Author Topic: role of bestkind.ru ?  (Read 3022 times)

0 Members and 1 Guest are viewing this topic.

November 21, 2010, 10:11:50 pm
Read 3022 times

cleanmx

  • Special Members
  • Hero Member

  • Offline
  • *

  • 3405
    • Spam-Filter Anti-Spam Virenschutz - CLEAN MX Managed Anti-Spam Service ist die Lösung für Ihr Spam-Problem
Hi
may anyone please shade some light on this ?

automated analysis:

http://www.threatexpert.com/report.aspx?md5=c29e9cd87ac541103e19e354746ec987
http://support.clean-mx.de/clean-mx/view_joebox.php?md5=c29e9cd87ac541103e19e354746ec987&id=663365
http://camas.comodo.com/cgi-bin/submit?file=3818431e1eb8a04a79ba253df62f99e00e5913e7a498ff8d26af223cabda1dec
http://www.virustotal.com/latest-report.html?resource=c29e9cd87ac541103e19e354746ec987

but the role of these bestkind.ru links i don't know...

Code: [Select]
http://bestkind.ru/list.php?c=B4AC885F94224AE64DAAC6EE0346C27CD047B5870B1669FFDCECCA8B5FFAF6D1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5F44337&v=2&t=0.2075922
-- gerhard



November 23, 2010, 05:41:54 pm
Reply #1

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
I'm not entirely sure, but I believe it passes the machines details (HWID etc), and grabs the URLs to the payload.

As an aside, might want to look at this one too ;)

Code: [Select]
http://report.xandora.net/file-analyzer-03a6f121079a2210fbeb1841a1b6c3a95a2a57b5/
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net