 49152, resolution 2834 x 2834 px/m, cbSize 49206, bits offset 54

typin.exe

0de0f3069d6fcdbdc2e4c79ba0dac29b

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

cuber.ico

4e2be86ea03c42d5c9cbfca19522376e

MS Windows icon resource - 1 icon, 48x48

error.txt

deafe8d4a1a93d7889a75bd3fe3d5a51

ASCII text, with CRLF line terminators

readme.txt

1a982d2a67a25683222f512d2a54c2b5

ASCII text, with very long lines (381), with CRLF line terminators

readme_orginal.txt

f5ca1282529ba87f8117e99e4d1f3b8a

ASCII text, with very long lines (697), with CRLF line terminators

Rendition.cfg

604f71c564a5f92072a25f73602fd851

ASCII text, with CRLF line terminators

failure.wav

aba27d6c20c335181fc0595fa70901f6

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 24000 Hz

success.wav

9fd77f8f1df123c91beec575d91bfb45

RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 24000 Hz

willtell.mid

30279b7ac6ec353605238f5fd2a2a9c1

Standard MIDI data (format 1) using 10 tracks at 1/192

tex01.txt

9447768fac23914ea29ddf74a3db16e1

ASCII text, with CRLF line terminators

words.txt

68b0ab19cfd669ba9f3ddc78d6eb87d2

ASCII text, with CRLF line terminators

drop02.bmp

cc2c29e27c6637664e07ef7143e76433

PC bitmap, Windows 3.x format, 128 x 128 x 24, image size 49152, resolution 2834 x 2834 px/m, cbSize 49206, bits offset 54

glaze.bmp

7cca4c648a6e33cbaae30a6512c50529

PC bitmap, Windows 3.x format, 128 x 128 x 24, image size 49152, resolution 2834 x 2834 px/m, cbSize 49206, bits offset 54

haze.bmp

00aa9117c1d633d92f676cb519fa76c9

PC bitmap, Windows 3.x format, 128 x 128 x 24, image size 49152, resolution 2834 x 2834 px/m, cbSize 49206, bits offset 54

panel.bmp

981885c7b0a07f782904a25b98a7fbff

PC bitmap, Windows 3.x format, 128 x 128 x 24, image size 49152, resolution 2834 x 2834 px/m, cbSize 49206, bits offset 54

typin.exe

20522fecdea3f5dbe11afb2c13fb530f

PE32 executable (GUI) Intel 80386, for MS Windows, 6 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
Public InfoSec YARA rules	malware	Identifies executable artefacts in shortcut (LNK) files.
Public InfoSec YARA rules	malware	Identifies executable artefacts in shortcut (LNK) files.

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	nirvtek.com/downloads/2TheRRedline.zip	192.64.117.188	200 OK	16 MB
URL User Request GET HTTP/2 nirvtek.com/downloads/2TheRRedline.zip IP 192.64.117.188:443 ASN #22612 NAMECHEAP-NET Certificate IssuerSectigo Limited Subjectnirvtek.com Fingerprint71:01:33:03:4A:43:15:94:BE:17:A9:6F:FA:D1:A0:1F:25:D5:16:C3 ValidityTue, 12 Sep 2023 00:00:00 GMT - Thu, 12 Sep 2024 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=store Size 16 MB (16174176 bytes) Hash 472b6907b16a9f524d65a93c89bef33e 053d0debbe26a3b1b4c6ab7b56dd202e94b1d0f5 1363968ca3a926900eb3796a29ade4b5a8d09038875c2ee519a1218958cb4ee2 HTTP Headers `GET /downloads/2TheRRedline.zip HTTP/1.1 Host: nirvtek.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/zip last-modified: Sat, 23 Mar 2024 13:03:11 GMT accept-ranges: bytes content-length: 16174176 date: Sat, 04 May 2024 15:36:43 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

nirvtek.com/downloads/2TheRRedline.zip

192.64.117.188

200 OK

16 MB

URL User Request GET HTTP/2
nirvtek.com/downloads/2TheRRedline.zip
IP
192.64.117.188:443
ASN
#22612 NAMECHEAP-NET

Certificate
IssuerSectigo Limited
Subjectnirvtek.com
Fingerprint71:01:33:03:4A:43:15:94:BE:17:A9:6F:FA:D1:A0:1F:25:D5:16:C3
ValidityTue, 12 Sep 2023 00:00:00 GMT - Thu, 12 Sep 2024 23:59:59 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
16 MB (16174176 bytes)
Hash
472b6907b16a9f524d65a93c89bef33e
053d0debbe26a3b1b4c6ab7b56dd202e94b1d0f5
1363968ca3a926900eb3796a29ade4b5a8d09038875c2ee519a1218958cb4ee2

HTTP Headers

GET /downloads/2TheRRedline.zip HTTP/1.1
Host: nirvtek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/zip
last-modified: Sat, 23 Mar 2024 13:03:11 GMT
accept-ranges: bytes
content-length: 16174176
date: Sat, 04 May 2024 15:36:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (246)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers