Report Overview
Submitted URL
dl-dr-4.xyz/drv/common/Logitech_Logitech_USB_Camera__Communicate_Deluxe__LWS110.zip
IP
89.41.180.201ASN
#25198 Interkvm Host Srl
Submitted
2024-04-17 05:49:15
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
5
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| dl-dr-4.xyz | unknown | 2023-06-04 | 2023-06-04 | 2024-04-17 | 537 B | 4.5 MB | 89.41.180.201 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-04-17 | medium | dl-dr-4.xyz | Sinkholed |
ThreatFox
No alerts detected
Files detected
URL
dl-dr-4.xyz/drv/common/Logitech_Logitech_USB_Camera__Communicate_Deluxe__LWS110.zip
IP
89.41.180.201ASN
#25198 Interkvm Host Srl
File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
4.5 MB (4480633 bytes)
Hash
cde1d4cd924c06e3eb7d187be4f065fd
9ad13ecf9254a2cfee1ff9a9441d818870afedaf
Archive (33)
| Filename | Md5 | File type | |||
|---|---|---|---|---|---|
| LV302V32.SYS | dd184d9adfe2a8a21741dbdfe9e22f5c
| PE32 executable (native) Intel 80386, for MS Windows, 8 sections | |||
| LV561AV.sys | d2d2fa02b722336960eeae0ae7107891
| PE32 executable (native) Intel 80386, for MS Windows, 7 sections | |||
| LVAFT.cfg | 835c775a6871d2a2ea6fc343b6b4c9a2 | data | |||
| LVUI2.dll | 4f99f157a9a63017fffd264f9d852a63 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 6 sections | |||
| LVUI2RC.dll | 0df1e0963754d701b2b2f3b86454adcf | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections | |||
| Repository.reg | d011aa06040d9d4f84028261b9432f92 | Windows Registry little-endian text (Win2K or above) | |||
| WUApp32.exe | c197c842c84112eb2abf6785a413b5b7 | PE32 executable (GUI) Intel 80386, for MS Windows, 4 sections | |||
| lv302af.sys | b20f958b207e6aaac5f70d04dd2c30d8 | PE32 executable (native) Intel 80386, for MS Windows, 7 sections | |||
| lvELCHc.inf | 1ffa6ad1aeedf818abfc4afb5fcf8873 | Windows setup INFormation | |||
| lvELCHv.inf | d6ab8c385f494bcb331eaeb19786cbd5 | Windows setup INFormation | |||
| lvPEPI2c.inf | b886fa84c9b4e2344a5b270db2b871ae | Windows setup INFormation | |||
| lvPEPI2s.inf | 74f77ffe18dea92dd1423e8a83622226 | Windows setup INFormation | |||
| lvPEPI2v.inf | a6bcaf874b2aa752021fae0da6a42418 | Windows setup INFormation | |||
| lvPRO5c.inf | fd10be0717b10cee785f1018e6ebcd86 | Windows setup INFormation | |||
| lvPRO5s.inf | 10eafc45f7cb6655601537800535f509 | Windows setup INFormation | |||
| lvPRO5v.inf | 74a9ed7c7d457f3df59cc8a76e561314 | Windows setup INFormation | |||
| lvWIAext.dll | 916b21d272293bed73b5c2e51fb86d75 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections | |||
| lvcodec2.dll | 8b32688233e95073769bd97ae22ed512 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections | |||
| lvcoinst.dll | 12ee91079f09ae7dc2867ef8ad218beb | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections | |||
| lvcoinst.ini | 3cd1705d96bed331d53a845dc31078de | ASCII text, with CRLF line terminators | |||
| lvelchc.cat | 31c7b9bb08511de520e5fb1870593d6c | DER Encoded PKCS#7 Signed Data | |||
| lvelchv.cat | 482f2b4e3f04479daa1eb6651d8ca33f | DER Encoded PKCS#7 Signed Data | |||
| lvpepi2c.cat | 628bcb7a61de8db5f6298051a2fd8a0c | DER Encoded PKCS#7 Signed Data | |||
| lvpepi2s.cat | 2e09e2671b7e7bcd70099567efed8522 | DER Encoded PKCS#7 Signed Data | |||
| lvpepi2v.cat | 37a50bbf404ca3caad00864fd50b8f5d | DER Encoded PKCS#7 Signed Data | |||
| lvpopflt.sys | 9fb982de1c8dd769f8ed681dd878b12f | PE32 executable (native) Intel 80386, for MS Windows, 7 sections | |||
| lvpro5c.cat | b009e2d0b9fe8af4c698a5db5fd55687 | DER Encoded PKCS#7 Signed Data | |||
| lvpro5s.cat | c5661ac7bcff1fc9ac0de3bd5b927baa | DER Encoded PKCS#7 Signed Data | |||
| lvpro5v.cat | 1c1df55bbb686646a3abf663b2fb9390 | DER Encoded PKCS#7 Signed Data | |||
| lvrs.sys | 37072ec9299e825f4335cc554b6fac6a | PE32 executable (native) Intel 80386, for MS Windows, 7 sections | |||
| lvselsus.sys | e6ba3db1e07745a79e67fa5afe34bdfb | PE32 executable (native) Intel 80386, for MS Windows, 7 sections | |||
| lvuvc.sys | a240e42a7402e927a71b6e8aa4629b13
| PE32 executable (native) Intel 80386, for MS Windows, 8 sections | |||
| lvuvcflt.sys | b73ec688c29f81f9da0fcf63682b3ecb | PE32 executable (native) Intel 80386, for MS Windows, 6 sections |
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | meth_stackstrings |
| Public Nextron YARA rules | malware | Detects vulnerable driver mentioned in LOLDrivers project using VersionInfo values from the PE header - Lv561av.sys |
| YARAhub by abuse.ch | malware | signed_sys_with_vulnerablity |
JavaScript (0)
No Javascripts found
No Javascripts found
No Javascripts found
HTTP Transactions (1)
| URL | IP | Response | Size | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
dl-dr-4.xyz/drv/common/Logitech_Logitech_USB_Camera__Communicate_Deluxe__LWS110.zip | 89.41.180.201 | 4.5 MB | ||||||||
Detections
HTTP Headers
| ||||||||||