Report - www.scuzzstuff.org/oe_cake/oecake_win.zip

Report Overview

Submitted URL
www.scuzzstuff.org/oe_cake/oecake_win.zip
IP
65.254.227.240
ASN
#29873 BIZLAND-SD
Submitted
2024-04-25 00:55:00
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.scuzzstuff.org	unknown	2005-03-16	2013-07-03	2018-10-28	495 B	4.5 MB	65.254.227.240

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.scuzzstuff.org/oe_cake/oecake_win.zip
IP
65.254.227.240
ASN
#29873 BIZLAND-SD

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
4.5 MB (4481141 bytes)
Hash
1cfaef4dad1535466082122f91394bc2
85dc087d8f6654ab66594e9d67c17283cd7491dc
13065d8b78104e64c522a2b1ccac5523593fc983a8e8893b171a67dfcd642ace

Archive (69)

Filename

Md5

File type

OE-CAKE!�w��v.chm

320eb72599a3bca791b4499dce81e469

MS Windows HtmlHelp Data

aquarium.oec

1a25a571503c22f58a9342472706f88d

ASCII text, with CRLF line terminators

fly.oec

8a9ee34e74277de956d989db54b506bd

ASCII text, with CRLF line terminators

cambrian.oec

8004f2928e1981aca3f84cc2682f6b7e

ASCII text

centipede.oec

b0e806c324e579d11f7db7d6080d0cb4

ASCII text, with CRLF line terminators

car.oec

402ce77569d15a4be8f2d653be6b390d

ASCII text

spider.oec

a73cfc75f9d039335cf4fd0b9e6bc80c

ASCII text, with CRLF line terminators

dango.oec

6b9f0691770e2456b3cb8f0ae58d56de

ASCII text

pinball.oec

9cc3ef885257ce06313b9c29d355193e

ASCII text, with CRLF line terminators

bullet.oec

331863daaeb1870a429406257a84d871

ASCII text

dragon.oec

3007b7edf82c298fd2e4c57ab8aeb0a8

ASCII text

cannon.oec

d054937cd7be37f29daa1f1456f6a45a

ASCII text

drink.oec

07672a7036333956f718b4280448ed1d

ASCII text

cycle.oec

a07271fc73f7ba54879fe372c872657f

ASCII text

duck.oec

7b318e032b9431ad0d3a3efa68e31b4d

ASCII text

doll.oec

9c51a5d4513c7afca7d3c65d3a30655e

ASCII text

duck.tiff

383ad4ff8eaaea0c3845b5d52ef7c988

TIFF image data, big-endian, direntries=22, height=256, bps=4, compression=none, PhotometricInterpretation=RGB, description= , manufacturer=NIKON, model=E2100, orientation=upper-left, width=256

domino2.oec

b4742ca0d9b3c2397d1c1365218ab195

ASCII text

chameleon.oec

ffff33dfa39723f8c2fbd054aa7e8996

ASCII text

gear.oec

409525b9a508dab6caa11e8d2e755992

ASCII text

egg.oec

a23b14249eb7b8a09e86368870b3e717

ASCII text

gohan.oec

23dd6c382bc3e3a806f67b5f7b4e6f11

ASCII text

maruo.oec

26154e16ca3a8717dae38ed07b6d3598

ASCII text

house.oec

7a4d5ee6b1762e207489d9d2cf2b5b85

ASCII text

maze.oec

73a620bdfd00cdffaed72e272accc2db

ASCII text

kettle.oec

986b5678c9fbef9d14ae1456cf54278e

ASCII text

mochi2.oec

25d416ecb361e5127b7d316661d57c36

ASCII text

kuma.tiff

36e9e12e51daacaa47de50d646f42f8b

TIFF image data, big-endian, direntries=16, height=256, bps=4, compression=none, PhotometricInterpretation=RGB, orientation=upper-left, width=256

neko2.oec

c4201cc6f7695a4ca4a67ebe5ef0fcac

ASCII text

marionette.oec

09af368f53f396d2d761bfe76821c230

ASCII text

mochitori.oec

55172d385112ccff1b2fa06cdde08c04

ASCII text

mikan.tiff

5df8e62adb6965d5d373c9487c39799c

TIFF image data, big-endian, direntries=22, height=256, bps=4, compression=none, PhotometricInterpretation=RGB, description= , manufacturer=NIKON, model=E2100, orientation=upper-left, width=256

neko_a.tiff

796bf71d29e2491ea287abd3c17d2a9e

TIFF image data, big-endian, direntries=22, height=128, bps=1, compression=none, PhotometricInterpretation=RGB, description= , manufacturer=RICOH , model=Caplio R4 , orientation=upper-left, width=128

neko_b.tiff

96f76f04c48cd81a38d74cb11231d707

TIFF image data, big-endian, direntries=22, height=128, bps=1, compression=none, PhotometricInterpretation=RGB, description= , manufacturer=RICOH , model=Caplio R4 , orientation=upper-left, width=128

neko_c.tiff

89eaa47a7ebacfdfc137a475262d1bef

TIFF image data, big-endian, direntries=22, height=128, bps=1, compression=none, PhotometricInterpretation=RGB, description= , manufacturer=RICOH , model=Caplio R4 , orientation=upper-left, width=128

buildings.png

698bdda4383ff31d86461ffe54dba1ad

PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced

pudding.oec

a99536e971dedcf4615c21965db607be

ASCII text

hamburger.oec

c86b2af5329a30867b6525cd9c0908c4

ASCII text

pudding.tiff

bebc30d039b3b3b2c6e803e0eb51ba39

TIFF image data, big-endian, direntries=22, height=256, bps=4, compression=none, PhotometricInterpretation=RGB, manufacturer=RICOH , model=Caplio R4 , orientation=upper-left, width=256

hourglass.oec

073d9db2083c0dbcd9bdeacf26b18512

ASCII text

onsen.oec

1e0d7c6ade8c26867e8c1bc2cbe2bec5

ASCII text

rinse.oec

6f453daba486d4db2dfe86250f0e30a6

ASCII text

rain2.oec

dfda0f5875599cb76d384fc5ab100626

ASCII text

sea.tiff

86f753156282c6061c8e1725a65922b8

TIFF image data, big-endian, direntries=22, height=128, bps=0, compression=none, PhotometricInterpretation=RGB, description= , manufacturer=NIKON, model=E2100, orientation=upper-left, width=128

sky.bmp

668ed164ba9344b1ce5137f928e5d4de

PC bitmap, Windows 3.x format, 256 x -256 x 24, resolution 2835 x 2835 px/m, cbSize 196662, bits offset 54

ship.oec

533499da8c00818e42423d5c7cbecaf0

ASCII text

tower.oec

b672b1302055426e7893b3ce1d639b78

ASCII text

sisiodosi2.oec

71e7d1803e990b3beda461bf1205b575

ASCII text

skrik.oec

bfaf21d350e218252a37148634643dac

ASCII text

woods.tiff

b621a4d72730dad51afe7d271971f7e6

TIFF image data, big-endian, direntries=22, height=128, bps=0, compression=none, PhotometricInterpretation=RGB, description= , manufacturer=NIKON, model=E2100, orientation=upper-left, width=128

skrik_bg.tiff

5286328b751488c803c261ac75fd28a2

TIFF image data, big-endian, direntries=15, height=256, bps=3, compression=none, PhotometricInterpretation=RGB, orientation=upper-left, width=256

twilight.tiff

dfa169553e64440a0c155ba8c0f8bcc0

TIFF image data, big-endian, direntries=22, height=128, bps=0, compression=none, PhotometricInterpretation=RGB, description= , manufacturer=NIKON, model=E2100, orientation=upper-left, width=128

skrik_man.tiff

b63e4a947c8d4230853d74b55755e2a9

TIFF image data, big-endian, direntries=16, height=256, bps=2, compression=none, PhotometricInterpretation=RGB, orientation=upper-left, width=128

action.oec

8ba0b8059d7c9f45806c366a9ddd7d0e

ASCII text

stream.oec

1c2faaf7df865cbefcb428acbdbeeabd

ASCII text

animal.oec

d68d483f3990aed15aaf0d79c573e544

ASCII text

tile.tiff

dd47b63e51ec6f6f5917c4178d569554

TIFF image data, big-endian, direntries=22, height=128, bps=0, compression=none, PhotometricInterpretation=RGB, description= , manufacturer=RICOH , model=Caplio R4 , orientation=upper-left, width=128

bomb.oec

ed124ffdd4a2f2ac889993c9dc9434e0

ASCII text

unko.oec

a6024497b4b8c125c81f9a58ce13debf

ASCII text

wagashi.tiff

49a0962457ed9bad87eb5b60b5dd607e

TIFF image data, big-endian, direntries=22, height=256, bps=4, compression=none, PhotometricInterpretation=RGB, manufacturer=RICOH , model=Caplio R4 , orientation=upper-left, width=256

glew32.dll

a39dbd473034b13da00bfb49ff0ae43c

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections

mfc80.dll

1b7524806d0270b81360c63a2fa047cb

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

mfc80u.dll

ccc2e312486ae6b80970211da472268b

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

mfcm80.dll

c84e4ece0d210489738b2f0adb2723e8

PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 4 sections

mfcm80u.dll

ddad68e160c58d22b49ff039bb9b6751

PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 4 sections

Microsoft.VC80.MFC.manifest

97b859f11538bbe20f17dfb9c0979a1c

XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (504), with CRLF line terminators

OE-CAKE!�g�p��_��.pdf

a6edc54cbbabd8e659454d269714ff0b

PDF document, version 1.5, 1 pages (zip deflate encoded)

�n�߂ɂ��ǂ݂��.txt

edc356dd671a8964dc3404c19074eab2

Non-ISO extended-ASCII text, with CRLF, NEL line terminators

OECake.exe

37bd9b3bf38eb39df83d6e85af1c85ad

PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.scuzzstuff.org/oe_cake/oecake_win.zip

65.254.227.240

200 OK

4.5 MB

URL User Request GET HTTP/1.1
www.scuzzstuff.org/oe_cake/oecake_win.zip
IP
65.254.227.240:443
ASN
#29873 BIZLAND-SD

Certificate
IssuerLet's Encrypt
Subject*.scuzzstuff.org
Fingerprint18:52:74:D2:0E:A8:92:71:13:DF:16:2F:23:46:88:A8:BC:CC:EA:8B
ValiditySat, 23 Mar 2024 07:21:20 GMT - Fri, 21 Jun 2024 07:21:19 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
4.5 MB (4481141 bytes)
Hash
1cfaef4dad1535466082122f91394bc2
85dc087d8f6654ab66594e9d67c17283cd7491dc
13065d8b78104e64c522a2b1ccac5523593fc983a8e8893b171a67dfcd642ace

HTTP Headers

GET /oe_cake/oecake_win.zip HTTP/1.1
Host: www.scuzzstuff.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 00:54:32 GMT
Content-Type: application/zip
Content-Length: 4481141
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 07 May 2008 17:02:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "446075-44ca6eeffcb1e"
Expires: Thu, 25 Apr 2024 04:54:32 GMT
Age: 0