« previous next »
Pages: [1]   Go Down

Author Topic: hs.2-123.zlkon.lv (94.247.2.123)  (Read 18223 times)

0 Members and 1 Guest are viewing this topic.

April 06, 2009, 01:43:50 am
Read 18223 times

sowhat-x

  • Guest
hs.2-123.zlkon.lv (94.247.2.123)
Quote
hxxp://94.247.2.123/ ---> fake av scan crap
hxxp://avscanonline.com//install/ ---> spawns the .exe...
Result: 0/40 (0%)...time to change that,and blacklist the scumbags' ip as well...
http://www.virustotal.com/analisis/2ca2556d4482792f7b99c979f20d4697
Logged
April 10, 2009, 01:39:04 pm
Reply #1

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: hs.2-123.zlkon.lv (94.247.2.123)
Logged
Ruining the bad guy's day
April 26, 2009, 02:28:12 am
Reply #2

Malware-Web-Threats

  • Special Members
  • Hero Member
  • Offline
  • *
  • 354
    • MalwareURL
Re: hs.2-123.zlkon.lv (94.247.2.123)
Fake scanner page:
Code: [Select]
hxxp://avscanonline.com/promo/?tid=fin&aid=run1

Fake AV:
Code: [Select]
hxxp://avscanonline.com/inst.php?tid=fin&aid=run1

Quote
File name: AV2009Setup.exe
File size: 162304 bytes
MD5: 7509d6f880ef598f969e8f2908a78eef

VirusTotal - 4/40 (10%)
Anubis Report

Quote
94.247.2.123:80 - [avscanonline.com] 
Request: GET /src.php 
Response: 200 "OK" 
Request: GET /install/zip.zip 
Response: 200 "OK" 

Quote
File name: zip.zip
File size: 162304 bytes
MD5: 7509d6f880ef598f969e8f2908a78eef

VirusTotal - 0/39 (0.00%)

decompressed:

AV2009.exe
VirusTotal - 0/40 (0%)

AV2009_Update.exe
VirusTotal - 0/40 (0%)
Anubis Report

sysdata.sys
VirusTotal - 0/40 (0%)

SysShield.exe
VirusTotal - 0/40 (0%)
Anubis Report

Uninstall.exe
VirusTotal - 0/40 (0%)
Anubis Report

Support (Internet shortcut) - 94.247.2.191
Code: [Select]
hxxp://www.antivirus-protection.us/support
Logged
Pages: [1]   Go Up
« previous next »