Report - m.emuparadise.me/emulators/files/mednafen-0.9.48-win64.zip

Report Overview

Visited public
2025-04-08 08:49:16
Tags
URL
m.emuparadise.me/emulators/files/mednafen-0.9.48-win64.zip
Finishing URL
about:privatebrowsing
IP / ASN
151.101.3.52
#54113 FASTLY
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
m.emuparadise.me	532979	2011-06-15	2017-02-01	2025-04-08	526 B	7.6 MB	151.101.67.52
www.emuparadise.me	353979	2011-06-15	2012-05-25	2025-04-03	1.1 kB	15 MB	151.101.67.52
static.emuparadise.me	unknown	2011-06-15	2012-12-22	2025-04-08	447 B	7.6 MB	111.90.159.152
mprd.se	unknown	2016-01-12	2017-02-01	2025-04-08	523 B	7.6 MB	199.101.98.243

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
mprd.se/media/emulators/files/mednafen-0.9.48-win64.zip
IP
199.101.98.243
ASN
#46261 QUICKPACKET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
7.6 MB (7598972 bytes)
Hash
96c828ac8f167393def69e1f51c400a1
6ccc9aaec8ce08124c8b2df30222e4103ccabe8c
c3ccb78325bae8cbbf7d9101317a61e364c4dcd21c59004225a7307866599fa5

Archive (47)

Filename

Md5

File type

COPYING

6e233eda45c807aa29aeaa6d94bc48a2

ASCII text

ChangeLog

bfd04783c17c85fedde8d84b7c22fd04

ASCII text

bwolf0.png

79f1508d5918a085fb27e4b61775acdb

PNG image data, 280 x 240, 8-bit colormap, non-interlaced

bwolf1.png

6ed53fed84fb90d0d98bf539af1b2d03

PNG image data, 280 x 240, 8-bit colormap, non-interlaced

cdplay.html

9b9108fb4a8efa581496a154790523a0

HTML document, ASCII text, with very long lines (1770)

cheat.html

7d6abdb735f3d53811cb3ca4605ecab9

ASCII text

cheats.txt

3e79ed9e780a09bcdbaff52dbf2e4158

ASCII text

debugger.html

586d3f6c623a83ee883949ecee3d829c

HTML document, ASCII text

fname_format.txt

8b173d7b09dc8619921d35f21dc91aa1

ASCII text

gb.html

e0a6993c8bcbe438e18f3750958e2975

HTML document, ASCII text, with very long lines (1762)

gba.html

9e4adb3df613cfd051a589787f529825

HTML document, ASCII text, with very long lines (1764)

gg.html

ae2de090490e61deb55b8dfde4d49ffa

HTML document, ASCII text, with very long lines (1762)

headerbg.png

6eb078069a71c657c13a36fd88054b8d

PNG image data, 8 x 42, 8-bit/color RGB, non-interlaced

lynx.html

ba77674dfe2bf7f021df50bd13e644b0

HTML document, ASCII text, with very long lines (1766)

md.html

39beb8300cc2092d1079ca3d2c5ddf61

HTML document, ASCII text, with very long lines (1762)

mednafen.css

3d1f49c7fce02e7171a8a4adeac626f0

ASCII text

mednafen.html

47b900f829f8ede3a0ff177cd477c06f

HTML document, Unicode text, UTF-8 text, with very long lines (6230)

mednafen.png

694bebf575d4c08936abc18bdbc43dfe

PNG image data, 696 x 204, 8-bit/color RGB, non-interlaced

nes.html

c70d2035ea4c57b1bf82206e33ee68b1

HTML document, ASCII text, with very long lines (1764)

netplay.html

efb4b4eb845ba01cec80b1b0eded9d21

HTML document, Unicode text, UTF-8 text, with very long lines (407)

ngp.html

d0450d650e33d075e6a69c297977eafb

HTML document, ASCII text, with very long lines (1764)

pce.html

b2d8f0b359cec5f444a1fdd5cf805241

HTML document, ASCII text, with very long lines (1764)

pce_fast.html

7d245a5979e0f88dc81a3b624d36f0c3

HTML document, ASCII text, with very long lines (1774)

pcfx.html

16357c90cd7e7a42ab326cf7985aabfe

HTML document, ASCII text, with very long lines (1766)

psx.html

56e6b1735f5a45c35698ee6ced118fa8

HTML document, Unicode text, UTF-8 text, with very long lines (1942)

sapphire0.png

4d0d6f9e8b9c5c8f2c7fd99b68356838

PNG image data, 280 x 240, 8-bit colormap, non-interlaced

sapphire1.png

6c639c2be9222d991ea41a19b2a3921e

PNG image data, 280 x 240, 8-bit colormap, non-interlaced

sms.html

2b928fd6f39eb887a1894a6c8421af55

HTML document, ASCII text, with very long lines (1764)

snes.html

429f9cd504f8025e0b455c5de0ea562e

HTML document, ASCII text, with very long lines (1766)

snes_faust.html

edd9ed746ade1abfd01d4e3ce823c1df

HTML document, ASCII text, with very long lines (1778)

ss.html

ef465fbf1c37745c62a30210a279ef5b

HTML document, Unicode text, UTF-8 text, with very long lines (1762)

ssfplay.html

fcc2e0f88c21b8e364a78909e1c6d9a4

HTML document, ASCII text, with very long lines (1772)

vb.html

c0535bbe3bb327452b3d69608d7d20ab

HTML document, ASCII text, with very long lines (1762)

wswan.html

2b48d2b57b421d0ea5bd2a83c11ed5ed

HTML document, ASCII text, with very long lines (1768)

SDL.dll

855bebfdd3646d787718506e8d5afc3f

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections

mednafen.mo

33677ba03994b7f0fc74ac9bfcceb2d4

GNU message catalog (little endian), revision 0.0, 308 messages, Project-Id-Version: mednafen ' Für Options-Parameter und Verwendung bitte in der Dokumentation nachsehen.'

libFLAC-8.dll

56cf5f7c58b5a482554d517d09be2de5

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 11 sections

libcharset-1.dll

ea5dc9c9e70607b2b2def8b4c2afca54

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

libgcc_s_seh-1.dll

76e4552801c7c357ee4cedebccb0fd93

PE32+ executable (DLL) (console) x86-64, for MS Windows, 19 sections

libiconv-2.dll

ac6ec0006c419b284c8e36ea2101a4f5

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 10 sections

libogg-0.dll

a1546c5bc36fb22449f5d0265336d34c

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

libsndfile-1.dll

ef992769f857f20e0f68edaa019ec3ba

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 12 sections

libstdc++-6.dll

da2d6851283ee05ef036ef698e4d463f

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 11 sections

libvorbis-0.dll

5b54c9531537410701ad6334a43cdacb

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 11 sections

libvorbisenc-2.dll

9ba7afe454b929efca0b532cbc6f6c33

PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows, 9 sections

mednafen.exe

0c1315d83140dd81af1f5c0c1c16b627

PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, 10 sections

mednafen.mo

46269fe847ae47f73ea3094f967dba71

GNU message catalog (little endian), revision 0.0, 319 messages, Project-Id-Version: mednafen ' Сверьтесь с документацией по настройке и использованию эмулятора.'

Detections

Analyzer	Verdict	Alert
CAPEv2 YARA detection rules	malware	Emotet Payload
YARAhub by abuse.ch	malware	meth_stackstrings

JavaScript (0)

HTTP Transactions (5)

	URL	IP	Response	Size
	m.emuparadise.me/emulators/files/mednafen-0.9.48-win64.zip	151.101.67.52	301 Moved Permanently	7.6 MB
URL User Request GET m.emuparadise.me/emulators/files/mednafen-0.9.48-win64.zip IP 151.101.67.52:443 ASN #54113 FASTLY Certificate IssuerCertainly Subjectwww.emuparadise.me Fingerprint71:35:EE:AB:23:0F:70:EE:4A:9A:5A:A9:7C:64:B1:65:82:91:AF:12 ValidityThu, 20 Mar 2025 00:03:08 GMT - Sat, 19 Apr 2025 00:03:07 GMT File type Size 7.6 MB (7598972 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /emulators/files/mednafen-0.9.48-win64.zip HTTP/1.1 Host: m.emuparadise.me User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 301 Moved Permanently server: nginx/1.12.0 content-type: text/html location: https://www.emuparadise.me/redirect/desktop/emulators/files/mednafen-0.9.48-win64.zip cache-control: private, no-cache, no-store, proxy-revalidate, no-transform accept-ranges: bytes via: 1.1 varnish, 1.1 varnish date: Tue, 08 Apr 2025 08:48:50 GMT x-served-by: cache-qpg1235-QPG, cache-hel1410032-HEL x-cache: MISS, MISS x-cache-hits: 0, 0 x-timer: S1744102131.636249,VS0,VE224 strict-transport-security: max-age=31557600 content-length: 185 X-Firefox-Spdy: h2

	www.emuparadise.me/redirect/desktop/emulators/files/mednafen-0.9.48-win64.zip	151.101.67.52	301 Moved Permanently	7.6 MB
URL User Request GET www.emuparadise.me/redirect/desktop/emulators/files/mednafen-0.9.48-win64.zip IP 151.101.67.52:443 ASN #54113 FASTLY Certificate IssuerCertainly Subjectwww.emuparadise.me Fingerprint71:35:EE:AB:23:0F:70:EE:4A:9A:5A:A9:7C:64:B1:65:82:91:AF:12 ValidityThu, 20 Mar 2025 00:03:08 GMT - Sat, 19 Apr 2025 00:03:07 GMT File type Size 7.6 MB (7598972 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /redirect/desktop/emulators/files/mednafen-0.9.48-win64.zip HTTP/1.1 Host: www.emuparadise.me User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 301 Moved Permanently server: nginx/1.12.0 content-type: text/html location: https://www.emuparadise.me/emulators/files/mednafen-0.9.48-win64.zip cache-control: private, no-cache, no-store, proxy-revalidate, no-transform accept-ranges: bytes via: 1.1 varnish, 1.1 varnish date: Tue, 08 Apr 2025 08:48:51 GMT x-served-by: cache-qpg1248-QPG, cache-hel1410032-HEL x-cache: MISS, MISS x-cache-hits: 0, 0 x-timer: S1744102131.897742,VS0,VE435 strict-transport-security: max-age=31557600 content-length: 185 X-Firefox-Spdy: h2

	www.emuparadise.me/emulators/files/mednafen-0.9.48-win64.zip	151.101.67.52	301 Moved Permanently	7.6 MB
URL User Request GET www.emuparadise.me/emulators/files/mednafen-0.9.48-win64.zip IP 151.101.67.52:443 ASN #54113 FASTLY Certificate IssuerCertainly Subjectwww.emuparadise.me Fingerprint71:35:EE:AB:23:0F:70:EE:4A:9A:5A:A9:7C:64:B1:65:82:91:AF:12 ValidityThu, 20 Mar 2025 00:03:08 GMT - Sat, 19 Apr 2025 00:03:07 GMT File type Size 7.6 MB (7598972 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /emulators/files/mednafen-0.9.48-win64.zip HTTP/1.1 Host: www.emuparadise.me User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 301 Moved Permanently server: nginx/1.12.0 content-type: text/html location: http://static.emuparadise.me/emulators/files/mednafen-0.9.48-win64.zip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes age: 0 date: Tue, 08 Apr 2025 08:48:51 GMT x-served-by: cache-qpg1239-QPG, cache-hel1410032-HEL x-cache: HIT, MISS x-cache-hits: 1, 0 x-timer: S1744102131.377366,VS0,VE212 strict-transport-security: max-age=31557600 content-length: 185 X-Firefox-Spdy: h2`

	static.emuparadise.me/emulators/files/mednafen-0.9.48-win64.zip	111.90.159.152	301 Moved Permanently	7.6 MB
URL User Request GET static.emuparadise.me/emulators/files/mednafen-0.9.48-win64.zip IP 111.90.159.152:80 ASN #45839 Shinjiru Technology Sdn Bhd File type Size 7.6 MB (7598972 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /emulators/files/mednafen-0.9.48-win64.zip HTTP/1.1 Host: static.emuparadise.me User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Server: nginx/1.12.0 Date: Tue, 08 Apr 2025 08:48:51 GMT Content-Type: text/html Content-Length: 185 Connection: keep-alive Location: https://mprd.se/media/emulators/files/mednafen-0.9.48-win64.zip`

	mprd.se/media/emulators/files/mednafen-0.9.48-win64.zip	199.101.98.243	200 OK	7.6 MB
URL User Request GET mprd.se/media/emulators/files/mednafen-0.9.48-win64.zip IP 199.101.98.243:443 ASN #46261 QUICKPACKET Certificate IssuerLet's Encrypt Subjectmprd.se Fingerprint8A:0E:DD:77:75:64:2A:B3:37:F1:3F:AF:86:A3:63:9F:72:BF:D7:71 ValidityMon, 24 Feb 2025 09:25:03 GMT - Sun, 25 May 2025 09:25:02 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 7.6 MB (7598972 bytes) Hash 96c828ac8f167393def69e1f51c400a1 6ccc9aaec8ce08124c8b2df30222e4103ccabe8c c3ccb78325bae8cbbf7d9101317a61e364c4dcd21c59004225a7307866599fa5 HTTP Headers GET /media/emulators/files/mednafen-0.9.48-win64.zip HTTP/1.1 Host: mprd.se User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.10.1 Date: Tue, 08 Apr 2025 08:48:52 GMT Content-Type: application/zip Content-Length: 7598972 Last-Modified: Tue, 20 Feb 2018 21:15:39 GMT Connection: keep-alive ETag: "5a8c8ffb-73f37c" Expires: Wed, 09 Apr 2025 08:48:52 GMT Cache-Control: max-age=86400 Accept-Ranges: bytes`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (47)

Detections

JavaScript (0)

HTTP Transactions (5)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers