Report Overview
Submitted URL
cdn.gamesnostalgia.com/files/n/i/nil305431134s35873246913/ugh_dos_win.7z
IP
162.0.227.228
ASN
#22612 NAMECHEAP-NET
Submitted
2024-05-01 21:13:14
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
5
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
cdn.gamesnostalgia.com | unknown | 2008-02-27 | 2017-02-08 | 2023-09-29 | 526 B | 1.4 MB | 162.0.227.228 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
cdn.gamesnostalgia.com/files/n/i/nil305431134s35873246913/ugh_dos_win.7z
IP
162.0.227.228
ASN
#22612 NAMECHEAP-NET
File type
7-zip archive data, version 0.4
Size
1.4 MB (1444579 bytes)
Hash
f769eb23be123fcca69fd6ef6b6f4e65
81496091ca181d4efa6163f238f6cf289f2f4974
Archive (20)
Filename | Md5 | File type | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
dosbox.conf | cd15459d65ca1cf6fec1e2db3de19130 | ASCII text | |||||||||
dosbox_single.conf | bab8d270dc45665a21f9ec91ce1ed900 | ASCII text | |||||||||
README.txt | 56bd6427cca21be6dde9c53751271ef2 | ASCII text, with CRLF line terminators | |||||||||
Ugh.bat | fefc675dd9c801cc2e32f521fe609744 | ASCII text, with no line terminators | |||||||||
Ugh.lnk | be05bd7199f5473f70f5b4b48304ef23
| MS Windows shortcut, Item id list present, Points to a file or directory, Has command line arguments, Icon number=5, Archive, ctime=Sun Nov 21 03:23:55 2010, mtime=Sun Nov 21 03:23:55 2010, atime=Sun Nov 21 03:23:55 2010, length=345088, window=hide | |||||||||
donations.url | 27e7b006a99f7000a2bcd5d79ad295ae | MS Windows 95 Internet shortcut text (URL=<https://gamesnostalgia.com/donate>), ASCII text, with CRLF line terminators | |||||||||
gamesnostalgia.url | 55b2a219b9ecb70a50e90eee1ec4d51f | MS Windows 95 Internet shortcut text (URL=<https://gamesnostalgia.com/>), ASCII text, with CRLF line terminators | |||||||||
patreon.url | bce5b7754a3eeb1edac2feac5edac7c9 | MS Windows 95 Internet shortcut text (URL=<https://www.patreon.com/gamesnostalgia>), ASCII text, with CRLF line terminators | |||||||||
ugh!.hi | 0ad4fb0b392097339ead88c9f493fe51 | ISO-8859 text, with no line terminators | |||||||||
ugh!.pif | 9c08de4d80c67e85802e85f6c19d48c6 | Windows Program Information File for A:\UGH\UGH.EXE, directory=A:\UGH, icon=C:\WINDOWS\SYSTEM\PIFMGR.DLL | |||||||||
ugh.doc | 534febfa3810aa41d155e952daa55aab | ISO-8859 text, with CRLF line terminators | |||||||||
ugh.exe | 336f22a6f25da89aab70fb184c224c95 | MS-DOS executable, MZ for MS-DOS Self-extracting PKZIP archive | |||||||||
ugh.jpg | 6c5e93c7a81561fc6d438723ece5c2ba | JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x200, components 3 | |||||||||
ugh1.exe | 07fc3c18a0a37a3d71d6bc051e5e22ec | MS-DOS executable, MZ for MS-DOS | |||||||||
ughdxflt.txt | ce69d63449fddf6bc1f0f3e2e5c8081d | ISO-8859 text, with CRLF line terminators | |||||||||
ughtrnr.com | beac223e01702e728c17c7fed2a1d655 | DOS executable (COM), start instruction 0xe93627df 104253ad | |||||||||
ughtrnr.doc | 8500e6b52209d71e66f8e5f73b0f09b1 | ISO-8859 text, with CRLF line terminators | |||||||||
DOSBox.exe | 90c338efc128025736084c05ae664a60
| PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, 9 sections | |||||||||
SDL.dll | 52726f9e11c4f2af64033ee17dae1fce | PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 9 sections | |||||||||
SDL_net.dll | 7db830b9fb29781f86cec2a1bbfe050c | PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows, 8 sections |
Detections
Analyzer | Verdict | Alert |
---|---|---|
Public Nextron YARA rules | malware | Detects a suspicious LNK file |
Public InfoSec YARA rules | malware | Identifies executable artefacts in shortcut (LNK) files. |
Public InfoSec YARA rules | malware | Identifies execution artefacts in shortcut (LNK) files. |
YARAhub by abuse.ch | malware | meth_stackstrings |
VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
cdn.gamesnostalgia.com/files/n/i/nil305431134s35873246913/ugh_dos_win.7z | 162.0.227.228 | 200 OK | 1.4 MB | |||||||
Detections
HTTP Headers
| ||||||||||