{"report_id":"a80068d5-8bed-4c6d-b328-cf4bf893c1ff","version":6,"status":"done","tags":[],"date":"2025-03-17T19:43:29Z","url":{"schema":"http","addr":"muhax.tripod.com/sitebuildercontent/sitebuilderfiles/muhax.zip","fqdn":"muhax.tripod.com","domain":"tripod.com","tld":"com"},"ip":{"addr":"209.202.252.105","port":0,"asn":6354,"as":"LYCOS","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-26T19:43:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"muhax.tripod.com","ip":{"addr":"209.202.252.105","port":443,"asn":6354,"as":"LYCOS","country":"United States","country_code":"US"},"domain_registered":"1994-09-29","domain_rank":0,"first_seen":"2024-11-13T03:12:23.443176Z","last_seen":"2025-03-13T19:55:08.650647Z","alert_count":1,"request_count":1,"received_data":293976,"sent_data":530,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"e0490b7527bb6f2605ccd586c27805cf","sha1":"fb97abfab1b0a86d207d17b9eb46b579e59b1a65","sha256":"e115a0a46c6d906601d304843d86fe4e99e61a511c360b8ef55122191329cce1","sha512":"485bb70f95d1d7ed0f8542b4d7a2079154044d81ed6406c98f02e41e857b949fdd82dabd55d4450d6b0e47a0752d27100317a6045cfab1eb7c7203b3d80a8953","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":293269,"url":{"schema":"https","addr":"muhax.tripod.com/sitebuildercontent/sitebuilderfiles/muhax.zip","fqdn":"muhax.tripod.com","domain":"tripod.com","tld":"com"},"ip":{"addr":"209.202.252.105","port":443,"asn":6354,"as":"LYCOS","country":"United States","country_code":"US"},"archive":[{"path":"MUHAX.exe","filename":"MUHAX.exe","modified":"2005-07-24T02:33:56Z","Modified":"","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections","size":868352,"md5":"0df679ea8e8c341eb0ce8fe62d5f2ef6","sha1":"3e4e53de6ff88cd117cb835dc0d742b4c6eaada7","sha256":"5ea5ccc7717e7971de7aaeeedc607e4e1f0ee7e96ee4dd2bd154711a5fc16682","sha512":"070bbbab02354aa63aa31941aa1a7b1acb8124aebccfeb1bf659abc7d85b606bc0711e90c8e74ccec97e043cfdf4af7597165e28f3f70056227fdadf9392c35e","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2012-02-01","alert":"Scan result 1/43","trigger":"5ea5ccc7717e7971de7aaeeedc607e4e1f0ee7e96ee4dd2bd154711a5fc16682","verdict":"suspicious","severity":"","comment":"suspicious - 1/43","link":"https://www.virustotal.com/gui/file/5ea5ccc7717e7971de7aaeeedc607e4e1f0ee7e96ee4dd2bd154711a5fc16682","meta":null}]}},{"path":"OscSeven.ocx","filename":"OscSeven.ocx","modified":"2005-01-03T04:35:00Z","Modified":"","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections","size":172032,"md5":"3cc9f26807201377beae997ac6dbe5e0","sha1":"b5fdf4163052363ddb2451d02f295f6732b5703d","sha256":"69185a032b86cf2d4aada028d212b9af5cda11ca3a65791dc941005c143629e8","sha512":"7aa922b74bcd96e850ddb0aa9f315be03b4d6f5211b9975df19864de1727374879a1963eae25bc90df0624da894a3a286ad7d2e52c7f991ffb71819d479e2dd9","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-16","alert":"Scan result 1/72","trigger":"69185a032b86cf2d4aada028d212b9af5cda11ca3a65791dc941005c143629e8","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/69185a032b86cf2d4aada028d212b9af5cda11ca3a65791dc941005c143629e8","meta":null}]}},{"path":"mu directions.txt","filename":"mu directions.txt","modified":"2001-01-03T15:30:42Z","Modified":"","magic":"ASCII text, with CRLF line terminators","size":605,"md5":"31512a4d78cde583cc0328b2a487a4bb","sha1":"e6cb6b042274d3c88d6bf9e669011f7c04b9ed89","sha256":"7758c697e1ffdb6fbd10c18a8575c39cf96847325304bb1323763c6e771ec4d3","sha512":"0ed73dcea9b9210b38a73910c9515d22d91d35e1ccfa5a6064e5e91182f600b5ba4be1be48e87d083d0f04999aa772655af8df4098d30524e7f1818517b1ae2d","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-15","alert":"Scan result 1/50","trigger":"e115a0a46c6d906601d304843d86fe4e99e61a511c360b8ef55122191329cce1","verdict":"suspicious","severity":"","comment":"suspicious - 1/50","link":"https://www.virustotal.com/gui/file/e115a0a46c6d906601d304843d86fe4e99e61a511c360b8ef55122191329cce1","meta":null}]}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"e0490b7527bb6f2605ccd586c27805cf","sha1":"fb97abfab1b0a86d207d17b9eb46b579e59b1a65","sha256":"e115a0a46c6d906601d304843d86fe4e99e61a511c360b8ef55122191329cce1","sha512":"485bb70f95d1d7ed0f8542b4d7a2079154044d81ed6406c98f02e41e857b949fdd82dabd55d4450d6b0e47a0752d27100317a6045cfab1eb7c7203b3d80a8953","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":293269,"url":{"schema":"https","addr":"muhax.tripod.com/sitebuildercontent/sitebuilderfiles/muhax.zip","fqdn":"muhax.tripod.com","domain":"tripod.com","tld":"com"},"ip":{"addr":"209.202.252.105","port":443,"asn":6354,"as":"LYCOS","country":"United States","country_code":"US"},"archive":[{"path":"MUHAX.exe","filename":"MUHAX.exe","modified":"2005-07-24T02:33:56Z","Modified":"","magic":"PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections","size":868352,"md5":"0df679ea8e8c341eb0ce8fe62d5f2ef6","sha1":"3e4e53de6ff88cd117cb835dc0d742b4c6eaada7","sha256":"5ea5ccc7717e7971de7aaeeedc607e4e1f0ee7e96ee4dd2bd154711a5fc16682","sha512":"070bbbab02354aa63aa31941aa1a7b1acb8124aebccfeb1bf659abc7d85b606bc0711e90c8e74ccec97e043cfdf4af7597165e28f3f70056227fdadf9392c35e","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2012-02-01","alert":"Scan result 1/43","trigger":"5ea5ccc7717e7971de7aaeeedc607e4e1f0ee7e96ee4dd2bd154711a5fc16682","verdict":"suspicious","severity":"","comment":"suspicious - 1/43","link":"https://www.virustotal.com/gui/file/5ea5ccc7717e7971de7aaeeedc607e4e1f0ee7e96ee4dd2bd154711a5fc16682","meta":null}]}},{"path":"OscSeven.ocx","filename":"OscSeven.ocx","modified":"2005-01-03T04:35:00Z","Modified":"","magic":"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections","size":172032,"md5":"3cc9f26807201377beae997ac6dbe5e0","sha1":"b5fdf4163052363ddb2451d02f295f6732b5703d","sha256":"69185a032b86cf2d4aada028d212b9af5cda11ca3a65791dc941005c143629e8","sha512":"7aa922b74bcd96e850ddb0aa9f315be03b4d6f5211b9975df19864de1727374879a1963eae25bc90df0624da894a3a286ad7d2e52c7f991ffb71819d479e2dd9","alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-11-16","alert":"Scan result 1/72","trigger":"69185a032b86cf2d4aada028d212b9af5cda11ca3a65791dc941005c143629e8","verdict":"suspicious","severity":"","comment":"suspicious - 1/72","link":"https://www.virustotal.com/gui/file/69185a032b86cf2d4aada028d212b9af5cda11ca3a65791dc941005c143629e8","meta":null}]}},{"path":"mu directions.txt","filename":"mu directions.txt","modified":"2001-01-03T15:30:42Z","Modified":"","magic":"ASCII text, with CRLF line terminators","size":605,"md5":"31512a4d78cde583cc0328b2a487a4bb","sha1":"e6cb6b042274d3c88d6bf9e669011f7c04b9ed89","sha256":"7758c697e1ffdb6fbd10c18a8575c39cf96847325304bb1323763c6e771ec4d3","sha512":"0ed73dcea9b9210b38a73910c9515d22d91d35e1ccfa5a6064e5e91182f600b5ba4be1be48e87d083d0f04999aa772655af8df4098d30524e7f1818517b1ae2d","alerts":{"urlquery":null,"analyzer":null}}],"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-15","alert":"Scan result 1/50","trigger":"e115a0a46c6d906601d304843d86fe4e99e61a511c360b8ef55122191329cce1","verdict":"suspicious","severity":"","comment":"suspicious - 1/50","link":"https://www.virustotal.com/gui/file/e115a0a46c6d906601d304843d86fe4e99e61a511c360b8ef55122191329cce1","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"muhax.tripod.com/sitebuildercontent/sitebuilderfiles/muhax.zip","fqdn":"muhax.tripod.com","domain":"tripod.com","tld":"com"},"ip":{"addr":"209.202.252.105","port":443,"asn":6354,"as":"LYCOS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-17T19:43:07.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tripod.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 02 Mar 2025 14:54:57 GMT","end":"Sat, 31 May 2025 14:54:56 GMT"},"fingerprint":{"sha1":"51:66:97:2E:3C:C5:27:4E:16:6E:D2:CB:F9:4D:1F:23:61:20:EF:F2","sha256":"0F:33:96:E7:05:B0:FC:32:0E:C5:82:34:47:E5:69:B9:50:D3:4A:79:7D:92:C6:61:8C:F8:37:5D:BD:CF:93:11"}}},"request":{"raw":"GET /sitebuildercontent/sitebuilderfiles/muhax.zip HTTP/1.1\r\nHost: muhax.tripod.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0\r\nDate: Mon, 17 Mar 2025 19:43:07 GMT\r\nContent-Type: application/zip\r\nContent-Length: 293269\r\nConnection: keep-alive\r\nSet-Cookie: CookieStatus=COOKIE_OK; path=/; domain=.tripod.com; expires=Tue, 17-Mar-2026 19:43:07 GMT\r\nVary: *\r\nX-Server-IP: 209.202.244.208\r\nP3P: policyref=\"http://www.lycos.com/w3c/p3p.xml\", CP=\"IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA\"\r\nLast-Modified: Sun, 24 Jul 2005 16:04:24 GMT\r\nETag: \"47995-42e3bc08\"\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":293269,"size_decoded":0,"mime_type":"application/zip","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"e0490b7527bb6f2605ccd586c27805cf","sha1":"fb97abfab1b0a86d207d17b9eb46b579e59b1a65","sha256":"e115a0a46c6d906601d304843d86fe4e99e61a511c360b8ef55122191329cce1","sha512":"485bb70f95d1d7ed0f8542b4d7a2079154044d81ed6406c98f02e41e857b949fdd82dabd55d4450d6b0e47a0752d27100317a6045cfab1eb7c7203b3d80a8953","ssdeep":"6144:i5SljgsHQYtqApubBQCwuUrEykhHXcfiJ5BUI4oFAeOrr2uDc63x:i5SoYU7bVwuUoThHXcKRUCHOrRDF3x","tlshash":"ff542368c816f0f3d296243bdfb99939a93e2205d134c1249567366c9de61c4fcb4ee3","first_seen":"2024-08-16T13:33:04Z","last_seen":"2025-05-19T19:59:49.026896Z","times_seen":23,"resource_available":false,"data":null}},"time_used":1880,"timings":{"blocked":505,"dns":138,"connect":98,"send":0,"wait":117,"receive":750,"ssl":267},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2024-09-15","alert":"Scan result 1/50","trigger":"e115a0a46c6d906601d304843d86fe4e99e61a511c360b8ef55122191329cce1","verdict":"suspicious","severity":"","comment":"suspicious - 1/50","link":"https://www.virustotal.com/gui/file/e115a0a46c6d906601d304843d86fe4e99e61a511c360b8ef55122191329cce1","meta":null}],"urlquery":null}}]}