Report Overview
Visitedpublic
2025-05-13 01:19:03
Tags
Submit Tags
URL
www.west-wind.com/files/wwipstuff.zip
Finishing URL
about:privatebrowsing
IP / ASN
149.28.15.235
#20473 AS-VULTR
Title
about:privatebrowsing

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Host Summary

HostRankRegisteredFirst SeenLast Seen
www.west-wind.com
unknown1995-10-042012-08-312025-03-28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected


OpenPhish

No alerts detected


PhishTank

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


File detected

URL
www.west-wind.com/files/wwipstuff.zip
IP / ASN
149.28.15.235
#20473 AS-VULTR
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=deflate
Size943 kB (943243 bytes)
MD53934e72698b6cc03d6df0210a0562293
SHA101241debe893befa557640cdcad8b3de7d75ba2b
Archive (44)
FilenameMD5File type
wwapi.PRG3f9716109a490181afc54f50b7241a66ASCII text, with CRLF line terminators
wwcollections.prge4352a2471276dcc5cc1be593ddadb75ASCII text, with CRLF line terminators
wwDotNetBridge.PRG3ba08da412d0ef30ee263adc1b88df9dASCII text, with CRLF line terminators
wweval.PRG91ffb637cf2d15e624374568a7cfb70dASCII text, with CRLF line terminators
wwftp.PRG6fa2555bed128c7f2fcc4ae17f2dee4dASCII text, with CRLF line terminators
wwhttp.PRG55645966e4da7e4b79ad24c442126de8data
wwPop3.PRG9d3ce400c0a60d07fae8e16e34107986ASCII text, with CRLF line terminators
wwsmtp.PRG109a38f28ca86b17de300525048a355fASCII text, with CRLF line terminators
wwsocket.PRG4e9c9db90aaa299a9a24355cea6b53beASCII text, with CRLF line terminators
wwutils.PRGdf2fe1ca51fb247581332647fa01cbd0Unicode text, UTF-8 text, with CRLF line terminators
wwxml.VCT8b89e905f3eb8498e49c1157851742a6MacBinary INVALID date "��"
wwxml.VCXc0031083ead0871e0d374acfba586b4dVisual FoxPro DBF, 5 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Class "
dunzip32.dllc76d8e6eaefdfb62d0ddf7a670c2e5edPE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections
dzip32.dll0a4cc328ae0bcb13e9056c9afcf3a9c5PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 8 sections
load_wwipstuff.prgfffb78c6b0e5fa05b5e8b8b5dc47e1a9ASCII text, with CRLF line terminators
readme.htm64b7173db8e0a94ead0535b16831df6fHTML document, ASCII text, with very long lines (364), with CRLF line terminators
custlist.SCTd8f364e0e7f7a13a643cac669a979a15data
custlist.SCX33f2b02f52f527a2a388d2b14db4f8b3Visual FoxPro DBF, 23 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen "
distfiles.DBFff8b09d2c5cf8f1f55be06ed8f18eca8Visual FoxPro DBF, 1 record * 49, update-date 11-4-11, codepage ID=0x3, with memo .FPT, at offset 392 1st record "wwipstuff.dll "
distfiles.FPT05bd4ae560a959b5ef6cef38ac8bc7e9Adobe Photoshop Color swatch, version 0, 2009 colors; 1st RGB space (0), w 0x40, x 0, y 0, z 0; 2nd RGB space (0), w 0, x 0, y 0, z 0
ftp.SCTf50dddf35f8a556f1ba616616e88885edata
ftp.SCX1db83a28b93970f45fe9d3d579ff9c5dVisual FoxPro DBF, 22 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen "
geturl.SCTb933ce7727393b2a7c77f8ccd27f6335data
geturl.SCXd1072c8d0b911b8ee1f9d5d1f646406eVisual FoxPro DBF, 10 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen "
httpmenu.SCTf94afc5a1a3b1cbaf8625ea4b20ac79adata
httpmenu.SCX906997f417d4982eecc517a57fcb58a5Visual FoxPro DBF, 13 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen "
httpprogress.SCT927440f6aa16e513508822ce0ae2b1a3data
httpprogress.scx3d52216ab69900ad984b452ff3f99f84Visual FoxPro DBF, 11 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen "
httpsql.SCTc1e758774aec07fb9262f2ac0be7339ddata
httpsql.SCX4cc5d53a777b0d90d4496f0d30b4525cVisual FoxPro DBF, 30 records * 109, update-date 05-11-16, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen "
smtp.SCT3126cc7540c5d5c8b511c0039a464b5cdata
smtp.scx1e240eaf9314f8e8d018b85e65504cbfVisual FoxPro DBF, 29 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen "
wwHTTPDemo.PJT03ef7f0cdfede5b1f4b9aaaa80aafc11Adobe Photoshop Color swatch, version 0, 7850 colors; 1st RGB space (0), w 0x21, x 0, y 0, z 0; 2nd RGB space (0), w 0, x 0, y 0, z 0
wwHTTPDemo.pjxbf41f55114e18b69df9348caa46383abVisual FoxPro DBF, 34 records * 130, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1192 1st record ""
wwipstuff_Samples.PRG2fdf326286774d1f830175c403faca1fASCII text, with CRLF line terminators
wwsmtp_sample.PRG7256796dcf1fdfaf579f5f667a65932eASCII text, with CRLF line terminators
wwDotNetBridge.dll74b17943030840190bd14e80f5b5beb6PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections
wwHttpDemo.APPf00da152162550778c96aa06fac44216data
wwipstuff.bmp892eb850f8bf0854e2802c0e0e111362PC bitmap, Windows 3.x format, 16 x 16 x 4, image size 128, 16 important colors, cbSize 246, bits offset 118
wwipstuff.chmc0066ac8a110792cebe1b733a24a92b1MS Windows HtmlHelp Data
wwipstuff.dll0477a7a83eacdbc19892a7598beb601bPE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
zlib1.dll80e41408f6d641dc1c0f5353a0cc8125PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
config.fpw953968e1b2ad4632b95511362f3171aeASCII text, with no line terminators
wconnect.haabaf5ac18c9c55b8210b05db12d8df2ASCII text, with CRLF line terminators

Detections

AnalyzerVerdictAlert
VirusTotalsuspicious

JavaScript (0)

HTTP Transactions (1)

URLIPResponseSize
GET www.west-wind.com/files/wwipstuff.zip
149.28.15.235200 OK943 kB