Malware Domain List

Malware Related => Malicious Domains => Zlkon.lv => Topic started by: SysAdMini on April 29, 2009, 06:22:45 am

Title: Zlkon disconnected
Post by: SysAdMini on April 29, 2009, 06:22:45 am
Wonderful news this morning :

http://www.cidr-report.org/cgi-bin/as-report?as=AS12553

The bad news is that many domains have already moved.
We have to check the new locations.

Title: Re: Zlkon disconnected
Post by: CM_MWR on April 29, 2009, 06:32:55 am
Hmmmmm

Code: [Select]
http://lotbetsite.cn/load.php?id=4http://www.virustotal.com/analisis/fa9c65ead45dc005ee43dd5e9573dd6e

freewebhostguide.com    A    94.247.3.151
freeonlinehostguide.com    A    94.247.3.151
hostindianet.com    A    94.247.3.151
sadcwed.hostindianet.com    CNAME    hostindianet.com
asdasf.free.hostindianet.com    CNAME    hostindianet.com
zzz.free.hostindianet.com    CNAME    hostindianet.com
farm-en-12san.hostindianet.com    CNAME    hostindianet.com
turq.whois.hostindianet.com    CNAME    hostindianet.com
ghrgt.hostindianet.com    CNAME    hostindianet.com
asdasdw.hostindianet.com    CNAME    hostindianet.com
zzzz.hostindianet.com    CNAME    hostindianet.com
freehostinternet.com    A    94.247.3.151
bigtopliteworld.cn    A    94.247.3.151
liteautomobileinsurance.cn    A    94.247.3.151
liteupyourride.cn    A    94.247.3.151
bigfindtopguide.cn    A    94.247.3.151
lotwageronline.cn    A    94.247.3.151
besttitlelite.cn    A    94.247.3.151
lotbetsite.cn    A    94.247.3.151
liteautofinestsite.cn    A    94.247.3.151
finditbig.cn    A    94.247.3.151
litevehiclemall.cn    A    94.247.3.151
bestfindaloan.cn    A    94.247.3.151
autobestwestern.cn    A    94.247.3.151
educationbigtop.cn    A    94.247.3.151
casinobigtop.cn    A    94.247.3.151
daddybigtop.cn    A    94.247.3.151
litehitscar.cn    A    94.247.3.151
findbigthinker.cn    A    94.247.3.151
nanotopdiscover.cn    A    94.247.3.151
liteautorepair.cn    A    94.247.3.151
hyperliteautoservices.cn    A    94.247.3.151
bigtopescorts.cn    A    94.247.3.151
hugetopnonfat.cn    A    94.247.3.151
bigfirststopnonfat.cn    A    94.247.3.151
casinoslotbet.cn    A    94.247.3.151
liteautoexcellent.cn    A    94.247.3.151
litebest.cn    A    94.247.3.151
yournonfatbest.cn    A    94.247.3.151
litedownloadfinest.cn    A    94.247.3.151
liteautogreatest.cn    A    94.247.3.151
lieliteautobody.cn    A    94.247.3.151
151.3.247.94.in-addr.arpa    PTR    hs.3-151.zlkon.lv

 ???
Title: Re: Zlkon disconnected
Post by: CM_MWR on April 29, 2009, 06:36:19 am
Code: [Select]
http://casinoslotbet.cn/cache/readme.pdfhttp://www.virustotal.com/analisis/e1fe0b788b8fbf0346f264b069df6a94

Did I miss something B_H?
Title: Re: Zlkon disconnected
Post by: SysAdMini on April 29, 2009, 06:37:21 am
Hmmmmm

Code: [Select]
http://lotbetsite.cn/load.php?id=4http://www.virustotal.com/analisis/fa9c65ead45dc005ee43dd5e9573dd6e


Hmmm ?

94.247.x.x is dead

lotbetsite.cn for example now resolves to 213.163.91.93.
Title: Re: Zlkon disconnected
Post by: CM_MWR on April 29, 2009, 06:58:27 am
I couldnt see where it was resolving to, only the passive dns which I know isnt totally accurate.

Just checking  :D
Title: Re: Zlkon disconnected
Post by: RS-232 on April 29, 2009, 08:29:18 am
http://www.youtube.com/watch?v=rNQRfBAzSzo

 8)
Title: Re: Zlkon disconnected
Post by: RS-232 on April 29, 2009, 09:53:23 am
(http://img524.imageshack.us/img524/3308/bgplay.png)

http://bgplay.routeviews.org/bgplay/