Author Topic: hs.2-215.zlkon.lv -(94.247.2.215)  (Read 23445 times)

0 Members and 1 Guest are viewing this topic.

April 15, 2009, 07:22:54 am
Reply #15

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Fake AV
Code: [Select]
ascertaindiseasepro.cn/?wm=70100
ascertaindiseasepro.cn/installer_70100.exe
http://www.virustotal.com/analisis/6a7fa1578f1a8374220f0366f10a98e7 19/40
Ruining the bad guy's day

April 24, 2009, 08:18:28 pm
Reply #16

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Fake error page:
Code: [Select]
hxxp://countedantiviruspro.com

Trojan Fake AV:
Code: [Select]
hxxp://addedantivirusonline.com/setup.exe
hxxp://addedantivirusonline.com/se.exe (InternetAntivirusPro.exe)
hxxp://addedantivirusonline.com/install/AntivirusPlus_ba.exe
hxxp://addedantivirusonline.com/install/AntivirusPlus.exe

VirusTotal: Trojan - 10/40 (25%)
VirusTotal: Trojan - 18/40 (45%)
VirusTotal: Trojan - 10/40 (25%)
VirusTotal: Trojan - 9/40 (22.5%)

Anubis Report
Anubis Report
Anubis Report
Anubis Report

Anubis Report for se.exe (InternetAntivirusPro.exe)

Quote
From ANUBIS:1037 to 94.247.2.216:80 - [searchopt7.com] 
Request: GET /cmd.php 
Response: 200 "OK" 

Anubis Report for AntivirusPlus.exe

Quote
TCP Connection Attempts:   
from ANUBIS:1740 to 220.175.36.102:139 

TCP Scans:   
50 IPs on Port 445
220.175.0.0/16

April 26, 2009, 02:31:44 am
Reply #17

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Fake error page:
Code: [Select]
hxxp://bestcountedantivirus.com

April 27, 2009, 03:32:18 am
Reply #18

CkreM

  • Special Access
  • Hero Member

  • Offline
  • *

  • 567
Mal-Aware