« previous next »
Pages: 1 [2] 3 4 ... 22   Go Down

Author Topic: New files for Zeus servers  (Read 221465 times)

0 Members and 2 Guests are viewing this topic.

February 18, 2010, 06:26:11 pm
Reply #15

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: New files for Zeus servers
Quote from: jackberri on February 18, 2010, 03:54:58 pm
zeus trojans (and other related malmare):
Code: [Select]
hxxp://bhostonline.com/loaderadv562.exemd5sum ===> afe0c42bd76163762ac798938046743a
for:
Code: [Select]
hxxp://96.9.183.149/app21.bin
hxxp://174.36.237.84/app21s.bin    incoming?
Code: [Select]
hxxp://bhostonline.com/loaderadv563.exemd5sum ===> 5b12cf0e2439517af6af8c8ba6b0f7b4
for
Code: [Select]
hxxp://174.36.237.84/app21s.bin

No Zeus.
Logged
Ruining the bad guy's day
February 18, 2010, 09:54:31 pm
Reply #16

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Code: [Select]
hxxp://camerinorestaurant.com/data_bak/booking.gifmd5sum ===> b770e441c0895780e97dda9f4f451cf6
http://camas.comodo.com/cgi-bin/submit?file=1b0efba7105ec95eae83b6b5d768982a7be7ce7ab9c94f8f672a3d60b8e1f642
Code: [Select]
hxxp://camerinorestaurant.com/data_bak/dinner.gifmd5sum ===> 31aa27b634d83f5e40d760b15272ff65
Code: [Select]
hxxp://camerinorestaurant.com/data_bak/feedback.gifmd5sum ===> 9873aabb10242b6bd4e8064855d72090
Code: [Select]
hxxp://camerinorestaurant.com/data_bak/lunch.gifmd5sum ===> 156816d80ee0773b7fe86372936b2704
Code: [Select]
hxxp://camerinorestaurant.com/data_bak/party.gifmd5sum ===> f3559c7f5b41e14d2af00755962fc3ef
Code: [Select]
hxxp://camerinorestaurant.com/data_bak/wine.gifmd5sum ===> 0e936e1ce527ced4ae4dbe10433eeefc
Logged
February 19, 2010, 11:38:35 pm
Reply #17

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Code: [Select]
hxxp://kalowweb.de/1/images/css.pngmd5sum ===> bf4556e525fa41e017d97d8bb6a6236e
http://www.virustotal.com/es/analisis/5e2c1af0f53abda78f376ca269c6b97aec8ec48e5a9e001981de91d15435edd8-1266622344
Logged
February 20, 2010, 12:01:42 am
Reply #18

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Code: [Select]
hxxp://195.78.108.22/brgr/config.binmd5sum ===> 6996992a601cb082d3e7e5f5ba4153c5
Logged
February 23, 2010, 01:30:46 pm
Reply #19

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Code: [Select]
hxxp://apsight.ru/123/valid.exemd5sum ===> 507f74fc84bf3db508e09f9d0f0f6869
http://www.virustotal.com/analisis/fd5ebde8cb1861f0532a414edb9ba123737daee9c57f8b53ae77ccd4055e9f5e-1266924790
Logged
February 23, 2010, 02:45:03 pm
Reply #20

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Code: [Select]
http://yrots.ru/56/antirap.exemd5sum ===>  4e3e8d63bb90e09a34478e201202b255
IP:91.201.28.43
Logged
February 23, 2010, 02:52:48 pm
Reply #21

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Logged
February 23, 2010, 03:17:00 pm
Reply #22

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: New files for Zeus servers
Quote from: jackberri on February 23, 2010, 02:45:03 pm
Code: [Select]
http://yrots.ru/56/antirap.exemd5sum ===>  4e3e8d63bb90e09a34478e201202b255
IP:91.201.28.43

I don't know what it is, but it isn't Zeus.

http://www.threatexpert.com/report.aspx?md5=4e3e8d63bb90e09a34478e201202b255

I guess you found the url  in this TE report. This sample drops Zeus, but not only Zeus.

http://www.threatexpert.com/report.aspx?md5=1799a729fc7cadf40d1e3c6d9d35d9ba
Logged
Ruining the bad guy's day
February 23, 2010, 03:17:30 pm
Reply #23

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: New files for Zeus servers
Logged
Ruining the bad guy's day
February 23, 2010, 03:52:26 pm
Reply #24

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Quote from: SysAdMini on February 23, 2010, 03:17:00 pm
I don't know what it is, but it isn't Zeus.

You're right
Logged
February 23, 2010, 03:53:49 pm
Reply #25

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Logged
February 23, 2010, 03:57:15 pm
Reply #26

SysAdMini

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 3335
Re: New files for Zeus servers
Logged
Ruining the bad guy's day
February 23, 2010, 05:52:52 pm
Reply #27

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Quote from: SysAdMini on February 23, 2010, 03:57:15 pm
You can modify your existing messages.  ;)

Errare humanum est  ;)
Logged
February 24, 2010, 08:18:53 am
Reply #28

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Logged
February 26, 2010, 02:06:20 pm
Reply #29

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New files for Zeus servers
Code: [Select]
hxxp://googlanaliktics.com/QWEASDZXCV/gate.php
hxxp://googlanaliktics.com/german/US/config.bin
Logged
Pages: 1 [2] 3 4 ... 22   Go Up
« previous next »