Report - noniandjim.com/Jim/MusicStudio/MusicStudioUtils.zip

Report Overview

Submitted URL
noniandjim.com/Jim/MusicStudio/MusicStudioUtils.zip
IP
66.96.149.32
ASN
#29873 BIZLAND-SD
Submitted
2024-04-25 09:48:25
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
noniandjim.com	unknown	2006-03-29	2017-06-06	2021-01-27	505 B	1.5 MB	66.96.149.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
noniandjim.com/Jim/MusicStudio/MusicStudioUtils.zip
IP
66.96.149.32
ASN
#29873 BIZLAND-SD

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
1.5 MB (1470324 bytes)
Hash
d21574e7df8aacfd0644f5e9306135f1
d5f1f57eb260969984f36b277ee84d6fabba179b
537774a5c8148f2c3fbf960b6d22a836049843104e762e91b16e955680e20c62

Archive (126)

Filename

Md5

File type

PPAUSE.S

cbfe6d507ced146bd039e6fbfbec1080

assembler source, ASCII text, with CRLF line terminators

SONGDUMP.C

1d78563d5deeead900206ede003d68f5

C source, ASCII text, with CRLF line terminators

SONGDUMP.DOC

3fb80e6987a414259676faab9f5f0134

DigiTrekker DTM Module

SONGTRAN.C

a09812720b064a2689c7e7ce28624c26

C source, ASCII text, with CRLF line terminators

bucket.cpp

c9f9e10432dd2542a423cb8a24d12474

C source, ASCII text, with CRLF line terminators

bucket.h

32316328e7ef91c0d5fddeb0f6145695

C source, ASCII text, with CRLF line terminators

bucket.obj

4ce08482cc1a0fe11c6dc114722ff386

Intel 80386 COFF object file, not stripped, 21 sections, symbol offset=0x1154, 135 symbols, created Tue Feb 22 01:00:21 2011, 1st section name ".drectve"

main.obj

8a9b20f16f09d57f74c1937edcf05010

Intel 80386 COFF object file, not stripped, 21 sections, symbol offset=0x1281, 127 symbols, created Tue Feb 22 01:03:55 2011, 1st section name ".drectve"

msfile1.exe

83c679fd7887ccb285d2d0748a6809c9

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

msfile1.ilk

f6e8ec3fda0d503486757ebaaf02393d

data

msfile1.pch

b3cc73d81ba23c347fa72cfd161f8864

data

msfile1.pdb

e031b737d256124b4de143d10bc34e76

MSVC program database ver 2.00, 1024*521 bytes

MSplay.obj

6a4a909ef8a815f406fbad75e6a8fa3c

Intel 80386 COFF object file, not stripped, 73 sections, symbol offset=0x4a88, 464 symbols, created Mon Feb 21 23:01:09 2011, 1st section name ".drectve"

o.txt

6b8804f3aa3165bf4a46034c618175cc

ASCII text, with CRLF line terminators

vc60.idb

68d17363cd88a5de2c7cbda601a2ade8

MSVC program database ver 2.00, 1024*49 bytes

vc60.pdb

5dee837cd1dbb1ab461ac2590c9b6983

MSVC program database ver 2.00, 4096*13 bytes

HASH.C

20839599c14e5acaf32b4f95d8109606

C source, ASCII text, with CRLF line terminators

HASH.H

1ad942312aa075148a8a8bab1ff9f792

C source, ASCII text, with CRLF line terminators

main.cpp

97b9417b7c0a88e774e55eb4d4c5adfa

C source, ASCII text, with CRLF line terminators

msfile1.dsp

ef30dc6b8fdfc3c52927a98dac01b787

ASCII text, with very long lines (362), with CRLF line terminators

msfile1.dsw

d22d8f66b016684688588bddf329899a

ASCII text, with CRLF line terminators

msfile1.ncb

d8d234a154a7db11ad27b406f5614384

MSVC program database ver 2.00, 1024*57 bytes

msfile1.opt

611138c66079fb357b5e419cc50aad78

Composite Document File V2 Document, Cannot read section info

msfile1.plg

9547e1fe70b0c43e35b180c9a0247363

HTML document, ASCII text, with very long lines (411), with CRLF line terminators

MSplay.cpp

09e85c4f8e808af151b6fe0d4ec7d35f

C source, ASCII text, with CRLF line terminators

MSplay.h

4c58767a719befd1b4cd91f9705d3222

C source, ASCII text, with CRLF line terminators

bucket.cpp

c9f9e10432dd2542a423cb8a24d12474

C source, ASCII text, with CRLF line terminators

bucket.h

32316328e7ef91c0d5fddeb0f6145695

C source, ASCII text, with CRLF line terminators

bucket.obj

961ea8c8ff9145e45f3b1c3c8f03e272

Intel 80386 COFF object file, not stripped, 21 sections, symbol offset=0x1154, 139 symbols, created Fri Jul 31 18:12:22 2015, 1st section name ".drectve"

LABAMBA.SNG

8fc782285e26e5d072ee5e15c7b44150

data

main.obj

c7a91f6b0d8c5c38d3c1a14ec54991d1

Intel 80386 COFF object file, not stripped, 15 sections, symbol offset=0xdde, 89 symbols, created Sat Aug 1 04:23:36 2015, 1st section name ".drectve"

MBD.SNG

25f8520131824f6e209612fd072ea9cc

data

mbd.txt

7da4ddf4256e805d1e2b92c848da2b58

ISO-8859 text, with CRLF line terminators

MNICMNDY.SNG

3628961e684892bd8fe48d282e4d7c0c

data

MONDAY2V.SNG

d956c866ada7c243b77b4730176420b0

data

msfile2.exe

72593b43c9aac0e7128a0b1c94263aaf

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

msfile2.ilk

1a3245f44d45b51af39a16ee9a96e790

data

msfile2.pch

d9ea3649cf7ce92304c4f6386eabd6f1

data

msfile2.pdb

b6bb5b1514ee32cd8583f21b690399af

MSVC program database ver 2.00, 1024*537 bytes

MSplay.obj

27a2de6b3f281eb05a1385d638796e0c

Intel 80386 COFF object file, not stripped, 159 sections, symbol offset=0x78b5, 864 symbols, created Sat Aug 1 04:32:39 2015, 1st section name ".drectve"

MSTRPZZA.SNG

dbcd78c0f801a65d530356f17c8f2dee

data

MYSTERY.SNG

63dcc83637cee955227fdc3fd581fac4

data

o.txt

d381acce119b3f3a98b1f5776a8c8b33

ASCII text, with CRLF line terminators

ONTHGDY.SNG

aba5ef40db3fa8d5afbf5d64882aae4c

data

PRELUDE.SNG

ef219f6e59266b0b11c3a1a366d98a0e

data

REQUIEM.SNG

d5b091ce02038a57d85e9f4487e6f146

data

RHAPBLUE.SNG

ae2caf1584e78c93d0cccab355941afe

data

SLEEVE.SNG

acded86b2f4a43e5c85dacee034ac705

data

songs.sng

879a67ddd5f757f8e5c789a191a2eb32

ASCII text, with CRLF line terminators

STAR1.SNG

0d1dc77c12f7b61f267e99734cbd1a84

data

STARSPAN.SNG

cb4360a0af54f8df4852d2642f3e7ba9

data

STARTREK.SNG

aa0f689eb87caa0ecde021e4f077ae58

data

TDREAMS.SNG

7981ec1afa1debaf732985cfd409e6e1

data

TESTSLVE.SNG

450a41c360cb43ee07f342338c261b7e

data

TIMESTRM.SNG

49a0eaf5c48d015df21efdffc3ce1859

data

vc60.idb

a8e0f2ef921616fc8d25e976b6365f14

MSVC program database ver 2.00, 1024*41 bytes

vc60.pdb

325ccd491905b11cbf58abcfcb99c0ec

MSVC program database ver 2.00, 4096*13 bytes

WALTZ.SNG

68335b8a35d76497b52aba9ba10d6b62

data

WIERD.SNG

11f3cccec3e01e741b9a68f41664b130

data

ZCOMP.SNG

fd414413a9a2d5c798b5c5b7b58f639a

data

ZSTREAM.SNG

454bcf97c328db6dde035a7b4d38a9aa

data

ZTIME.SNG

e8120c55e2ce0daa4302f07957f71334

data

ZTMSTREM.SNG

4ff7453679d66570fb8a41178982a11a

data

entdump.txt

e98a8490a08d417e83998d29c10c229d

ASCII text, with CRLF line terminators

entertain.txt

454c3f923835c630817f44d07d0026bf

ASCII text, with CRLF line terminators

ENTERTAN.SNG

a59031e852921502fe4f9675a3b58835

data

main.cpp

ae148e2df47679eb4832647b9f917a99

C source, ASCII text, with CRLF line terminators

msfile2.dsp

dfe822a9ab4898a047e5149c06a859db

ASCII text, with very long lines (361), with CRLF line terminators

msfile2.dsw

f170aa5792355cb4644e685563b3b722

ASCII text, with CRLF line terminators

msfile2.exe

43d15088931402893f92d90310d71e37

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

msfile2.ilk

d942ffbd5b15a53bf6a5e804dbe8288d

data

msfile2.ncb

f1d6f1482c73062b870f831416dbe04e

MSVC program database ver 2.00, 1024*97 bytes

msfile2.opt

94e3f3a9a846a3924a587cf5d4e4080c

Composite Document File V2 Document, Cannot read section info

msfile2.pdb

dd64063ed356a787e223ce329c3b68c0

MSVC program database ver 2.00, 1024*545 bytes

msfile2.plg

5952f3d2b3f6814e8f7d470e6f6e272b

HTML document, ASCII text, with very long lines (399), with CRLF line terminators

MSplay.cpp

e139e4aecef7ef641e1ce37a28eba008

C source, ASCII text, with CRLF line terminators

MSplay.h

5c6a48c8a9602eb2810648426eae53d0

C source, ASCII text, with CRLF line terminators

PRELUDE.SNG

ef219f6e59266b0b11c3a1a366d98a0e

data

bucket.obj

a495b5957cc65ad3cccab3029d531342

Intel 80386 COFF object file, not stripped, 19 sections, symbol offset=0x560, 54 symbols, created Wed Mar 2 22:54:59 2011, 1st section name ".drectve"

main.obj

07b19426af3443b49d4494797c1559c9

Intel 80386 COFF object file, not stripped, 7 sections, symbol offset=0x398, 37 symbols, created Wed Mar 2 22:54:59 2011, 1st section name ".drectve"

msfile2.pch

f4f86b7de381598085484159fb55f44b

data

MSplay.obj

f98ddac3e68766f075719747b99a2e36

Intel 80386 COFF object file, not stripped, 110 sections, symbol offset=0x288d, 350 symbols, created Wed Mar 2 22:57:24 2011, 1st section name ".drectve"

vc60.idb

9fc21116d58ee091844f86f9e83f3bc9

MSVC program database ver 2.00, 1024*33 bytes

RHAPBLUE.SNG

ae2caf1584e78c93d0cccab355941afe

data

rhapblue.txt

249db7ec28a09040f177a079ed8e3e9c

ASCII text, with CRLF line terminators

SLEEVE.SNG

acded86b2f4a43e5c85dacee034ac705

data

sleeve.txt

49146a27e2e1debe99076d74658e80ce

ASCII text, with CRLF line terminators

e.txt

1b53131bf569c3675ecdb560cf713a77

ASCII text, with CRLF line terminators

ENTERTAN.SNG

a59031e852921502fe4f9675a3b58835

data

main.obj

9ad6b09a0d15175061316517ca2d8a16

Intel 80386 COFF object file, not stripped, 9 sections, symbol offset=0x865, 53 symbols, created Mon Feb 21 04:34:21 2011, 1st section name ".drectve"

MSfile.exe

343c0800790a12558812a35cdba72cb5

PE32 executable (console) Intel 80386, for MS Windows, 5 sections

MSfile.ilk

fdb276efb9ef412877971e9e2ca0a116

data

MSfile.pch

61f32ead2bd7084de2f12c082ba746ae

data

MSfile.pdb

1c6eb68a1fba7753174e1d3de2e85e30

MSVC program database ver 2.00, 1024*529 bytes

MSplay.obj

78698251f127177161b05f3d3dd37cc6

Intel 80386 COFF object file, not stripped, 73 sections, symbol offset=0x4a80, 460 symbols, created Mon Feb 21 19:03:26 2011, 1st section name ".drectve"

out.txt

cfb035d0d09f6e8e507db3162ef4daa8

ASCII text, with CRLF line terminators

PRELUDE.SNG

ef219f6e59266b0b11c3a1a366d98a0e

data

vc60.idb

d31af9ae1c467789258b26a72d329433

MSVC program database ver 2.00, 1024*41 bytes

vc60.pdb

8fce5e6f654fbe6a828cfa1ffc8e9fb2

MSVC program database ver 2.00, 4096*13 bytes

ENTERTAN.SNG

a59031e852921502fe4f9675a3b58835

data

main.cpp

0123e417c7efd64105143dd24e186aab

C source, ASCII text, with CRLF line terminators

MSfile.dsp

0b122989ac5bb3080f11c844e0e7acc1

ASCII text, with very long lines (362), with CRLF line terminators

MSfile.dsw

2ee84f057536fd23f15dc6d08a4a31c8

ASCII text, with CRLF line terminators

MSfile.ncb

b9538e6b1f53171277c879dd2863b199

MSVC program database ver 2.00, 1024*65 bytes

MSfile.opt

42c841b2bc31b07ccfb92029f0821d7a

Composite Document File V2 Document, Cannot read section info

MSfile.plg

1a6aae4fb6a45b84bc170c1a03588e1c

HTML document, ASCII text, with very long lines (409), with CRLF line terminators

MSplay.cpp

09e85c4f8e808af151b6fe0d4ec7d35f

C source, ASCII text, with CRLF line terminators

MSplay.h

4c58767a719befd1b4cd91f9705d3222

C source, ASCII text, with CRLF line terminators

PRELUDE.SNG

ef219f6e59266b0b11c3a1a366d98a0e

data

AMYMSP.C

7d9a2b09b58f2c61b8914c572153bdde

C source, ASCII text, with CRLF line terminators

GLOBAL.H

c36c49a726f3bda3fd756b2fc9ea25f8

ASCII text, with CRLF line terminators

IRQHNDLR.C

30067846fc5321814d4e5b4dcfeebff1

C source, ASCII text, with CRLF line terminators

MIDI.H

08fa45c1f94d6f93aaf425f39f12476f

C source, ASCII text, with CRLF line terminators

MIDI1.C

39f6c0875d594ca048bef10c863a8b58

C source, ASCII text, with CRLF line terminators

MYMSP.DEF

091d595d1c6dca7ed4f34dc4619fb1eb

data

MYMSP.H

daf6b2b9e88eb2354c128d56758d7acc

C source, ASCII text, with CRLF line terminators

MYMSP.RSC

7f00657c30a0d828c003219bac28f441

data

MYMSPAC.ACC

494ce2105bbbe0ab20f574c516a9535d

Atari ST M68K contiguous executable (txt=27636, dat=2860, bss=9438, sym=0)

MYMSPAC.LNK

762b17f1899b371c78c50c0a2c9beb77

data

MYMSPRSC.C

708728000fa26b9f53ba8ed0f1d9f1a9

ASCII text, with CRLF line terminators

P.CMD

f9bab0aa10b9e109103295dfe61ce17d

ASCII text, with CRLF line terminators

PARSE.C

a1da77dda14f092d71d1c46a18ae4b1b

C source, ASCII text, with CRLF line terminators

PARSE.S

d3f1f8fb8843dac54f4eee15cf1bc1aa

assembler source, ASCII text, with CRLF line terminators

PLAY.C

3258e3824b63797879bbae3fc3ebc52c

C source, ASCII text, with CRLF line terminators

PLAYASM.C

3258e3824b63797879bbae3fc3ebc52c

C source, ASCII text, with CRLF line terminators

README.TXT

00c761185e28e4c0d5b1a3324df3bc34

ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
VirusTotal	suspicious	VirusTotal - Scan result 2/61

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

noniandjim.com/Jim/MusicStudio/MusicStudioUtils.zip

66.96.149.32

200 OK

1.5 MB

URL User Request GET HTTP/1.1
noniandjim.com/Jim/MusicStudio/MusicStudioUtils.zip
IP
66.96.149.32:443
ASN
#29873 BIZLAND-SD

Certificate
IssuerLet's Encrypt
Subject*.noniandjim.com
Fingerprint39:12:9E:C9:28:0F:15:BE:A8:76:87:5E:7E:88:07:0C:0B:31:2F:63
ValidityMon, 25 Mar 2024 08:26:06 GMT - Sun, 23 Jun 2024 08:26:05 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
1.5 MB (1470324 bytes)
Hash
d21574e7df8aacfd0644f5e9306135f1
d5f1f57eb260969984f36b277ee84d6fabba179b
537774a5c8148f2c3fbf960b6d22a836049843104e762e91b16e955680e20c62

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 2/61

HTTP Headers

GET /Jim/MusicStudio/MusicStudioUtils.zip HTTP/1.1
Host: noniandjim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 09:47:55 GMT
Content-Type: application/zip
Content-Length: 1470324
Connection: keep-alive
Server: Apache
Accept-Ranges: bytes
Age: 0

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (126)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers