Recent Posts

Pages: 1 ... 8 9 [10]

Malicious Domains / Phishing / Malware domains

« Last post by badurls on December 15, 2015, 01:36:13 am »

bettersrs.com Phishing Malware
convertone.com Phishing Malware
eicplatform.com Phishing Malware
fjdcd.com Phishing Malware
frompsd.com Phishing Malware
gezondfruit.com Phishing Malware
kelmahost.com Phishing Malware
primerup.com Phishing Malware
radionerd.com Phishing Malware
servidordns.com.es Phishing Malware
usdanceteam.com Phishing Malware

Malicious Domains / Trojan from coinerwisdom.com

« Last post by awoland on October 15, 2015, 07:20:25 am »

The site hxxp: //coinerwisdom.com engaged in distributing malware.
As the only link to this site will hxxps: //www.mediafire.com/ 4320ec4g4ck48wg loaded malicious installer:

Quote from: https://www.virustotal.com/ru/file/8a82800b55c4f37ac1e403cb2b56cbecce7c6e571576f0c8082cad5e7a4c8155/analysis/1444892872/

AVG Autoit 20151015
AVware Trojan.Win32.Generic!BT 20151015
Ad-Aware Trojan.GenericKD.2767850 20151015
Arcabit Trojan.Generic.D2A3BEA 20151015
Avast Win32:Malware-gen 20151014
Avira TR/Drop.Autoit.1062912.1 20151015
Baidu-International Trojan.Win32.Injector.BVU 20151014
BitDefender Trojan.GenericKD.2767850 20151015
ESET-NOD32 Win32/Injector.Autoit.BVZ 20151015
Emsisoft Trojan.GenericKD.2767850 (B) 20151015
F-Secure Trojan.GenericKD.2767850 20151015
Fortinet W32/Autoit.BVU!tr 20151015
GData Trojan.GenericKD.2767850 20151015
Ikarus Trojan.Win32.Injector 20151015
K7AntiVirus Riskware ( 0040eff71 ) 20151015
K7GW Riskware ( 0040eff71 ) 20151015
Malwarebytes PUP.Optional.Amonetize 20151015
McAfee Artemis!E2E8086BD27C 20151015
McAfee-GW-Edition BehavesLike.Win32.Backdoor.tc 20151015
MicroWorld-eScan Trojan.GenericKD.2767850 20151015
Microsoft Backdoor:MSIL/Noancooe.C 20151015
NANO-Antivirus Trojan.Win32.Drop.dxkroc 20151015
Qihoo-360 HEUR/QVM06.2.Malware.Gen 20151015
SUPERAntiSpyware Trojan.Agent/Gen-Dropper 20151015
Sophos Mal/Generic-S 20151015
Symantec SAPE.Heur.98127 20151014
Tencent Autoit.Trojan.Dropper.Alim 20151015
TrendMicro TROJ_GEN.R047C0DJ415 20151015
VIPRE Trojan.Win32.Generic!BT 20151015
ViRobot Trojan.Win32.Z.Drop.1250395 20151015
nProtect Trojan.GenericKD.2767850 20151014

This and That / Interview

« Last post by Xylitol on August 21, 2015, 08:40:43 pm »

Hello,
A friend is currently looking for a canadian resident infected by Zeus Game over or Cryptolocker to interview.
She's from Canada and work for a canadian investigative news magazine television program, that why she search only Canadians.
So if you're interested to share your misadventure, feel free to send me a pm and i will get you in touch.

Regards

This and That / Re: Defective by Design - No DRM in HTML5 - Sign the petition

« Last post by dlipman on May 20, 2015, 02:19:08 pm »

I guess this failed as DRM is now a part of Mozilla Firefox v38.x

Update on Digital Rights Management and Firefox
Mozilla sleeps with the enemy as DRM arrives with Firefox 38

Malicious Domains / Malicious script

« Last post by Weyne on May 05, 2015, 02:30:30 am »

This site uses a malicious script that makes automatic login in some modem models and performs modifications of DNS:

Code: [Select]

http://www.cavokbrasil.com
This site is running a malicious script:

Code: [Select]

http://cavokbrasil.com/blog/cavokbrasil.js
This script modifies the Nameservers of the affected modems. The Nameservers are changed for these:

Code: [Select]

65.181.113.176
65.181.113.192

One of the affected modem models is the TP-Link TD-8810.

Malicious Domains / Re: daily something......

« Last post by techhelplist.com on April 01, 2015, 04:43:26 am »

upatre malware downloads, left active for over 8 hours by logmein / cubby.

https://www.cubbyusercontent.com/pl/RYR5601763.zip/_33cdead4ebfe45179a32ee175b49c399
https://www.cubbyusercontent.com/pl/RYR3056967.zip/_de159fbeaefc42d9906a863782b21395

Malicious Domains / Re: daily something......

« Last post by techhelplist.com on March 31, 2015, 03:02:40 pm »

dridex downloads

botnet 120:
185.39.149.21/jsaxo8u/g39b2cx.exe
31.41.45.197/jsaxo8u/g39b2cx.exe
185.91.175.64/jsaxo8u/g39b2cx.exe
93.26.217.203/jsaxo8u/g39b2cx.exe
193.26.217.203/jsaxo8u/g39b2cx.exe

botnet 125:
www.geocult.it/54/78.exe
xianshabuchang.com/54/78.exe

Malicious Domains / Re: daily something......

« Last post by techhelplist.com on March 27, 2015, 10:58:29 am »

dridex botnet 125 malware downloads

pi2dancz.cba.pl/ford/445.exe
w47e4q423.homepage.t-online.de/joshua/74.exe
boysclub.web.fc2.com/mono/11.exe
stream1.sexrura.pl/rtd/43.exe

Malicious Domains / Re: daily something......

« Last post by techhelplist.com on March 26, 2015, 02:37:05 pm »

encrypted dyreza binaries for upatre to download

46.160.125.167/p2603us11.pdf
91.194.239.126/p2603us11.pdf
93.123.40.17/p2603us11.pdf
134.249.63.46/p2603us11.pdf
194.28.191.218/p2603us11.pdf
195.3.157.218/p2603us11.pdf
46.160.125.167/2603uk12.pdf
91.194.239.126/2603uk12.pdf
93.123.40.17/2603uk12.pdf
134.249.63.46/2603uk12.pdf
194.28.191.218/2603uk12.pdf
195.3.157.218/2603uk12.pdf

trapwot fake-av malware downloads (get params can change, use an IE user-agent)

liveoakresort.com/document.php?rnd=2211&id=9393939393
www.royalemanagement.com/document.php?rnd=2211&id=9393939393
carina-paris-hotel.com/document.php?rnd=2211&id=9393939393

100

Malicious Domains / Re: daily something......

« Last post by techhelplist.com on March 26, 2015, 12:47:42 pm »

trapwot fakeav malware downloads

avdl.ru/img/ppc.exe
avdl.ru/img/av.exe
avsrv.ru/img/av.exe
181.112.55.130/img/ppc.exe
181.112.55.130/img/av.exe

Pages: 1 ... 8 9 [10]