Report - www.cavestory.org/downloads/Org2Raw.zip

Report Overview

Submitted URL
www.cavestory.org/downloads/Org2Raw.zip
IP
209.97.144.249
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-05-10 22:35:32
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
3

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.cavestory.org	unknown	2008-08-05	2014-11-30	2022-10-19	493 B	715 kB	209.97.144.249

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.cavestory.org/downloads/Org2Raw.zip
IP
209.97.144.249
ASN
#14061 DIGITALOCEAN-ASN

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
715 kB (714812 bytes)
Hash
365f935f941c5cf08d3435b35858f78d
0c7a3729ec8da4b9bd7e3bf6a7a798ac1a284f08
608b667c95259156a2a212b498ddd1423a34160db2e6b6d13659586c7c01a0e2

Archive (22)

Filename

Md5

File type

Back.png

74ae5bd973f0f4db29cf930d84ec5298

PNG image data, 128 x 128, 8-bit colormap, non-interlaced

CuckyBy.png

7c7a9439304892525af0a1526983576b

PNG image data, 106 x 86, 8-bit/color RGBA, non-interlaced

CuckyDone.png

d6b2362ea4d7772a9ae8b2dc2348ca6c

PNG image data, 61 x 102, 8-bit/color RGBA, non-interlaced

CuckyExport.png

ae6d669de2eff26970f990d78218e837

PNG image data, 76 x 66, 8-bit/color RGBA, non-interlaced

CuckyLoops.png

971a5daac8fe61529c8c1310e74566ef

PNG image data, 76 x 66, 8-bit/color RGBA, non-interlaced

Loops.png

66061cc1fa50522e421092c18f51ddcf

PNG image data, 256 x 48, 8-bit/color RGBA, non-interlaced

Loops.png.0.pdnBak

163ebb2ba4a3b25b899fa6cbe2668180

PNG image data, 256 x 32, 8-bit/color RGBA, non-interlaced

ProgressBar.png

e71872af2dc419fae0f2daddc02a7ef2

PNG image data, 256 x 16, 8-bit/color RGB, non-interlaced

96.pxt

79efa09c3819794577afbfcba002e1a1

ASCII text, with CRLF line terminators

97.pxt

bb630eb142987cd4486ccaf612ad20bd

ASCII text, with CRLF line terminators

98.pxt

369ad7c73d586d195089a6ea7889b94a

ASCII text, with CRLF line terminators

99.pxt

37d161f3f8a725674f9ead895a8c7978

ASCII text, with CRLF line terminators

9A.pxt

422ab8b2e2b54827c987290bc61b22ea

ASCII text, with CRLF line terminators

9B.pxt

40df76875f11800f06b082a00efb739e

ASCII text, with CRLF line terminators

Tab.png

aaabac84ff1215c6ff5dd4f53af31f93

PNG image data, 440 x 48, 8-bit colormap, non-interlaced

TopBar.png

c8859cd0517421cc481eb1ea3a63aed8

PNG image data, 256 x 24, 8-bit colormap, non-interlaced

Wave100.dat

b6b071027cd39466c524fc095c0b9f8b

data

Org2Raw.exe

b20da74be2e89317f907780ae918ac89

PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections

SDL2.dll

7a5b9a8bf9ff9ef2eeee6077295bfc9f

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

SDL2_image.dll

210997d5f7fbf6b8ab229a27550312ee

PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

zlib1.dll

2106ff5041a95eded35009b133102e60

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 10 sections

libpng16-16.dll

64944736210c869eda743d236521d8e2

PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 9 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_stackstrings
VirusTotal	suspicious	VirusTotal - Scan result 1/62

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.cavestory.org/downloads/Org2Raw.zip

209.97.144.249

200 OK

715 kB

URL User Request GET HTTP/2
www.cavestory.org/downloads/Org2Raw.zip
IP
209.97.144.249:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectcavestory.org
FingerprintB9:5B:BB:72:0D:48:2E:E5:E6:69:65:5D:B9:F4:FD:72:3C:23:5B:F7
ValidityThu, 11 Apr 2024 11:57:14 GMT - Wed, 10 Jul 2024 11:57:13 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
715 kB (714812 bytes)
Hash
365f935f941c5cf08d3435b35858f78d
0c7a3729ec8da4b9bd7e3bf6a7a798ac1a284f08
608b667c95259156a2a212b498ddd1423a34160db2e6b6d13659586c7c01a0e2

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/62

HTTP Headers

GET /downloads/Org2Raw.zip HTTP/1.1
Host: www.cavestory.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 22:35:06 GMT
content-type: application/zip
content-length: 714812
last-modified: Sat, 20 Aug 2022 06:27:27 GMT
etag: "63007ecf-ae83c"
accept-ranges: bytes
X-Firefox-Spdy: h2