Author Topic: Simply New  (Read 33292 times)

0 Members and 1 Guest are viewing this topic.

June 09, 2012, 09:31:10 pm
Reply #30

GaryDee

  • Sr. Member

  • Offline
  • ****

  • 248
Code: [Select]
http://www.externe.klmusik.de/safe/software/PantsOff.zipnot-a-virus:PSWTool.Win32.Finder.d

---------------------------------------------------------------------------------------------------------------------

Code: [Select]
http://www.externe.klmusik.de/safe/software/passwordfox.zipnot-a-virus:PSWTool.Win32.NetPass.zm

June 09, 2012, 09:55:24 pm
Reply #31

dlipman

  • Special Access
  • Full Member

  • Offline
  • *

  • 60
    • Multi-AV Scanning Tool
Code: [Select]
http://www.externe.klmusik.de/safe/software/PantsOff.zipnot-a-virus:PSWTool.Win32.Finder.d

---------------------------------------------------------------------------------------------------------------------

Code: [Select]
http://www.externe.klmusik.de/safe/software/passwordfox.zipnot-a-virus:PSWTool.Win32.NetPass.zm

Quote
PasswordFox v1.20
Copyright (c) 2008 - 2010 Nir Sofer
Web site: http://www.nirsoft.net

How about NirSoft or SysInternals PsTools? Will you also post links to them here? :)

Yeah, he did

The other "Simply New", 2004 Simply OLD !   


June 09, 2012, 10:41:45 pm
Reply #32

Amishrabbit

  • Jr. Member

  • Offline
  • **

  • 10
Hey mods: Is there a way for me to filter or block posts from GaryDee? His high volume of spammed crap posts of questionable quality really bring the level of this forum way down.

-=A
-=A

June 19, 2012, 10:20:46 am
Reply #33

GaryDee

  • Sr. Member

  • Offline
  • ****

  • 248

June 19, 2012, 10:45:11 am
Reply #34

dlipman

  • Special Access
  • Full Member

  • Offline
  • *

  • 60
    • Multi-AV Scanning Tool


October 22, 2013, 12:24:06 pm
Reply #36

GaryDee

  • Sr. Member

  • Offline
  • ****

  • 248

October 27, 2013, 03:14:29 pm
Reply #37

GaryDee

  • Sr. Member

  • Offline
  • ****

  • 248
NEW Malware
Trojan-Downloader.JS.Iframe.ddp
Code: [Select]
FOLLOWING LINKS ARE INFECTED WITH: Trojan-Downloader.JS.Iframe.ddp
DETECTED: 26.10.2013 11:57:02
DOMAIN: http://www.hoching.com/
https://www.virustotal.com/de/url/6579f19955139d5cebd7bcc9ec5246f51188b82535e9d5e6c6a9a8d01831e041/analysis/
MALICIOUS LINKS:
1)
http://www.hoching.com/college2/kelvin
https://www.virustotal.com/de/url/f1c54b65e60b8fab2fc5187bd910e2349de2beceb5c280ec13e63b71ad9ded27/analysis/1382782527/
https://www.virustotal.com/de/file/0655213edddb136c9f306576a8d089295b71151c605ddd8b27638aca3b2ceb1b/analysis/1382782200/
2)
http://hoching.com/about/index.html
https://www.virustotal.com/de/url/1739a7864f74d98de9bfa21fa947ad2d43494fec0cbb9b0c4ec6f6a4be6ab26b/analysis/1382783425/
https://www.virustotal.com/de/file/fe4c9408901e188503b3d7382c6ee53767746a9cd659bd08a6fb07cfe5a0504c/analysis/1382783051/
3)
http://hoching.com/hba
https://www.virustotal.com/de/url/97d2194c8f13ba3a1b76720619a3ee7291eb3556509f898173a4a51c476c424c/analysis/1382783499/
https://www.virustotal.com/de/file/95d064adeb8f681d8d51ae700db4f79c817667664f2b70235cd44f5c62ae3e12/analysis/1382783345/
4)
http://hoching.com/lbs
https://www.virustotal.com/de/url/55768d643da58315673463ae5cf48e68ab5e3811574419327b6146f74cda1806/analysis/1382783584/
https://www.virustotal.com/de/file/11520906bace69f2fb9d3b200a63c38879480fd612dff46703debb12d2dc8cd9/analysis/1382783254/
5)
http://hoching.com/events
https://www.virustotal.com/de/url/98901a90e81fb0421e24c10e992c9dff7085d77aa18c2848bcd266ce6d06a4ee/analysis/1382783697/
https://www.virustotal.com/de/file/fd0efad809c28014fbf003f3d778c10ed1c0411831c3ae91b4fcaa2068458278/analysis/1382783191/
6)
http://hoching.com/college2
https://www.virustotal.com/de/url/841e7a354acb1e520ac3aae7ebbb3f5e75515bfd9fef3ec7f84ab5633a180547/analysis/1382783773/
https://www.virustotal.com/de/file/7ada58829a79bca7eed8802e2f6c9b49cbc0b130cf9766f8af4af17aba3d58fb/analysis/1382783037/
7)
http://hoching.com/menand
https://www.virustotal.com/de/url/8349d3ccdbfe834edb1e4101d99d57ae2aa6299b9c6f2b61fceed46938211c09/analysis/1382783840/
https://www.virustotal.com/de/file/5fffbc7ec1fbde6c577d15ae52a77566e2ce1045d19ed1e6ad6080914d1f5c29/analysis/1382783036/

Code: [Select]
SCREENSHOT WITH OTHER INFECTED LINKS OF THIS DOMAIN
http://s1.directupload.net/file/d/3422/ld62kkqq_jpg.htm

October 27, 2013, 03:19:35 pm
Reply #38

GaryDee

  • Sr. Member

  • Offline
  • ****

  • 248
NEW MALWARE
Exploit.JS.Agent.bnu
Code: [Select]
INFECTED: Exploit.JS.Agent.bnu
DETECTED: 27/10/2013 12:08:38
http://eldesaparecido.com/
https://www.virustotal.com/de/url/ce814952fec77330b39e4add2909f5059ca81b14d5c66fbbe45ac859716ff5d5/analysis/
Exploit.JS.Agent.bnu
https://www.virustotal.com/de/file/daae88a57cb1b8287d64bbf884a81ac7112b60f0e37d17b4dd3bcc460ef30304/analysis/
--->
http://lanotfo.com/
https://www.virustotal.com/de/url/6ff7f2d41dd24b4613f5c7f2ddf8045fb0cf966e530535a171dc971168a03bdb/analysis/
http://lanotfo.com/exit.php
https://www.virustotal.com/de/url/418aefb901fd9cef797a1419bd4c3b82f15eab2e5fac9688998f3ce1cee83775/analysis/
ALSO INVOLVED:
http://www.sosvirus.net/
https://www.virustotal.com/de/url/7a4a2c4a418aa42a51e12eba041ea7030920505f0a42c06ff444a271892a48b7/analysis/
**************************
ADDITIONALLY:
IP OF eldesaparecido.com:
213.186.33.19 (FRANCE)
https://www.virustotal.com/de/url/b782c657efca3b3d94fd66245d617b01113f6698a43fd8c1639a13ec1dabc07e/analysis/1382876571/
290.052 appearances in Spam e-mails or Spam post urls
https://www.projecthoneypot.org/ip_213.186.33.19
**************************
http://urlquery.net/report.php?id=7208759
http://urlquery.net/report.php?id=6957455
http://www.urlvoid.com/scan/eldesaparecido.com/
http://app.webinspector.com/public/reports/18080173
http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=eldesaparecido.com
http://wepawet.iseclab.org/view.php?hash=21f73f8039583c5e592eafbd4a25af9a&t=1382007486&type=js
http://www.avgthreatlabs.com/website-safety-reports/domain/eldesaparecido.com/domain-search-widget/www.avg.com.au/

October 29, 2013, 01:16:20 pm
Reply #39

GaryDee

  • Sr. Member

  • Offline
  • ****

  • 248
NEW MALWARE:
Trojan.JS.Agent.cbn
INFECTED: Neutrino Exploit Kit Clicker.php
DETECTED: 29.10.2013 11:19:51
Code: [Select]
http://pupolandia.com/
https://www.virustotal.com/de/url/d7d38d1d1c9e1b46ed3419aa600ee6a1c09e9d9db78066885354396180278573/analysis/1383042127/
Trojan.JS.Agent.cbn
https://www.virustotal.com/de/file/04709c9b47e8c25cd64344de8fa4f6791033f385982dc0414e87546d35ee552d/analysis/1383042593/
http://urlquery.net/report.php?id=7271925
--->
http://hr.oncallinteractive.com/clicker.php
https://www.virustotal.com/de/url/080a03e550781f13f2d8a8899efa3e10c116ad2a99110f5fa6178add9eff4b7a/analysis/1383042778/
http://urlquery.net/report.php?id=7272125
https://www.virustotal.com/de/url/fb48ce1a6989c6bd01b55403e9dd7ab191c70dac424dc2eaf0ef1cb3188cdc6c/analysis/

October 30, 2013, 07:37:45 am
Reply #40

GaryDee

  • Sr. Member

  • Offline
  • ****

  • 248
NEW MALWARE:
Trojan-Downloader.JS.Iframe.dfe
Code: [Select]
INFECTED: HEUR:Trojan.Script.Generic
DETECTED: 26.10.2013 10:54:29
http://sbrpuram.com/
https://www.virustotal.com/de/url/8d61467e659879506cd205756d82060ae9d1532d402ced1010c4124c30cf6d2b/analysis/1383084583/
Trojan-Downloader.JS.Iframe.dfe
https://www.virustotal.com/de/file/aee6a2257108cd8c13ec9f95f7aef34486df6228bd79ea530b33aa698ac5863b/analysis/1383084826/
http://urlquery.net/report.php?id=7288052
--->
http://www.hiruzta.com/hispatek/YPwgqRNk.php
https://www.virustotal.com/de/url/4eb08b4a0d2abb56d2cc5ec56f75187cccc6d338cd3c3715187112f9203e905a/analysis/1383085160/
http://www.hiruzta.com/
https://www.virustotal.com/de/url/82893ed4471c4875ff0bc9e88b0e635c042f2887d107a905b5c01518485ce94a/analysis/1383085169/
http://sbrpuram.com/images/injection_graph.css
https://www.virustotal.com/de/url/9f95b981cf4339858d4b6b1a13507a570d51ef7048ca59dfdf17809737e1dd57/analysis/1383085435/

October 30, 2013, 05:03:42 pm
Reply #41

GaryDee

  • Sr. Member

  • Offline
  • ****

  • 248
NEW MALWARE:
Trojan.JS.Iframe.aes
Code: [Select]
INFECTED: Trojan.JS.Iframe.aes
DETECTED: 26.10.2013 10:57:00
http://www.energomania.ru/
https://www.virustotal.com/de/url/161b698c67604bfda5918229705aeb17fa2bc87185ffee419901afa398ab23d8/analysis/1383149133/
Trojan.JS.Iframe.aes
https://www.virustotal.com/de/file/76f7933efdb9f099a25e24a8485594e0dab29a13fbf9288e439ce63c1caec505/analysis/1383149230/
http://urlquery.net/report.php?id=7312334
--->
http://www.energomania.ru/js/main.js
https://www.virustotal.com/de/url/7f09c3bb3284bd6910f50e2a3ecb1c481c772bc091456f10196f0c2014940eeb/analysis/1383149955/
https://www.virustotal.com/de/file/d87de09b59c5c8f9beed9dbe4f2027c78199a70fda4e8aa2c459707df5d6e9b7/analysis/1383149959/
---->
http://www.energomania.ru/js/main_01.js
https://www.virustotal.com/de/url/fd9bd805291a43b8bf7a3822819f79ef65fe04bd90fabb60d6a59a5c9b095961/analysis/1383150097/
https://www.virustotal.com/de/file/f53099c04addc2f0615a87d4770cdb78b64a237a843224a7ef80f366716d11e8/analysis/1383150099/
----->
about:blank
------>
http://www.pufuqa.toh.info/openstat/appropriate/bound-side-load_odds.php
https://www.virustotal.com/de/url/d044119398ac6006e3e1dbcf8d622d9cd051437e99ec3983a5efbe9bbec1a734/analysis/1383150211/
**********************************************************************
http://wepawet.iseclab.org/domain.php?hash=b6f32d36ea9bdb438868300a5ed8310c&type=js

October 31, 2013, 04:37:17 pm
Reply #42

GaryDee

  • Sr. Member

  • Offline
  • ****

  • 248
NEW MALWARE:
Trojan-Downloader.JS.Iframe.dfe
Code: [Select]
INFECTED: Trojan-Downloader.JS.Iframe.dfe
DETECTED: 30.10.2013 11:06:10
http://balochrise.com/
https://www.virustotal.com/de/url/4c95e3a04610b12760e136dcc810cedffb4c1ee792fe022b264d3d74bf0376b3/analysis/1383235887/
Trojan-Downloader.JS.Iframe.dfe
https://www.virustotal.com/de/file/30e5c0824113af3038b19e5adea7e46e8e9b6a1394ae6e310c0f4fec353631e8/analysis/1383236194/
http://urlquery.net/report.php?id=7352187
--->
about:blank
---->
http://ezahrada.sk/js/rel.php
https://www.virustotal.com/de/url/a68c6678c6c33c7182c43f2ac6026510fa938f90424b5960f33841ac76d68dec/analysis/1383236765/
----->
http://localhost/
ALSO:
http://balochrise.com/home.html
https://www.virustotal.com/de/url/b7c8366ba2b9a4f72abc28e127d4f3f7f99095318e11de81804ec84f84137b98/analysis/
JS:Trojan.JS.Iframe.DL
https://www.virustotal.com/de/file/70323b930cc51516abcd0ef76d3a80a018a4043b646af876e168bba7d51f7395/analysis/1383236935/

December 09, 2013, 07:58:01 pm
Reply #43

GaryDee

  • Sr. Member

  • Offline
  • ****

  • 248
New Malicious Code:
Trojan-Spy.HTML.Fraud.iz
Code: [Select]
MALWARE: Trojan-Spy.HTML.Fraud.iz
http://escrituras.com/
https://www.virustotal.com/de/url/023bdad1bf212b69fc38f942d94a10605e3586e9c13bae9fab12eef580d48f62/analysis/1386595660/
Trojan-Spy.HTML.Fraud.iz
https://www.virustotal.com/de/file/e5a2cf61957340d4e0f991a6df9819636110d687856eae56c54d88ec6b21b86d/analysis/
IP: 200.98.247.12
https://www.virustotal.com/de/url/08f6a35041572c517d0f37b678212f07fd393105cb12a6cb0193b7897e23b2cb/analysis/1386596265/
https://www.virustotal.com/de/ip-address/200.98.247.12/information/
--->
http://mensagens.host.uol.com.br/
https://www.virustotal.com/de/url/023f4a8bdd186e4454df21696a38c99557b7ea48c2f88af4cd87965a6723b1d1/analysis/1386596045/
http://mensagens.host.uol.com.br/aviso/aviso_compartilhado.html
https://www.virustotal.com/de/url/c2509e06f5edb12d74aa3f1f50eb0774fc2d113246a96e824eaf4d6e08e58cef/analysis/1386596036/
IP: 200.98.199.177
https://www.virustotal.com/de/url/f5d0fadaea1a2477c78d88e32a3c47f3ee1088ad986960bbefd88f6af44336bc/analysis/1386596399/
https://www.virustotal.com/de/ip-address/200.98.199.177/information/