Author Topic: Updated trojans banker from *.sites.uol.com.br  (Read 15883 times)

0 Members and 1 Guest are viewing this topic.

April 02, 2011, 04:12:28 pm
Reply #15

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://artemisaalves.sites.uol.com.br/mod1.png         md5sum ===> b87662413be64b66b2943d9cb86e780ahttp://www.virustotal.com/file-scan/report.html?id=149f4cbc015d6e955a70182ea94f727ce17f9be01a2f28e4b61174a455f91b4b-1301760468
VT 27/42 (64.3%)

May 05, 2011, 10:46:34 am
Reply #16

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Code: [Select]
http://araujofernao.sites.uol.com.br/News.jpg         md5sum ===> 34a4e687425362e2913ec31d484f23b5http://www.virustotal.com/file-scan/report.html?id=3cbc860d9e8bb74e01394d5825a14bd8a706dd4bdb00baba72e0ba8c9121ed2c-1304592151
VT 27/42 (64.3%)

May 06, 2011, 03:52:32 pm
Reply #17

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://araujofernao.sites.uol.com.br/News.jpg         md5sum ===> 5a67b5ad6a757251ed5d3ba1a344c3f2https://www.virustotal.com/file-scan/report.html?id=8e9087433fb56470690f46936a806c2e66bd088e171866d54a3aa56da554a2bd-1304696563
VT 20/42 (47.6%)

May 08, 2011, 02:07:40 pm
Reply #18

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://araujofernao.sites.uol.com.br/News.jpg         md5sum ===> 054f5f93379c0eb8abd1c7fb62b474ddhttp://www.virustotal.com/file-scan/report.html?id=0f34f6ef059713df4cd3e4da58fbf737ba1dfd38abcf04288ee3e1fc4aa81607-1304863481
VT 23/41 (56.1%)

May 09, 2011, 06:49:49 am
Reply #19

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://freitasromulo.sites.uol.com.br/larinha.htm         md5sum ===> 34becadc7a01bf50d91f4169d9898ac7http://www.virustotal.com/file-scan/report.html?id=cb0d8131436f3a94713c77dc3b573d49d8726e845b3caf071fc78bee002ea74c-1304923413
VT 16/42 (38.1%)

May 09, 2011, 04:39:25 pm
Reply #20

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Brazil - ZIPNET BR AS
IP  200.147.33.19
[200-147-33-19.static.uol.com.br]
AS7162
Code: [Select]
http://araujofernao.sites.uol.com.br/News.jpg         md5sum ===> b998497a0a3c50c643dd6ee4e2fe6c03http://www.virustotal.com/file-scan/report.html?id=8d1937a283d01fa7c151557f65fd626726a0a5fe3b786cd018b08c41a2ea7d70-1304958916
VT 22/42 (52.4%)

May 09, 2011, 06:22:09 pm
Reply #21

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://r5eletrica.sites.uol.com.br/ger.jpg         md5sum ===> 2e09e559d91b28c38690af89d61cfb0chttp://www.virustotal.com/file-scan/report.html?id=1d736e6c06d6dcd30423633f2883dccfb160f3cac93c057d24a274b32fd9ec09-1304964651
VT 31/42 (73.8%)

May 10, 2011, 06:27:08 am
Reply #22

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://simone.skill.sites.uol.com.br/bicudo.txt         md5sum ===> e5001d002d1776cb42e471b6d5f96e4dhttp://www.virustotal.com/file-scan/report.html?id=44ff91596ec749bfdb94b58d438d9794c952df599c759269bb920e15dec6206e-1305008153
VT 15/43 (34.9%)

May 14, 2011, 07:14:30 pm
Reply #23

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://gucosilva.sites.uol.com.br/downloada.jpg         md5sum ===> 5d1cdf7ff4c57503c2352f1d6bf3a149http://www.virustotal.com/file-scan/report.html?id=129591853d1490deb52c274eb967a39a84d68e75fc3f9e86558acdacce8565ed-1305399681
VT 13/42 (31.0%)
Code: [Select]
http://gucosilva.sites.uol.com.br/downloadb.jpg         md5sum ===> 2d3c7fd7cc6468a33108432431fe4096http://www.virustotal.com/file-scan/report.html?id=a3f15db92c7b0f7e5d3d2515a5d36b52524978a08b84976bf533443a65006f6b-1305399825
VT 7/42 (16.7%)

October 25, 2011, 12:17:33 pm
Reply #24

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
amazzamboni.sites.uol.com.br/moduloa.ico           md5sum ===> 2f3073082f7d51e3e5f8f9cfa00f541bhttp://www.virustotal.com/file-scan/report.html?id=53206709a0fd2c0103b6fbfea0e2b486f59a07394ebd7b2fa0490d9d96bb8f42-1319544083
VT 20/39 (51.3%)

November 18, 2011, 09:58:25 am
Reply #25

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://robertovmachado.sites.uol.com.br/4itabb.txt               md5sum ===> d71292fca2fc26887a813d09b49b3c1d
hxxp://robertovmachado.sites.uol.com.br/3natela.txt              md5sum ===> e8effc3d83b36ff7ad7e353c7bca3819
hxxp://robertovmachado.sites.uol.com.br/2ne3x.txt                md5sum ===> 12b0a9e0158302057acecdfc31da8e0e
hxxp://robertovmachado.sites.uol.com.br/1bandeira.txt            md5sum ===> 21ce32b3f4e182cc5e454841fe8c809a
http://www.virustotal.com/file-scan/report.html?id=36daa746fd66162bf617304e9d933214233a030e5bac16e579c3d87609529bd7-1321609266
VT 34/42 (81.0%)
http://www.virustotal.com/file-scan/report.html?id=021141c28f6a8c96d0f84d774ab018a9689977d3dfd241f3495e1cae308ca72c-1321609191
VT 32/42 (76.2%)
http://www.virustotal.com/file-scan/report.html?id=395999ef81385b2913d4dd934b72de73a0a5bed7d0f2d4a190b4ae729d52f917-1321609654
VT 37/42 (88.1%)
http://www.virustotal.com/file-scan/report.html?id=3174d82b648cdd96c0946664c7732e0624543648aa141e3c747d263882ea10d8-1321609392
VT 33/42 (78.6%)

November 21, 2011, 06:45:03 pm
Reply #26

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://adv.orestes.sites.uol.com.br/yrieryriueyriewyrieyr.tmp         md5sum ===> 188c02a240c10b296c299ebb99ed0c57
hxxp://adv.orestes.sites.uol.com.br/PLGPROJETO.tmp                    md5sum ===> 60d5baca395a38472e6d86d390fc7abd
hxxp://adv.orestes.sites.uol.com.br/SKDFLKSAJFLASJFLF.tmp             md5sum ===> 9c0ef407476647bdc902270474f23f92
hxxp://adv.orestes.sites.uol.com.br/Key_SuperKill.tmp                 md5sum ===> 4b652e7822f32302087eea5ed2b89aba
http://www.virustotal.com/file-scan/report.html?id=b9763064918e626242d7bcd77d29b3044d207f519661d7814baf0005343b5685-1321813629
VT 26/41 (63.4%)
http://www.virustotal.com/file-scan/report.html?id=070e0c27f04f98c6a2a6ea61f3810a51a714752cfcc23a31878e9e07f22552c4-1321846808
VT 29/42 (69.0%)
http://www.virustotal.com/file-scan/report.html?id=cf78d6ec7596175fdc7c49f06541cf0943056b4a176cfe6d2f8600cff17733bd-1321814643
VT 29/42 (69.0%)
http://www.virustotal.com/file-scan/report.html?id=29a2b45e0b7c1776e7fdadee5d7759e2c8d8d11eee850b04550fd6f56b982d5f-1321815174
VT 20/42 (47.6%)

December 05, 2011, 06:49:16 pm
Reply #27

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://robertovmachado.sites.uol.com.br/2ne3x.txt       md5sum ===> ee4ef99ad007f113841273c36fcb7481
hxxp://robertovmachado.sites.uol.com.br/1bandeira.txt   md5sum ===> e6c38f13712fc3ee3c06fc9ee1752dcb
hxxp://robertovmachado.sites.uol.com.br/3natela.txt     md5sum ===> 4466f5f68d62340e9ee53cd17fa4586a
hxxp://robertovmachado.sites.uol.com.br/4itabb.txt      md5sum ===> f0565be19b190b97e6b6dba7d65cffef
hxxp://robertovmachado.sites.uol.com.br/7protecao.txt   md5sum ===> 34930b34e404862ba6a189158b60ff2a
hxxp://robertovmachado.sites.uol.com.br/5derubavs.txt   md5sum ===> f6ea61f648fe6283c4231fb259485a4b
http://www.virustotal.com/file-scan/report.html?id=9f6a36488dbafcc35b5092d6de754e75da844c288f322b55b25e2c8461ee0622-1323109183
VT 32/43 (74.4%)
http://www.virustotal.com/file-scan/report.html?id=72d22c914a1ea8b8813e129746b1add40bf3ea6f5810cf00d9752b68d85396ed-1323109816
VT 30/43 (69.8%)
http://www.virustotal.com/file-scan/report.html?id=9b6cde9ba9016cd85b30b9071150dc866c9968df268c976ea7cfd5e26aa11980-1323109769
VT 27/43 (62.8%)
http://www.virustotal.com/file-scan/report.html?id=2d756c1b7c6cd3f5cb1e245e710f2ded595efe9a571cf4f104a935f089aed035-1323110043
VT 28/43 (65.1%)
http://www.virustotal.com/file-scan/report.html?id=70ae3c823c787ee9b01cb037a060f0cc1d6483b95501f3480d70ec6ee0e6faaf-1323110170
VT 8/42 (19.0%)
http://www.virustotal.com/file-scan/report.html?id=ad8f5b59a9ce16902ed06845d36144b4455017bfc8fb6e1b37c2eacb7bd7bfc2-1323110362
VT 20/43 (46.5%)