Author Topic: hs.2-22.zlkon.lv - (94.247.2.22) (Read 17950 times)

CkreM · April 05, 2009, 06:23:17 pm

Koobface:

http://viewworldmy2.com/software/38e4f74690/10005/1/Setup.exe
http://rtraffclicks.com/software/38e4f74690/10005/1/Setup.exe
http://viewworldmy1.com/view/1/1000/5 (no trojan there atm)

http://www.virustotal.com/analisis/2f4d43ab87704959d145405cd9305627

SysAdMini · April 07, 2009, 08:48:04 pm

Code: [Select]

xviewworldmy2.com/view/1/1220/3

Malware-Web-Threats · April 17, 2009, 09:44:12 am

Fake codec page + trojan koobface

Code: [Select]

hxxp://hqviewworldmy2.com/view/1/1000/5
http://hqviewworldmy2.com/software/dc0536f1f1/10005/1/Setup.exe

Anubis
VirusTotal: Worm Koobface - 19/40 (47.50%)

Second download on 91.92.165.55 [stanishev.com]

Code: [Select]

hxxp://stanishev.com/1/pch.exe

VirusTotal: Trojan - 19/40 (47.5%)

Config on 218.93.202.50 [nua06032009.biz]

Code: [Select]

hxxp://nua06032009.biz/ld/gen.php

Quote

#noparam #PID=6145
STARTONCE|http://stanishev.com/1/pch.exe
START|http://stanishev.com/1/nfr.exe
STARTONCE|http://stanishev.com/1/pp.06.exe
WAIT|120 #BLACKLABEL EXIT

Malware-Web-Threats · April 19, 2009, 09:46:05 pm

Fake codec page + trojan Koobface

Code: [Select]

hxxp://hxviewworldmy2.com/view/1/1000/5
hxxp://hxviewworldmy2.com/software/e3d6b7561f/10005/1/Setup.exe

File name: Setup.exe
File size: 16384 bytes
MD5: 96bf2207c64602e9e71d99977fc68f21

VirusTotal: Win32/Koobface - 23/40 (57.5%)

Serg · April 20, 2009, 10:20:48 am

Chinese worm for social networks in Latvia?! GG...

Author Topic: hs.2-22.zlkon.lv - (94.247.2.22) (Read 17950 times)

CkreM

hs.2-22.zlkon.lv - (94.247.2.22)

SysAdMini

Re: hs.2-22.zlkon.lv - (94.247.2.22)

Malware-Web-Threats

Re: hs.2-22.zlkon.lv - (94.247.2.22)

Malware-Web-Threats

Re: hs.2-22.zlkon.lv - (94.247.2.22)

Serg

Re: hs.2-22.zlkon.lv - (94.247.2.22)