Report - www.maazl.de/project/pm123/pm123-1.40a4.zip

Report Overview

Submitted URL
www.maazl.de/project/pm123/pm123-1.40a4.zip
IP
202.61.232.247
ASN
#197540 netcup GmbH
Submitted
2024-05-05 06:52:05
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
15

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.maazl.de	unknown	unknown	2023-10-26	2023-10-26	497 B	1.9 MB	202.61.232.247

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.maazl.de/project/pm123/pm123-1.40a4.zip
IP
202.61.232.247
ASN
#197540 netcup GmbH

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.9 MB (1914195 bytes)
Hash
2585df367a43501a8c78c28e46588e2d
d1b59bff12610fee2e327660d7898ea854e66701
ef5adb096a308977e26c98e467bffa1fd23b791311b39671047dd0c9fa1733a1

Archive (62)

Filename

Md5

File type

cddaplay.dll

da289e803ea30ade2e8bd127c1ddba89

MS-DOS executable, LX for OS/2 (DLL) i80386

COPYING.html

9ed8854b63f80f2f52f196bbb723d10a

ASCII text, with CRLF line terminators

COPYRIGHT.html

e4a7d7683ad14fc9a2aef5a287b93a5f

ASCII text, with CRLF line terminators

default.skn

7b3ba3382ea2fd3f1c51b57798c7d033

Non-ISO extended-ASCII text, with CRLF line terminators

fft123.dll

d93ddcb24d97066326869c7167a9126a

MS-DOS executable, LX for OS/2 (DLL) i80386

history.html

cafd2827a7d54b845fbf00ffa4b93c27

HTML document, ASCII text, with CRLF line terminators

aif.ico

ff3b2c45b44375e33cb9cf8d4597ba8e

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

au.ico

1a0d0c146d0fedd25540b439ed002220

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

avr.ico

a0ae394107a9732285c0af38e57e0a05

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

caf.ico

b0caae71df1392ba68c587198804c1ab

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

iff.ico

774d3f73d9284e83989d2f9f0de9ef7b

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

lst.ico

583de7ac38bb70068a9b7b3564608a4a

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

m3u.ico

94cb8b27b4a89620807200b1805ad3a0

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

m3u8.ico

94cb8b27b4a89620807200b1805ad3a0

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

mat.ico

d5c589c833f8743028d7764789b70673

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

mp1.ico

944676c7f697f2dace6a2b235b32828a

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

mp2.ico

9829c6ce1b62987088a0d0ab90fa175d

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

mp3.ico

6d104c7e77c1e8587878166795b95a84

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

mpl.ico

390d7c2f51124d2357818de874f7730b

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

ogg.ico

558255d677d9a560a89f7d5a1e1c2b44

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

paf.ico

ec6c426347ba84c2884a2cc9654906be

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

pls.ico

f2f4eee48c6eee2ecd99e2b2c1145ac1

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

pvf.ico

05d690867083deecfb7a1af8ba5bfe49

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

sd2.ico

9ad703566734b2824609caf4eb8ee3be

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

sds.ico

05b4e23d83c7a40dd493f1748637b5cc

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

sf.ico

94508d8d03d483bd9361ce0f63b92cfa

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

voc.ico

b312ac0d674bbcac080855110eac564c

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

w64.ico

6cee2b3b5edca572b6804a4738f34e2e

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

wav.ico

745294dc2d072915eb9809688e18f1e1

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

xi.ico

e8b4e33149ca962e19f9c5ed3365a24f

OS/2 graphic array, cbSize 40, data offset 72; 1st OS/2 1.x color icon 32 x 32, hotspot 16x16, cbSize 26, bits offset 288

logvolum.dll

e93c07a5b0c34ea1eb6da9581d8aa3f0

MS-DOS executable, LX for OS/2 (DLL) i80386

makewps.cmd

9adbbcdc0c9531a4d4683f48d5bf9652

OS/2 REXX batch file, ASCII text, with CRLF line terminators

mpg123.dll

d1aca4db4db9905782b269c498819160

MS-DOS executable, LX for OS/2 (DLL) i80386

oggplay.dll

2297a8de978c26641fedcd522a7da0be

MS-DOS executable, LX for OS/2 (DLL) i80386

os2audio.dll

da5c9f3d9128a8de54995e705378599d

MS-DOS executable, LX for OS/2 (DLL) i80386

os2rec.dll

8b684031d542e5c360b411e8b3ee815f

MS-DOS executable, LX for OS/2 (DLL) i80386

config.h

5d0e62f040d0c4c40bb1ade28898ef54

C source, ASCII text, with CRLF line terminators

config_gcc.h

4c5e4b9dcc64454d066760be8333423b

C source, ASCII text, with CRLF line terminators

config_icc_30.h

02d6d58b852ad18da8c87e93f3090f63

C source, ASCII text, with CRLF line terminators

config_icc_36.h

31bb6072458ca61b023ec873152e630e

C source, ASCII text, with CRLF line terminators

config_wcc.h

4c12deaa04aa4cb531c6e4cc29040ea8

C source, ASCII text, with CRLF line terminators

decoder_plug.h

8edb330bb949fdd68a8fb228dab9a400

C source, ASCII text, with CRLF line terminators

fft123.h

ea6d04b5918443f56d80bb281e5c0198

C source, ASCII text, with CRLF line terminators

fft123.lib

fa93b2f22112ea1c3468894ccfaf20f9

Microsoft Visual C/OMF library, page size 16, at 0xc00 dictionary with 5 blocks (FFLAG=0x68) 1st entry fftwf_plan_dft_r2c_1d in page 31 case sensitive, 2nd record "fftwf_plan_many_r2r", 3rd record COMMENT class=0xa0 OMF extensions IMPDEF ordinal fftwf_plan_many_r2r exported by FFT123

fft123.pdf

076e9aeb2b840297105a3f52a7a582a3

PDF document, version 1.3, 6 pages

filter_plug.h

f2a1869dc5570bee0b1cda640b7a8b03

C source, ASCII text, with CRLF line terminators

format.h

0b2771871b086987c4af669925b29170

C source, ASCII text, with CRLF line terminators

output_plug.h

6f906c962c32697a36ce8efcea924813

C source, ASCII text, with CRLF line terminators

plugin.h

95215911aa9050f501ba4cced3f587d2

C source, ISO-8859 text, with CRLF line terminators

pm123_pdk.inf

aa35db3d7d0b38cd2bde9ad2ca76d58b

OS/2 HLP (PM123 Plug-in Developer's Guide)

visual_plug.h

10e742fb79d86defae808cd50584c795

C source, ASCII text, with CRLF line terminators

xio123.h

192305bdc0e880f4c0339bdf9bb4ebee

C source, ASCII text, with CRLF line terminators

xio123.lib

0275741f6c80bfab0387fb5eba05288e

Microsoft Visual C/OMF library, page size 16, at 0xa00 dictionary with 5 blocks (FFLAG=0x49) 1st entry xio_http_proxy_addr in page 21 case sensitive, 2nd record "xio_connect_timeout", 3rd record COMMENT class=0xa0 OMF extensions IMPDEF ordinal xio_connect_timeout exported by XIO123

pm123.exe

3978786cb6a459087117e6ebded740d8

MS-DOS executable, LX for OS/2 (GUI) i80386

pm123.inf

25dffbd60254fc5242ba457394447069

OS/2 HLP (PM123 User's Manual)

realeq.dll

0564181c55e51b621504ae7eed8a2d0c

MS-DOS executable, LX for OS/2 (DLL) i80386

skinutil.exe

8a749f737ea952578deb9de57e054f02

MS-DOS executable, LX for OS/2 (console) i80386

analyzer.dll

f593fe83cd50b978d842ebdb2dc88f4e

MS-DOS executable, LX for OS/2 (DLL) i80386

wavout.dll

9b37a264d2528b83da29b4163d6d18ba

MS-DOS executable, LX for OS/2 (DLL) i80386

wavplay.dll

354e8685bbea51510e596b7bde66b24f

MS-DOS executable, LX for OS/2 (DLL) i80386

xio123.dll

b049c12b68c1deca132a23d732891863

MS-DOS executable, LX for OS/2 (DLL) i80386

zlb123.dll

5e526e27aaccf8f09e8c05901eb97608

MS-DOS executable, LX for OS/2 (DLL) i80386

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.maazl.de/project/pm123/pm123-1.40a4.zip

202.61.232.247

200 OK

1.9 MB

URL User Request GET HTTP/2
www.maazl.de/project/pm123/pm123-1.40a4.zip
IP
202.61.232.247:443
ASN
#197540 netcup GmbH

Certificate
IssuerLet's Encrypt
Subjectmaazl.de
Fingerprint67:33:2B:A2:D9:4F:9A:83:7A:90:BE:89:D2:7B:73:1E:6F:A3:F2:ED
ValidityMon, 01 Apr 2024 17:52:19 GMT - Sun, 30 Jun 2024 17:52:18 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
1.9 MB (1914195 bytes)
Hash
2585df367a43501a8c78c28e46588e2d
d1b59bff12610fee2e327660d7898ea854e66701
ef5adb096a308977e26c98e467bffa1fd23b791311b39671047dd0c9fa1733a1

HTTP Headers

GET /project/pm123/pm123-1.40a4.zip HTTP/1.1
Host: www.maazl.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 06:51:39 GMT
content-type: application/zip
content-length: 1914195
last-modified: Sat, 23 Mar 2024 14:27:21 GMT
etag: "65fee6c9-1d3553"
accept-ranges: bytes
X-Firefox-Spdy: h2