Report - member.ipmu.jp/yuji.tachikawa/spires/zips/spires

Report Overview

Submitted URL
member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.6.4.zip
IP
157.82.236.62
ASN
#2501 The University of Tokyo
Submitted
2024-04-18 11:40:01
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
member.ipmu.jp	731065	2007-11-04	2017-02-16	2023-05-20	512 B	826 kB	157.82.236.62

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.6.4.zip
IP
157.82.236.62
ASN
#2501 The University of Tokyo

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
826 kB (826093 bytes)
Hash
8e4d8f552620687275da0054355ea79e
e8223862cc9087e2ee31594b52b9416ac6010247
3cd68007e4e2ebf0984f11a1dc85e78130b833422400b34beed6716ebf670650

Archive (85)

Filename

Md5

File type

CodeResources

667698edb2a7c658630b47e059b827a1

XML 1.0 document, ASCII text

Headers

86c63de7bd8775780ac77380b5c049c4

ASCII text, with no line terminators

Resources

e58c4cf10cc7c8ef7d7167ccb641aeb4

ASCII text, with no line terminators

Sparkle

078cd5564ff6fd5418ddc4d9179fca8c

ASCII text, with no line terminators

CodeResources

c673730cc70a94c9b0ae5a96a3cf5f91

XML 1.0 document, ASCII text

Sparkle.strings

8053722e4e9c6e169e36406e3f86861f

Unicode text, UTF-16, little-endian text, with very long lines (368)

SUAutomaticUpdateAlert.nib

3a31e8a550eae52e10394e25aa8891b6

Apple binary property list

SUUpdateAlert.nib

608b891acf10a137a63615d6b6c43823

Apple binary property list

SUUpdatePermissionPrompt.nib

e1dc70a8e650793c2319b26991e68392

Apple binary property list

CodeResources

4ee0660675dcb52f6ee64404ab5407f5

XML 1.0 document, ASCII text

Info.plist

7ca4d1f9070d54342c3e201ec4de656a

XML 1.0 document, ASCII text

finish_installation

1fd23393b6ed18e99e070cd0529547c2

PkgInfo

23b7d7d024abb0f558420e098800bf27

ASCII text, with no line terminators

Sparkle.strings

724f5117126291f1f8ad60433da7c95f

Unicode text, UTF-16, little-endian text, with very long lines (432)

Sparkle.strings

6df3a4937b99abeed2f341779eca561c

Unicode text, UTF-16, little-endian text, with very long lines (378)

Sparkle.strings

fe70775c0a2b7cd26587bfa089368afa

Unicode text, UTF-16, little-endian text, with very long lines (391)

Sparkle.strings

8053722e4e9c6e169e36406e3f86861f

Unicode text, UTF-16, little-endian text, with very long lines (368)

Sparkle.strings

23b178968b73100676e3cbdeb6c403cd

Unicode text, UTF-16, little-endian text, with very long lines (376)

Sparkle.strings

d27013d5dd3e1224f8ccf1ce06cf275d

Unicode text, UTF-16, little-endian text, with very long lines (413)

Sparkle.strings

3d021fdefb90c34ee08d7734455e3e21

Unicode text, UTF-16, little-endian text

Sparkle.strings

19ad8fa17ff17202c09f014a6366d5d5

Unicode text, UTF-16, little-endian text, with very long lines (375)

Sparkle.strings

2c53dfa48e5cb192bd7004e610c21e66

Unicode text, UTF-16, little-endian text

Sparkle.strings

a1d223a1c329b8c87a78135aafbbfbba

Unicode text, UTF-16, little-endian text, with very long lines (376)

Sparkle.strings

396cea7800521bc97bd06b99a5bc7bd8

Unicode text, UTF-16, little-endian text, with very long lines (394)

Sparkle.strings

a87fcb2d7a1fcd3208ae4e6439ffb516

Unicode text, UTF-16, little-endian text, with very long lines (392)

Sparkle.strings

6ca71bf8e3cb85c2c74fe7cfc362fdb6

Unicode text, UTF-16, little-endian text, with very long lines (406)

Sparkle.strings

d27a1e4eced8a976ed77647eb3f61ec9

Unicode text, UTF-16, little-endian text, with very long lines (388)

Sparkle.strings

2e23ce0b1fe81013644a63f9ed02de93

Unicode text, UTF-16, little-endian text, with very long lines (424)

Sparkle.strings

9372ec2190b57c9f96109d760b6c246f

Unicode text, UTF-16, little-endian text, with very long lines (445)

Sparkle.icns

a835ab0d1534bf724d598583cbebe7d3

Mac OS X icon, 50219 bytes, "ics#" type

SUStatus.nib

3cf1b596baafe61d59ca8cc2b225e64b

Apple binary property list

Sparkle.strings

a8a846b7020c1629e8242c1921586534

Unicode text, UTF-16, little-endian text, with very long lines (367)

Sparkle.strings

0267d813d7f617186c98a49a6fc141c4

Unicode text, UTF-16, little-endian text

Sparkle.strings

9ee1803dffccd1e2de0b1a516759a2d7

Unicode text, UTF-16, little-endian text, with very long lines (404)

Sparkle.strings

1bebb6fdd2a465fde2883d8430997b3a

Unicode text, UTF-16, little-endian text

Sparkle.strings

525dfc12835311086684638c67b9b21a

Unicode text, UTF-16, little-endian text

Info.plist

97bc9dd7e6a542b24ca83a66b97f954a

XML 1.0 document, ASCII text

License.txt

a95b27511029996d8c4a9ce01d2456cd

ASCII text, with very long lines (460)

SUModelTranslation.plist

7d0d84a1983ed9a191d00ede11816e3d

XML 1.0 document, ASCII text

SUStatus.nib

3cf1b596baafe61d59ca8cc2b225e64b

Apple binary property list

Sparkle

b861a4401a7c4a573624ccbae8a300ac

Mach-O universal binary with 2 architectures: [i386: - Mach-O i386 dynamically linked shared library, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL>] [ - x86_64: - Mach-O 64-bit x86_64 dynamically linked shared library, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|NO_REEXPORTED_DYLIBS>]

Current

7fc56270e7a70fa81a5935b72eacbe29

very short file (no magic)

Info.plist

7b891934baea7b303db06675cae39355

XML 1.0 document, ASCII text

spires

07dda2d906eef5182cc893cd83f50333

Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|PIE>

PkgInfo

23b7d7d024abb0f558420e098800bf27

ASCII text, with no line terminators

Acknowledgments.html

8d3e5b0394adf384c09c37424573c5f0

HTML document, ASCII text

ActivityMonitor.nib

8c83a8a9321cd8f3a95e0c2ea4e59ccf

Apple binary property list

arxiv.tiff

2ba4059e3b0aee8273ecd6a3c2c61b29

TIFF image data, big-endian, direntries=20, height=32, bps=0, compression=LZW, PhotometricInterpretation=RGB, description=arxiv@2x.png, orientation=upper-left, width=32

ArxivNewCreateSheet.nib

4e3d13e47b4e72059ab95626404c0a8b

Apple binary property list

BibView.nib

9b8d246fdbfac879a35e51e1c103377a

Apple binary property list

blackOut.pdf

c417fc89216af5f730ba2bd2bac201e3

PDF document, version 1.3, 1 pages

ButtonBarPullDownArrow.pdf

a3e21e098edbc5fba4bd2bf689f8192b

PDF document, version 1.7, 1 pages

canned-search.tiff

21bbd3959ce710558bde1609bb658ad0

TIFF image data, big-endian, direntries=21, height=32, bps=0, compression=LZW, PhotometricInterpretation=RGB, description=canned-search@2x.png, orientation=upper-left, width=32

defaults.plist

57ad03c54da7f5d3ebb4f0be73d8058c

XML 1.0 document, ASCII text

drop.png

ceeb19004e55c8c49e3f93dde6aafa95

PNG image data, 91 x 91, 8-bit/color RGBA, non-interlaced

dsa_pub.pem

c491fa208a0ff99498dedfd2592a55fa

ASCII text

InfoPlist.strings

0b32a3ba7b88548d0f7efc144a991f49

Unicode text, UTF-16, little-endian text

MainMenu.nib

19b76a4580e33cb5b3dcd4ffecff830c

Apple binary property list

flagged.png

5325ddf732780e2dd3eefbb0e9318160

PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced

hasPDF.tiff

6feaa019e52216a00040bb7f98c5a7d8

TIFF image data, big-endian, direntries=20, height=32, bps=0, compression=LZW, PhotometricInterpretation=RGB, description=hasPDF@2x.png, orientation=upper-left, width=32

Localizable.strings

80144a694cf0ce44f73e9bc39be9bd1d

Unicode text, UTF-16, little-endian text

magicRegExps.perl

e797fa91d0679d1ca52a8de788388f37

ASCII text

marc2spires.xsl

342da7dceacdc7e1ce714c1cb43f09be

XML 1.0 document, ASCII text

MessageViewer.nib

0ac7eed3f51dbded467314e7c5638288

Apple binary property list

MigrationProgress.nib

fa68c571336430e5c4c2b3e45d45a404

Apple binary property list

parseTeXandEmitPlist.perl

5ae34ab8022034950935117b06498410

Perl script text executable

PrefPane.nib

02e1fa7428f349604cd5291d87154869

Apple binary property list

Release Notes.html

d42deec605a03652c0818577d5eb3443

HTML document, ASCII text, with very long lines (310)

spires-blue.tiff

521d4c939759fb7cf57c895046f2d61b

TIFF image data, big-endian, direntries=20, height=32, bps=0, compression=LZW, PhotometricInterpretation=RGB, description=spires-blue@2x.png, orientation=upper-left, width=32

spires-red.tiff

06fc8ffa986ceed2330fb1cad9010450

TIFF image data, big-endian, direntries=20, height=32, bps=0, compression=LZW, PhotometricInterpretation=RGB, description=spires-red@2x.png, orientation=upper-left, width=32

spires.icns

499cdb8df675b16b7cc88ffba45a755d

Mac OS X icon, 90832 bytes, "is32" type

spires.sdef

2f11eac3255608d2f4766635f03fdd51

XML 1.0 document, ASCII text

spires_DataModel 5.mom

c205f7068c730315c071fa4af2cc83de

Apple binary property list

spires_DataModel 6.mom

ebdb590d357affd4dfc7f16499ef745a

Apple binary property list

spires_DataModel 7.mom

3dafa38aa6198506afd1cbc4296af403

Apple binary property list

spires_DataModel 7.omo

efefcef91e68a59c4ff874bc5dcac6b4

data

VersionInfo.plist

ea036088c1151ad712436e2269462f1c

Apple binary property list

template.html

8191bafb053ab080995c3e03c2f6b0b8

HTML document, ASCII text

tex.js

524fb782def66e4178df7fcd4a93b3ac

Unicode text, UTF-8 text

TeXWatcher.nib

4b244005f83cfdcfebb4896f4d4b342e

Apple binary property list

unread-hasPDF.tiff

dff151bc92f07edb959e6456e3dc8d16

TIFF image data, big-endian, direntries=20, height=32, bps=0, compression=LZW, PhotometricInterpretation=RGB, description=unread-hasPDF@2x.png, orientation=upper-left, width=32

unread.tiff

1795433e46a4d8b26f230d119542c6be

TIFF image data, big-endian, direntries=20, height=32, bps=0, compression=LZW, PhotometricInterpretation=RGB, description=unread@2x.png, orientation=upper-left, width=32

v1.6.0alert.rtf

280d3b6e890e9e13da8afa1e9a9c974b

Rich Text Format data, version 1, ANSI, code page 932

whiteIn.pdf

f39471fc051b4824ff0ff6ae7fb72dd4

PDF document, version 1.3, 1 pages

whiteOut.pdf

588cbaa67435cc5ad2cbcd11f8a86d86

PDF document, version 1.3, 1 pages

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
YARAhub by abuse.ch	malware	meth_get_eip

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.6.4.zip	157.82.236.62	200 OK	826 kB
URL User Request GET HTTP/1.1 member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.6.4.zip IP 157.82.236.62:443 ASN #2501 The University of Tokyo Certificate IssuerSECOM Trust Systems CO.,LTD. Subjectmember.ipmu.jp Fingerprint5B:E0:C7:08:21:01:9F:F5:02:22:CC:73:A6:69:76:47:E8:67:61:44 ValidityMon, 01 May 2023 23:58:16 GMT - Fri, 31 May 2024 23:58:16 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 826 kB (826093 bytes) Hash 8e4d8f552620687275da0054355ea79e e8223862cc9087e2ee31594b52b9416ac6010247 3cd68007e4e2ebf0984f11a1dc85e78130b833422400b34beed6716ebf670650 HTTP Headers `GET /yuji.tachikawa/spires/zips/spires_1.6.4.zip HTTP/1.1 Host: member.ipmu.jp User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 11:39:35 GMT Server: Apache Strict-Transport-Security: max-age=63072000 Last-Modified: Fri, 10 Feb 2017 14:23:00 GMT ETag: "c9aed-5482dd5b9b900" Accept-Ranges: bytes Content-Length: 826093 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/zip`

member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.6.4.zip

157.82.236.62

200 OK

826 kB

URL User Request GET HTTP/1.1
member.ipmu.jp/yuji.tachikawa/spires/zips/spires_1.6.4.zip
IP
157.82.236.62:443
ASN
#2501 The University of Tokyo

Certificate
IssuerSECOM Trust Systems CO.,LTD.
Subjectmember.ipmu.jp
Fingerprint5B:E0:C7:08:21:01:9F:F5:02:22:CC:73:A6:69:76:47:E8:67:61:44
ValidityMon, 01 May 2023 23:58:16 GMT - Fri, 31 May 2024 23:58:16 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
826 kB (826093 bytes)
Hash
8e4d8f552620687275da0054355ea79e
e8223862cc9087e2ee31594b52b9416ac6010247
3cd68007e4e2ebf0984f11a1dc85e78130b833422400b34beed6716ebf670650

HTTP Headers

GET /yuji.tachikawa/spires/zips/spires_1.6.4.zip HTTP/1.1
Host: member.ipmu.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 11:39:35 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000
Last-Modified: Fri, 10 Feb 2017 14:23:00 GMT
ETag: "c9aed-5482dd5b9b900"
Accept-Ranges: bytes
Content-Length: 826093
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (85)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers