Report - ls.greywool.com/modules/lscp2-1.0.zip

Report Overview

Visited public
2025-01-25 11:26:09
Tags
URL
ls.greywool.com/modules/lscp2-1.0.zip
Finishing URL
about:privatebrowsing
IP / ASN
75.119.206.13
#26347 DREAMHOST-AS
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ls.greywool.com	unknown	2007-10-08	2013-02-08	2025-01-25	407 B	147 kB	75.119.206.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
ls.greywool.com/modules/lscp2-1.0.zip
IP
75.119.206.13
ASN
#26347 DREAMHOST-AS

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
147 kB (146606 bytes)
Hash
20bbaa2bf4ed319a2eb67d42ea1b68b5
06e080cb54b72281e1355ca79037f2e43ae82893
6ca39736a09ee0d224b20523cb9ced684be29509431cef1e66dbdaec45ee2edc

Archive (50)

Filename

Md5

File type

all settings

d41d8cd98f00b204e9800998ecf8427e

color

d41d8cd98f00b204e9800998ecf8427e

image

d41d8cd98f00b204e9800998ecf8427e

misc

d41d8cd98f00b204e9800998ecf8427e

mouse and actions

d41d8cd98f00b204e9800998ecf8427e

position

d41d8cd98f00b204e9800998ecf8427e

size

d41d8cd98f00b204e9800998ecf8427e

all settings

0a7ef80eeb30d1f1ad66f42d796f6b30

ASCII text, with CRLF line terminators

color

d41d8cd98f00b204e9800998ecf8427e

image

5487c3618dcd67868413e712fd981a73

ASCII text, with CRLF line terminators

misc

8c0e288656eb27cbfb637e8020f8a763

ASCII text, with CRLF line terminators

mouse and actions

d41d8cd98f00b204e9800998ecf8427e

position

8cc5f49147d44c91c00b2ca2c5cf515b

ASCII text, with CRLF line terminators

size

d41d8cd98f00b204e9800998ecf8427e

all settings

d41d8cd98f00b204e9800998ecf8427e

color

d41d8cd98f00b204e9800998ecf8427e

image

d41d8cd98f00b204e9800998ecf8427e

misc

d41d8cd98f00b204e9800998ecf8427e

mouse and actions

d41d8cd98f00b204e9800998ecf8427e

position

d41d8cd98f00b204e9800998ecf8427e

size

d41d8cd98f00b204e9800998ecf8427e

all settings

9d17f363fe4b098efeace51b10e5605b

ASCII text, with CRLF line terminators

commands

9d17f363fe4b098efeace51b10e5605b

ASCII text, with CRLF line terminators

all settings

e1c9e30f8fceabf122da2d38db13d011

ASCII text, with CRLF line terminators

color

ab0354779a73e45f1d0f111a3c47dfdd

ASCII text, with CRLF line terminators

image

d54cce81c13536dbf20e34521a5f6d9e

ASCII text, with CRLF line terminators

misc

6e4f5762d7214b98d10cba89d3b9b6bd

ASCII text, with CRLF line terminators

mouse and actions

fc26920be14e796d415481bd19d81d1d

ASCII text, with CRLF line terminators

position

59fc80b5ed79853ec2a94f955474ab68

ASCII text, with CRLF line terminators

size

cebdda67e0d9e4f3e4ff5b09aff28de7

ASCII text, with CRLF line terminators

help.html

dc5b50cff173284531cc466969023daa

HTML document, ASCII text, with CRLF line terminators

evars.rc

86150106899ab2202a16b1537ebae503

ASCII text, with CRLF line terminators

hotkey.rc

cafe90d109b5301e1700dd3ba4bc5582

ASCII text, with CRLF line terminators

vk104.txt

77e8575a1bbca79ecdafcdb8996a958c

CSV ASCII text

engines.list

50ff714fe73b43acbdb34da759c20cc8

ASCII text, with very long lines (499), with CRLF line terminators

history.ini

1699e846d93e722ebb519a332009bd8b

ASCII text, with CRLF line terminators

personal.rc

a51b4b09250e16d61f36acdca1ae4490

ASCII text, with CRLF line terminators

popup.rc

0bf6c2fff12bd9051fd7ece430288504

ASCII text, with CRLF line terminators

English.example

b7d0470512bd41c99d7e206f363155ac

Generic INItialization configuration [About]

Finnish.ini

06e57b9448d6fd6564333335c32c98c4

Generic INItialization configuration [About]

French.ini

4116244604696836278a0904eb00872a

Generic INItialization configuration [About]

Russian.ini

ee491e3a45d2726bed53a7352799dd67

Generic INItialization configuration [About]

rainlendar.ini

4c22305d13bc1d11b0490d970a58cfd0

ASCII text, with CRLF line terminators

theme.rc

20f5fc778dac1696a2e0df08e8554035

ASCII text, with CRLF line terminators

themeselect.rc

e870878b5158b1eebd85992f556e4bb9

ASCII text, with CRLF line terminators

themeslist.rc

0f66bf05cc430a5b094313d7a25e7594

ASCII text, with CRLF line terminators

modcom.ini

1497c935d1593093b16187bacb180c50

ASCII text, with CRLF line terminators

settingsipc.dll

ee4bfa879157835e6153a74bdd01f842

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections

lscp2.exe

4334e3d041dd89517662ac79e12a76a9

PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections

changelog.txt

7a4a97b1f4743bea577eef64845b9dff

ASCII text, with CRLF line terminators

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	ls.greywool.com/modules/lscp2-1.0.zip	75.119.206.13	200 OK	147 kB
URL User Request GET HTTP/1.1 ls.greywool.com/modules/lscp2-1.0.zip IP 75.119.206.13:80 ASN #26347 DREAMHOST-AS File type Zip archive data, at least v2.0 to extract, compression method=store Size 147 kB (146606 bytes) Hash 20bbaa2bf4ed319a2eb67d42ea1b68b5 06e080cb54b72281e1355ca79037f2e43ae82893 6ca39736a09ee0d224b20523cb9ced684be29509431cef1e66dbdaec45ee2edc HTTP Headers `GET /modules/lscp2-1.0.zip HTTP/1.1 Host: ls.greywool.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 25 Jan 2025 11:25:45 GMT Server: Apache Upgrade: h2 Connection: Upgrade, Keep-Alive Last-Modified: Sat, 17 Sep 2011 22:37:36 GMT ETag: "23cae-4ad2ac1a6ac00" Accept-Ranges: bytes Content-Length: 146606 Cache-Control: max-age=172800 Expires: Mon, 27 Jan 2025 11:25:45 GMT Vary: User-Agent Keep-Alive: timeout=5, max=100 Content-Type: application/zip`

ls.greywool.com/modules/lscp2-1.0.zip

75.119.206.13

200 OK

147 kB

URL User Request GET HTTP/1.1
ls.greywool.com/modules/lscp2-1.0.zip
IP
75.119.206.13:80
ASN
#26347 DREAMHOST-AS

File type
Zip archive data, at least v2.0 to extract, compression method=store
Size
147 kB (146606 bytes)
Hash
20bbaa2bf4ed319a2eb67d42ea1b68b5
06e080cb54b72281e1355ca79037f2e43ae82893
6ca39736a09ee0d224b20523cb9ced684be29509431cef1e66dbdaec45ee2edc

HTTP Headers

GET /modules/lscp2-1.0.zip HTTP/1.1
Host: ls.greywool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Jan 2025 11:25:45 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 17 Sep 2011 22:37:36 GMT
ETag: "23cae-4ad2ac1a6ac00"
Accept-Ranges: bytes
Content-Length: 146606
Cache-Control: max-age=172800
Expires: Mon, 27 Jan 2025 11:25:45 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Content-Type: application/zip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (50)

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers