Author Topic: Zlob updater URL  (Read 4781 times)

0 Members and 1 Guest are viewing this topic.

May 23, 2008, 07:48:18 pm
Read 4781 times

southshore

  • Newbie

  • Offline
  • *

  • 4
Hi everyone, I am kind of new here but I regularly encounter malware links. I would liek to regularly share them with people who will do the right things with them. Please let me know if there is a better place to put these.
This file was downloaded to update someone infected with zlob:

62.176.16.161/bingo/loadexe2/KvmSecure(dot)exe

Also I did a reverse dns lookup on that IP and found some other nasty places, if anyone has time to dig deeper I am sure you will find more malware:

sextubecodec93.com    A    62.176.16.161
ns1.sextubecodec93.com    A    62.176.16.161
ns2.sextubecodec93.com    A    62.176.16.161
kvm-secure.com    A    62.176.16.161
ns1.kvm-secure.com    A    62.176.16.161
ns2.kvm-secure.com    A    62.176.16.161
kvmsecure.com    A    62.176.16.161
ns1.kvmsecure.com    A    62.176.16.161
ns2.kvmsecure.com    A    62.176.16.161
sexycodecadult.com    A    62.176.16.161
ns1.sexycodecadult.com    A    62.176.16.161
ns2.sexycodecadult.com    A    62.176.16.161
161.16.176.62.in-addr.arpa    PTR    nechnoshit.podolsk-mo.ru

Thanks!

May 24, 2008, 10:18:16 am
Reply #1

sowhat-x

  • Guest
Hi southshore,and welcome on board! :)

Quote
Please let me know if there is a better place to put these.
Unfortunately,we've had some pretty good reasons recently,
in order to set some restrictions regarding access to the "Malware Domains" subsection:
http://www.malwaredomainlist.com/forums/index.php?topic=1777.0
Do feel free though to report any malware links you would like to do so:
ie.it's perfectly fine doing so here,
until we come up with a more suitable 'global' solution for newer members... :)

June 25, 2008, 04:43:28 am
Reply #2

spywarebox

  • Newbie

  • Offline
  • *

  • 4
Just wondering, what tool are you using to do the reverse DNS lookup?

Thanks.

June 25, 2008, 02:52:50 pm
Reply #3

JohnC

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1964

June 25, 2008, 04:20:48 pm
Reply #4

spywarebox

  • Newbie

  • Offline
  • *

  • 4