Author Topic: Updated trojans banker from *.sites.uol.com.br  (Read 15934 times)

0 Members and 1 Guest are viewing this topic.

February 22, 2011, 01:42:27 pm
Read 15934 times

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://madereiraxopoto.sites.uol.com.br/upa.jpg                    md5sum ===> 09af2ddeac6aaac82b0e49a9f42c1cedhttp://www.virustotal.com/file-scan/report.html?id=5018b72c9b04d9f72f1c485c48cd5294c15815958c382b6e06f8637b79e492c1-1298381740
VT 12/40 (30.0%)

February 23, 2011, 07:53:24 pm
Reply #1

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://mcmpessa.sites.uol.com.br/loader.html                    md5sum ===> 14bd659a386fd32e6f375109396b01a3http://www.virustotal.com/file-scan/report.html?id=3ce0fb6b8cff0e5aff2eba1ec8fbfbe6e7da1acbf2919c528f6aea44594a4626-1298454983
VT 31/43 (72.1%)
Code: [Select]
http://mcmpessa.sites.uol.com.br/modulo.html                    md5sum ===> d1fee280234345f574e82d23f28c9de6http://www.virustotal.com/file-scan/report.html?id=30e420b4b4405e8c68e1b6fd40f403c0ce8a42df2ec6382469fe76bb54593892-1298466336
VT 20/43 (46.5%)

February 23, 2011, 08:53:03 pm
Reply #2

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://madereiraxopoto.sites.uol.com.br/upa.jpg                    md5sum ===> 09af2ddeac6aaac82b0e49a9f42c1ced

Code: [Select]
http://http://madereiraxopoto.sites.uol.com.br/upa.jpg                    md5sum ===> ee086621be393038d2e7b2303119bc73http://www.virustotal.com/file-scan/report.html?id=defe7b06380486e1d366139776915b17229d59ae86fd1ed71a6fb1d8136cd738-1298494037
VT 13/43 (30.2%)

February 27, 2011, 03:17:28 pm
Reply #3

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://transtel.sites.uol.com.br/iesplore.htm        md5sum ===> 129ddf46346d3306cbc0ea3cd3a7f542http://www.virustotal.com/file-scan/report.html?id=6bc3fb0cf365b894c6ba012dbe97341e49d7fd9215d81ebbfcf5a6162cd65623-1298819357
VT 10/41 (24.4%)

February 28, 2011, 09:44:58 pm
Reply #4

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://araujofernao.sites.uol.com.br/modulo.html                    md5sum ===> 88ab348828f1934d5023a838c8183165http://www.virustotal.com/file-scan/report.html?id=8b69685066e17186c656039d303d2cad860256247439b462ca87d1ee0be869d3-1298929016
VT 15/43 (34.9%)
Code: [Select]
http://araujofernao.sites.uol.com.br/puxador.html                   md5sum ===> b60b9ee9f145ff8acdf2fead110c88f9http://www.virustotal.com/file-scan/report.html?id=89523e3afef3a79e43d96b69791c4049f9fbc90577c6c140cc2ca1049d96c6ed-1298928742
VT 29/43 (67.4%)

March 01, 2011, 11:27:38 am
Reply #5

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://doiop.com/i90k7m                                  md5sum ===> 71706bd22f1408d1c895c522e9c889a5
http://transtel.sites.uol.com.br/iesplore.htm            md5sum ===> 71706bd22f1408d1c895c522e9c889a5
http://www.virustotal.com/file-scan/report.html?id=db0224c57fd1f656c8349f334ce83acf965d9d97c1b6cf0dd03b43d7f297034b-1298977506
VT 14/43 (32.6%)

Code: [Select]
http://fontesbueno.sites.uol.com.br/moduloa.swf          md5sum ===> 5527c6b3033bb5189a5f474f156cacc9http://www.virustotal.com/file-scan/report.html?id=3e77caaa7ec9546ad793c3cbeb94af286e097f413e4837c51f48978a89472174-1298978119
VT 26/43 (60.5%)

March 05, 2011, 01:22:55 pm
Reply #6

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://asassis.sites.uol.com.br/moduloa.jpg                    md5sum ===> 3008a30f7dee38e139957b21a84d027chttp://www.virustotal.com/file-scan/report.html?id=8eb9126c73ceb45dfa787bafafe4b4b6d9a48e416e15dfcae5f710a56b854ede-1299331029
VT 20/43 (46.5%)

Code: [Select]
http://mcmpessa.sites.uol.com.br/loader.html                    md5sum ===> 4b3f6c198c6899b7328994146fde0f03http://www.virustotal.com/file-scan/report.html?id=2c572d9608f445f21c5910e3652fb753978301b89cab786460bc89cc6bcf9ffa-1299330917
VT 13/43 (30.2%)
Code: [Select]
http://mcmpessa.sites.uol.com.br/modulo.html                    md5sum ===> e70c4fd2dac645a8072dfadbd51e626fhttp://www.virustotal.com/file-scan/report.html?id=010d9146b7502aea8aa783dfaf4f02911fdf4ea1667df8a0bfcc21511c739b1b-1299330962
VT 17/42 (40.5%)

March 07, 2011, 11:09:58 am
Reply #7

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://cmbpupin.sites.uol.com.br/upa.jpg                    md5sum ===> ef46856bd377664a97b00fd6a0edda3chttp://www.virustotal.com/file-scan/report.html?id=54a42956a3909fac6336060cf05a495a717aa509aacac69bda73f63f29197cba-1299494296
VT 22/43 (51.2%)

March 12, 2011, 08:19:00 pm
Reply #8

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
http://asassis.sites.uol.com.br/moduloa.jpg         md5sum ===> 6bd1c9e191b22be295d131976b6585bfhttp://www.virustotal.com/file-scan/report.html?id=f66fcbd8e1e634a071a4a2d18034e306c7c42d738a345e1681583e48aed82037-1299960888
VT 25/42 (59.5%)

Code: [Select]
http://mcmpessa.sites.uol.com.br/loader.html         md5sum ===> 21e65d4d71d871bdf27442beb957ad1fhttp://www.virustotal.com/file-scan/report.html?id=e9c1f582501aab6307d3dc8da40a4c256070ecb839057aaa2c99d35b16a51237-1299960967
VT 24/43 (55.8%)

March 22, 2011, 07:38:53 pm
Reply #9

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Registrant/Email Registrant: Contato Administrativo - UOL/l-registrobr-uol@corp.uol.com.br
Code: [Select]
http://mcmpessa.sites.uol.com.br/loader.html         md5sum ===> 57685fcac8a1e02b9aa81fe8531bcac3http://www.virustotal.com/file-scan/report.html?id=79881d0b9fd9a07ae7a2a29722353f172371e25422feec552ec02237e4ad081b-1300822322
VT 22/41 (53.7%)

March 26, 2011, 08:16:12 am
Reply #10

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Registrant/Email Registrant: Contato Administrativo - UOL/l-registrobr-uol@corp.uol.com.br
Code: [Select]
http://meggadistribuidora.sites.uol.com.br/lindas.htm         md5sum ===> 517ba6064320754cdcb8dfbf4a634da4http://www.virustotal.com/file-scan/report.html?id=080202ba233392e9c2b74593dd43c89025062d2b4dc5f73c28824d4bb7c696bb-1301126878
VT 17/41 (41.5%)
Code: [Select]
http://meggadistribuidora.sites.uol.com.br/meninas.htm        md5sum ===> 3c00107360b9b3fe8832ca0f7faa6bedhttp://www.virustotal.com/file-scan/report.html?id=2a643ce296ad24bb11a9a533047d094828178aba5e08623d310db7d8d7a0067e-1301127204
VT 10/43 (23.3%)

March 26, 2011, 05:38:05 pm
Reply #11

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Registrant/Email Registrant: Contato Administrativo - UOL/l-registrobr-uol@corp.uol.com.br
Code: [Select]
http://mcmpessa.sites.uol.com.br/modulo.html         md5sum ===> a2abfc9257c3c6a3f9b6ba98bfd5e669http://www.virustotal.com/file-scan/report.html?id=f11c2819dc58d78018f66bee89f5292306ff0774a24d2f7e28dce2e0df8ef1d4-1301160572
VT 15/41 (36.6%)
Code: [Select]
http://mcmpessa.sites.uol.com.br/loader.html         md5sum ===> 26cdb46b5d73a97233f3f3b4581e136fhttp://www.virustotal.com/file-scan/report.html?id=a3024245fdd6ee0d7e34946ce410f88ac5d689d12ba11b0ce34faaf83b3837b4-1301160926
VT 24/43 (55.8%)

March 29, 2011, 07:48:33 am
Reply #12

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Brazil - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Code: [Select]
http://mcmpessa.sites.uol.com.br/modulo.html         md5sum ===> 261673acc4891543ea2db7f6725990echttp://www.virustotal.com/file-scan/report.html?id=985c79d5dd9f59ebbe48ee2c9c52c43cb776bf916d2ad820fc84e2b51335ad58-1301168912
VT 7/43 (16.3%)

March 29, 2011, 11:42:52 am
Reply #13

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508

March 31, 2011, 06:54:57 pm
Reply #14

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Code: [Select]
http://lucasnaif.sites.uol.com.br/upa.jpg         md5sum ===> 799740731532d185e066adfc974c7239http://www.virustotal.com/file-scan/report.html?id=8cbf62bcb4af4bb1d5d3f9cbd282b5f982f69d30da4dda73e51f4b8d921e6143-1301589008
VT 10/41 (24.4%)