Author Topic: New files for Zeus servers  (Read 147699 times)

0 Members and 1 Guest are viewing this topic.

February 26, 2010, 07:32:10 pm
Reply #30

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://91.201.196.76/AHeom1Bo.iDiek2chmd5sum ===> 244dc24135b9d9f87ecbf9fd3b4a6b4c
Code: [Select]
hxxp://91.201.196.76/iris5Qui.exemd5sum ===> fca84e878160cf36febac7ccba0d4888
http://www.virustotal.com/analisis/7fe5a812ed94dc6e97b895637940a44e465b67d8f981a7736f0be2f052c614bb-1267211515

February 27, 2010, 09:06:21 am
Reply #31

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://193.104.27.218/post.binmd5sum ===> b78be222172d9bd52c9587c843fd2c46

Code: [Select]
hxxp://flashplayeradobe.com/theblog/confis/img4.binmd5sum ===> d3b5d4fca953061f3c271681de5d771f

February 27, 2010, 06:57:39 pm
Reply #32

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
payload of Neosploit
Code: [Select]
yburuvaeqcv.com/nte/none1/eHdfd932d2V0100f070006R00000000102T94505591201l0409Kefdaad91320http://www.virustotal.com/analisis/9b0527619045586eec68d1f814ebab6a4ceae60421e2ecdc43834aed8bcdee25-1267290840
Symantec    20091.2.0.41    2010.02.27    Suspicious.Insight
File size: 160256 bytes
MD5   : 69b30727462f25b85545097b02df143b

http://wepawet.cs.ucsb.edu/view.php?hash=202d426f1de05fb2e57bc007ef30e688&t=1267296177&type=js
http://camas.comodo.com/cgi-bin/submit?file=9b0527619045586eec68d1f814ebab6a4ceae60421e2ecdc43834aed8bcdee25
Ruining the bad guy's day

February 28, 2010, 06:19:31 pm
Reply #33

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
config file:

Code: [Select]
hxxp://abouttraffic.net/newstyle/clock.jpgmd5sum ===> 12c1d525b4301d2689e1c6fac4e24aef

February 28, 2010, 06:26:51 pm
Reply #34

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
payload of Neosploit
Code: [Select]
jbaagpepjvc.com/nte/NONE1/eH9ae811f6V0100f070006R00000000102Td162bb94201l0409K814e2733320http://www.virustotal.com/analisis/58e19cb04db75f35ba3bd527f20b36c9aa554ab1b186c17495b9875ac062c56c-1267362964
Symantec    20091.2.0.41    2010.02.28    Suspicious.Insight
File size: 125440 bytes
MD5   : 5dff719b2a9d5fc2b9a369d9808bd3a7

http://wepawet.cs.ucsb.edu/view.php?hash=526d81910a8ae98f92e840aedcb4170a&t=1267378902&type=js
http://camas.comodo.com/cgi-bin/submit?file=58e19cb04db75f35ba3bd527f20b36c9aa554ab1b186c17495b9875ac062c56c
Ruining the bad guy's day

March 01, 2010, 01:48:59 pm
Reply #35

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://capital-team.net/team/cfg.binmd5sum ===> 0d15f0ac36cbef02e3f28933547343c0
Code: [Select]
hxxp://capital-team.net/team/aol.exemd5sum ===> ac7adbd782df65336a4f1591133696ae
http://www.virustotal.com/analisis/41539eb2956dcd5d3326b8d275861d27e5a0eff7cc71fb4c5d8dacf460250171-1267450872
VT 11/42 (26.2%)
Code: [Select]
hxxp://capital-team.net/team/method/pagina.php
Code: [Select]
hxxp://updateinfo22.com/bde/bin9.xlsmd5sum ===> 2e599a8c2981057dfea9af8d76814391

March 02, 2010, 05:11:45 pm
Reply #36

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://myperfection.ru/forum2/feb24.txtmd5sum ===> 8ffe2d882298c451573e0adaf10fdbd7


Code: [Select]
hxxp://91.201.196.76/thie5A.ohJ5thmd5sum ===> f0fc7538bcbbd9802629c6054dce6f79

March 02, 2010, 10:44:39 pm
Reply #37

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
zeus/wsnpoem v1

Code: [Select]
hxxp://94.75.228.245/us5/basemd5sum ===> e1f810f74ebf1ec0a17f1cf33533ca15
Code: [Select]
hxxp://94.75.228.245/us5/us4.exemd5sum ===> b464f150f96dc162bc95ec45ed6280d2
http://www.virustotal.com/analisis/71ad3f8a60faa1972f698722e6f7153a25e6664c6527b91939fb48153346b888-1267569395
VT 10/41 (24.4%)
Code: [Select]
hxxp://94.75.228.245/us5/us4.php

March 03, 2010, 08:43:13 pm
Reply #38

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://intrunans.biz/etc/404.php
Code: [Select]
hxxp://intrunans.biz is online

March 04, 2010, 07:13:45 pm
Reply #39

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
zeus trojan for 91.201.196.107
Code: [Select]
hxxp://yrots.ru/8/exeusn2.exemd5sum ===> 074e4df5c91ab97737fbc4e7a667c87d
http://www.virustotal.com/analisis/5a1bdb710b3d4f5514f796cc2ea2f022754e2fa04ca07e112fcbcb7a4a69df1d-1267729595
VT 15/42 (35.72%)

Code: [Select]
hxxp://allnatroniksssss.com/Z/gtgt.php

March 05, 2010, 05:11:39 pm
Reply #40

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://abouttraffic.net/news/dim.exemd5sum ===> 446584f46022015f78682ac52e35465f
http://www.virustotal.com/analisis/58843c8a672c5b4b2d971bf23fca227a09750ccd21a52fac43013a5b7c160dd4-1267808447
VT 10/42 (23.81%)

March 06, 2010, 09:05:09 am
Reply #41

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://cargoworldexchange.com/trendi_duglas/iojfiowejfio/tytorials.binmd5sum ===> 82b4c86ad81ef3e8f2ceb7d39fa425c1
Code: [Select]
hxxp://globalunitrack.com/x_XpoDVVa/get_666/sammer_head.php

March 11, 2010, 01:30:14 pm
Reply #42

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://davaydavay.net/davay/aol.exemd5sum ===> 04390b118e86ca4a5af5ecf59dc0b1c8
http://www.virustotal.com/analisis/1ae41bb6a006c4f15ad4c57a34f78102d7a11066f5b9a206957b3569d10d4fd7-1268313974
VT 15/42 (35.72%)

March 14, 2010, 12:13:41 pm
Reply #43

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://lipesnaskom.com/cgi-binn/lus.exemd5sum ===> e399d9b9aff77abb06ca0e1d1f68b0d3
SHA256   ===> b532ca007b92f861c7534da925875ad42189e253557b7f4e6ffe96ea0d00f776
http://www.virustotal.com/analisis/b532ca007b92f861c7534da925875ad42189e253557b7f4e6ffe96ea0d00f776-1268568137
VT 15/42 (35.72%)

related malware:
Code: [Select]
hxxp://lipesnaskom.com/cgi-binn/fo.exemd5sum ===> b99191e9022d1271c920a26261a4ab36
SHA256   ===> 288f3b49eb8fdae2f67de16e0bb58bf0e723c1fb097f7de52cf2c7c06199c1aa
http://www.virustotal.com/analisis/288f3b49eb8fdae2f67de16e0bb58bf0e723c1fb097f7de52cf2c7c06199c1aa-1268568444
VT 12/42 (28.58%)

March 14, 2010, 03:27:45 pm
Reply #44

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
hxxp://img25.xooimage.com/files/9/0/7/mod-181d459.exemd5sum ===> 9072a208afc372e1c1bff5f1dae27bd3
SHA256   ===> 6c8ee105757a3e32bbfc33fa940ff0dd38404084229c83f58a6082c1a6eb4b04
http://www.virustotal.com/analisis/6c8ee105757a3e32bbfc33fa940ff0dd38404084229c83f58a6082c1a6eb4b04-1268579452
VT 36/42 (85.72%)

related malware:
Code: [Select]
hxxp://img28.xooimage.com/files/3/e/c/out2-1820a44.exemd5sum ===> 3ec4fd4d56d7cb478b7fdcc6085ceb4c
SHA256   ===> b281a84fe72af01a6a85eb5dc8c93ff2f1ae7238a931c05f10ce80beed26b8bd
http://www.virustotal.com/analisis/b281a84fe72af01a6a85eb5dc8c93ff2f1ae7238a931c05f10ce80beed26b8bd-1268578906
VT 23/42 (54.77%)