« previous next »
Pages: 1 ... 22 23 [24] 25 26 ... 48   Go Down

Author Topic: New Zeus server  (Read 386592 times)

0 Members and 1 Guest are viewing this topic.

June 29, 2010, 11:15:51 am
Reply #345

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location:  United Kingdom - Heart Internet Network via Node4 AS - NODE4-AS Node4 Ltd, UK
IP 79.170.40.52
[web52.extendcp.co.uk]
AS31727
Registrant/Registrant Email: Daisy Thomas Recruitment Group/sales@creativeideaz.co.uk
Code: [Select]
hxxp://daisythomas.com/statsme/plugins/geoip_region_maxmind.binmd5sum ===> 22417ac3b694b5ec382127906f87ae29
SHA256 ===>  b630124a342092bed8b5f7ce085887ac563a35de52a9af2cb02e7eb5e9ed0220
Code: [Select]
hxxp://daisythomas.com/statsme/plugins/geoip_region_maxmind.exemd5sum ===> b1dcd0653d80183d4f68e3602aa53489
SHA256 ===>  646b5d923cc236e705fefe1d145c0eb6abb22b1e7d804309a70191d194e66d77
http://www.virustotal.com/es/analisis/646b5d923cc236e705fefe1d145c0eb6abb22b1e7d804309a70191d194e66d77-1277816453
VT 8/40 (20%)
dropzone:
IP Location:   United States  - DIMENOC-HOSTDIME
IP 66.7.218.232
[dime167.dizinc.com]
AS33182
Registrant: Transinvest
Code: [Select]
hxxp://clibs.co.uk/website/wp-image.php
Logged
June 29, 2010, 03:31:11 pm
Reply #346

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Hungary  - DREAMSHOW-NET-ROUTE - INTEGRITY-HU-AS INTEGRITY Informatics Ltd. HU
IP 212.52.173.242
[start1.integrity.hu]
AS28924
Registrant: Pintér András
Code: [Select]
hxxp://dominator.hu/alogo.jpgmd5sum ===> db0601b2aadb6ea03b0828203b365c84
SHA256 ===>  1749b809f111f27f4fe666969bafbd50e655bf2b6448918805dab63c3a9b0f74
dropzone (already listed):
Code: [Select]
hxxp://www.blogjo.biz/webstate/webstat.phprelated (Fake AV):
Code: [Select]
hxxp://blog.homeofthetiredwolf.com/main.php?h=www.dominator.hu&i=J8mtitEeq/2liBj7U8VPzJgXog==&e=4
Logged
June 29, 2010, 10:19:18 pm
Reply #347

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location:  Germany - UNITEDCOLO-AS Autonomous System of unitedcolo.de
IP 213.202.225.90
[213.202.225.90.rdns.funpic.de]
AS13301
Code: [Select]
hxxp://ago1980.ag.funpic.org/bot.exemd5sum ===> 65620a78ab15ad64f74cd40252c768b9
SHA256 ===>  6058a0e659bff8f25cbad2c9bd24dc1d78a554e4faadf8a887228456d0aea284
http://www.virustotal.com/es/analisis/6058a0e659bff8f25cbad2c9bd24dc1d78a554e4faadf8a887228456d0aea284-1277849210
VT 37/41 (90.25%)

IP Location: United Kingdom  - UKNOC-RT - UKNOC-AS
IP 85.92.66.151
[raleigh.mywebserver.net]
AS34282
Registrant: Youth City
Code: [Select]
hxxp://queeryouth.org.uk/apache.jpgmd5sum ===> 72b3fd7df26fa7373e37ebba3217dd0c
SHA256 ===>  524987b336958f6f0a2c964cfa9d1973a7ba23f6d1346db4c153c48abd14f700
related (Fake AV):
Code: [Select]
hxxp://wiki.global-sourcing.us/main.php?h=queeryouth.org.uk&i=JcioiNIco/2lgRj7U8VDyJwXog==&e=r
Logged
June 30, 2010, 10:06:47 am
Reply #348

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Austria  - ANEXIA Internetdienstleistungs GmbH - ANEXIA-AS ANEXIA
IP 188.65.75.18
[s1312-4576.anx-cus.at]
AS42473
Registrant Email: peterr333444@gmail.com
Code: [Select]
hxxp://makeadifference.be/botpanel/sell2.jpgmd5sum ===> 4e9fc48a199cdf7266a625cbb304295a
SHA256 ===>  c7179c2d1e4f1a0af3ef86ccd1348b994e75b26595d568fad36d1c8a45b6b807
Code: [Select]
hxxp://makeadifference.be/botpanel/rofl.php
Logged
June 30, 2010, 12:22:26 pm
Reply #349

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Ukraine - TTC Network - TTC-AS Naukanet (TopNET) UA
IP 195.128.226.131
AS31445
Code: [Select]
hxxp://uahwya.com/ba.jpgmd5sum ===> f0964649e0ec806d9637e179ba115adc
SHA256 ===>  573a75a9f311e8d62c76d40f0cd8789be9fb16d118628ae25551bf29c23e3737
IP Location: Ukraine  - TTC Network - TTC-AS Naukanet (TopNET) UA
IP 195.128.226.133
[homenet2.br01-kiev-vlan1029.ttc-network.com]
AS31445
Code: [Select]
hxxp://parrd.ru/bot2.exemd5sum ===> 2a475f77a3069a97abc50cab8f6a1e88
SHA256 ===>  f6eccb32a71e567417e1a2d5277cfe8c3d45b8edd9aa5c2f64ac202ae630aab5
http://www.virustotal.com/es/analisis/f6eccb32a71e567417e1a2d5277cfe8c3d45b8edd9aa5c2f64ac202ae630aab5-1277895811
VT 6/41 (14.64%)
Code: [Select]
hxxp://uahwya.com/entra.php
Logged
June 30, 2010, 10:27:05 pm
Reply #350

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
Code: [Select]
hxxp://91.194.0.101/adm32dll.binmd5sum ===> 5e9a49a29033d1be097d1f9c10ed04d3
SHA256 ===>  46dae5d8ac076492d68a47ef2f1a55ec77edcb7bb36e14616e4b4284ed91694a

Code: [Select]
hxxp://91.194.0.103/aud2milk.binmd5sum ===> fd36cf40f3922a55deefe21551ba93d2
SHA256 ===>  43775b79d38a3e94a4f5650654af916246325b5a1b9815f9cca10dc95f4b2687
Logged
July 01, 2010, 07:36:48 am
Reply #351

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location:  China - China Telecom JiangXi province - CHINA-TELECOM
IP 59.53.91.121
AS4134
Registrant/Registrant Email: Alexander Kupalo/eons@fastermail.ru
Code: [Select]
hxxp://coralfund.com/gbt/uka.okmd5sum ===> 10d89abfb89d76a0f5a15f96b6a331e7
SHA256 ===>  d7e1d25ca04b3a79c16899595bd4e4bf367ad52eb243263fa91a6b9a8a91bdeb
dropzone:
IP Location:  Puerto Rico - One Link Network
IP 70.45.55.199
[host-70-45-55-199.onelinkpr.net]
AS36423
Registrant/Registrant Email: Private Person/vc@bigmailbox.ru
Code: [Select]
hxxp://www.sdlls.ru/uka/gfdsk.php
IP Location:  Algeria - FAWRI-AS FAWRI
IP 41.201.194.86
AS36947
Code: [Select]
hxxp://zeusbotnet.dvrdns.org/zs/builder/cfg.binmd5sum ===> fe55125edf9cdc32d4715a403393cb47
SHA256 ===>  830b20d0e0cfd0007b57f17e9561cba14eec2ba561043eb931b46225834f35ba
Code: [Select]
hxxp://zeusbotnet.dvrdns.org/zs/builder/bot.exemd5sum ===> 7c30163695673a4e330f43d2bcb74817
SHA256 ===>  8d736067477dfe2a7f56a022cbfb117fc2600626e1d215580e00d8a21bd5f9a6
http://www.virustotal.com/es/analisis/8d736067477dfe2a7f56a022cbfb117fc2600626e1d215580e00d8a21bd5f9a6-1277968752
VT 32/40 (80.00%)
Code: [Select]
hxxp://zeusbotnet.dvrdns.org/zs/builder/zbs.exemd5sum ===> ab601226d71547965fa2978ca4179516
SHA256 ===>  40ec906cd32d4582f25e52b3fe501ad1b2f8f33521fbf9b63f7bcb3635b9ed33
http://www.virustotal.com/es/analisis/40ec906cd32d4582f25e52b3fe501ad1b2f8f33521fbf9b63f7bcb3635b9ed33-1277968932
VT 37/40 (92.5%)
Code: [Select]
hxxp://http://zeusbotnet.dvrdns.org/zs/web/gate.php

Code: [Select]
hxxp://zeusbotnet.dvrdns.org/zs/server/zsbcs.exemd5sum ===> cffd1eb96af02773c36c0701f9918dea
SHA256 ===>  8ef56edf211fe9130c08e505911054f74392cf7f29a4c3f4947e622ff65ed3bb
http://www.virustotal.com/es/analisis/8ef56edf211fe9130c08e505911054f74392cf7f29a4c3f4947e622ff65ed3bb-1277969299
VT 35/41 (85.37%)
Code: [Select]
hxxp://zeusbotnet.dvrdns.org/zs/server/zsbcs64.exemd5sum ===> 89bfeb1912308a243871979d70e6475c
SHA256 ===>  362000ea79980aef80eeab94686b0d44c7f6785501ed0f61fe85a279bbf06c65
http://www.virustotal.com/es/analisis/362000ea79980aef80eeab94686b0d44c7f6785501ed0f61fe85a279bbf06c65-1277969161
VT 11/41 (26.83%)
Logged
July 01, 2010, 12:23:37 pm
Reply #352

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location:  Ireland - HOSTING365-AS Number for Hosting 365 Ireland Limited
IP 82.195.136.187
[victoria.xeonserver-six.co.uk]
AS29650
Code: [Select]
hxxp://www.albanianblogger.com/theme/config.binmd5sum ===> fbe443b862f0fa1dcf22ea3834ed9d09
SHA256 ===>  7b0301c2fdda56abca790ea1661a08e254ad9e84bf4843ef65e69464d9306579
Code: [Select]
hxxp://www.albanianblogger.com/theme/bot.exemd5sum ===> 8f15e62c93a3e87147fb3226901ed603
SHA256 ===>  06cb66c0dcba7ca9c901d8995f03b13cc4afb42f40b4ef30ad4511c3ef4c2e8b
http://www.virustotal.com/es/analisis/06cb66c0dcba7ca9c901d8995f03b13cc4afb42f40b4ef30ad4511c3ef4c2e8b-1277986263
VT 37/41 (90.25%)
Code: [Select]
hxxp://albanianblogger.com/theme/gate.php
IP Location:  Italy - INTERBUSINESS - ASN-IBSNAZ Telecom Italia S.p.a.
IP 79.0.249.151
[host151-249-dynamic.0-79-r.retail.telecomitalia.it]
AS3269
Registrant/Registrant Email: Emmett Frank/EmmettFrank@gmail.com
Code: [Select]
hxxp://h45h45t9.com/altDEssss.imgmd5sum ===> 427f472f94c1f91125e740dca7bf4361
SHA256 ===>  2ce5f07a99b8bda501738daa23c76964ae497d2ebf110c77f4f86cf100b48a58
Code: [Select]
hxxp://h45h45t9.com/umba/DfwbdV.php
IP Location:  Germany - Surfplanet GmbH PA-Block
AS33984
Code: [Select]
hxxp://85.88.26.76/net/cfg2.binmd5sum ===> 1e0375df1ab33e4ca2e5f351ae6684a4
SHA256 ===>  32f3e19978ae6af0246af8c539764fd2aa6d43ea46885306626ac7412112165b
Code: [Select]
hxxp://85.88.26.76/net/bot.exemd5sum ===> d091e24aae36f1a3e2ba024671ce07d8
SHA256 ===>  c02d61f134c08b69dd0e3a862a1916c522c778f2471e46a07968365d1b11a208
http://www.virustotal.com/es/analisis/c02d61f134c08b69dd0e3a862a1916c522c778f2471e46a07968365d1b11a208-1277985204
VT 33/41 (80.49%)
Code: [Select]
hxxp://85.88.26.76/net/gate.php
Logged
July 01, 2010, 08:11:21 pm
Reply #353

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Russian Federation - VHost route - VolgaHost-as PE Bondarenko Dmitriy Vladimirovich
IP 91.213.174.68
AS29106
Registrant/Registrant Email: Addel Lois/admin@goodndservice.net
Code: [Select]
hxxp://winupdatedll.com/cp/tasksz.php?dc
hxxp://winupdatedll.com/cp/l/28/552c8f123505033d61ee6fa34fd793ba/2da59421dae579c26522846bf962c1b5
hxxp://winupdatedll.com/cp/r/28/552c8f123505033d61ee6fa34fd793ba/2da59421dae579c26522846bf962c1b5downloads ===> 1.exe
md5sum ===> e5045e518178225c8db85bbd44730359
SHA256 ===>  aad6beb87ee3093ed8e8d43de8019123bc75c670213a9643e376b244abb7e53f
http://www.virustotal.com/es/analisis/aad6beb87ee3093ed8e8d43de8019123bc75c670213a9643e376b244abb7e53f-1278012920
VT 4/41 (9.76%)
dropzone:
IP Location: Russian Federation - VHost route - VolgaHost-as PE Bondarenko Dmitriy Vladimirovich
IP 91.213.174.68
AS29106
Registrant/Registrant Email: Garmin Kubinsky/fole@fox.net
Code: [Select]
hxxp://sakjt3r5a.com/t0.php
IP Location:  Ukraine - TTC Network - TTC-AS Naukanet (TopNET) UA Aggregation network Autonomous System
IP 195.128.226.133
[homenet2.br01-kiev-vlan1029.ttc-network.com]
AS31445
Registrant/Registrant Email: Private Person/admin@bestcasinotop.ru
Code: [Select]
hxxp://ssjl.ru/backup.tgzmd5sum ===> d8b9c0ae36562435dc27046cec95e86d
SHA256 ===>  3161b06d73e98aebc414b84e5a040cec8a6d94b4346b2a617c3e76bbe558298f
dropzone:
IP Location:  Ukraine - TTC Network - TTC-AS Naukanet (TopNET) UA Aggregation network Autonomous System
IP 195.128.226.133
[homenet2.br01-kiev-vlan1029.ttc-network.com]
AS31445
Registrant/Registrant Email: Private Person/admin@bestcasinotop.ru
Code: [Select]
hxxp://uiao.ru/sdkljhdfdlgklk3434.phprelated:
Code: [Select]
parrd.ru
Logged
July 02, 2010, 03:02:37 pm
Reply #354

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location:   Ukraine - SPD Shahnazarova Y.M. Route Objectk - Pe Volovik Elena Sergiyvna
IP 193.105.174.46
AS196954
Registrant ID: CO717108-RT
Registrant/Registrant Email: Pavel Pugachev/ya_whois@yandex.ru
Code: [Select]
hxxp://cocainy.biz/solara/cofaginok.sinmd5sum ===> 5b6b6f740cea934ab355de7232a0d26f
SHA256 ===>  95dd87abfef60cd25b97f3c59df3e3e341ded19e6e19826d3b9ff6d922b1018c
Code: [Select]
hxxp://cocainy.biz/solara/Jdkfdsdss.php
IP Location: Canada  - NETELL-20 - NETELLIGENT Hosting Services Inc
IP 209.44.103.10
[p10.em-n.org]
AS10929
Registrant ID: ncr-7190003-9748
Registrant/Registrant Email: Jakd eM/getjak3d@gmail.com
Code: [Select]
hxxp://zeusbot.xvn.in/web/cfg.binmd5sum ===> 3d0699962db5840b45ef8e8a3a302272
SHA256 ===>  e05845e50b1a4a2f8af87492e11b29e72ad83aaf13dd0dbfc00a7bf461e236af
Code: [Select]
hxxp://zeusbot.xvn.in/web/ldr.exemd5sum ===> 8d5c5f7f79ae45fff71332cbe0e3d17c
SHA256 ===>  1f3b1f80817ee0061bdfa989dfe12c76f3076f494b9c6b33c1a51d365f1ff89b
http://www.virustotal.com/es/analisis/1f3b1f80817ee0061bdfa989dfe12c76f3076f494b9c6b33c1a51d365f1ff89b-1278067725
VT 31/41 (75.61%)
Code: [Select]
hxxp://zeusbot.xvn.in/web/gate.php
Logged
July 03, 2010, 12:29:41 pm
Reply #355

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location:   Austria  - ANEXIA Internetdienstleistungs GmbH - ANEXIA-AS ANEXIA
IP 188.65.74.72
AS42473
Registrant/Registrant Email: Domain Admin/contact@privacyprotect.org
Code: [Select]
hxxp://domain460013.com/nhjq2/n09230945.aspmd5sum ===> 2848486625b4047a3444923dab914393
SHA256 ===>  09446d23a9fcc90046f7eea4518e2db230621858552f4ea10c145ff758ad3b65
Code: [Select]
hxxp://domain460013.com/nhjq2/document.docmd5sum ===> 0f58de965e77108ab21f852c4a96f4ef
SHA256 ===>  f1d17dbb8753cfd66c6b18c30b9a9713fe3e11c2b491a4f571458fd9d02787dd
Code: [Select]
hxxp://domain460013.com/nhjq2/pereday.php
IP Location: United States - HOSTNOC-8BLK Block1 - BurstNet Technologies, Inc.
IP 184.82.18.41
[184-82-18-41.hostnoc.net]
AS21788
Registrant/Registrant Email: Ekaterina Gilmanova/filed@qx8.ru
Code: [Select]
hxxp://hfcpda.com/gb/miscmd5sum ===> aeb34917633682c8c2a46ee000b3dd30
SHA256 ===>  b448f3c7505bd5742d1660fbe2a86838c5d7db1cfa542e42de288698f7955e49
related:
IP Location: United States  - PNAP-LAX softlayerexempt - SOFTLAYER Technologies Inc.
IP 74.86.13.144
[force.imageleet.net]
AS36351
Registrant: Pauleen Wainwright
Code: [Select]
hxxp://promotiveimage.co.uk/syndicates/flash.exemd5sum ===> 64c0d5a36b2e91d5d4bf27f903afa699
SHA256 ===>  f069134ef97aec218b428f504cdb8ae467ad23fc98adb06bedf3540fcf2e2e5d
http://www.virustotal.com/es/analisis/f069134ef97aec218b428f504cdb8ae467ad23fc98adb06bedf3540fcf2e2e5d-1278158457
VT 15/41 (36.59%)
Code: [Select]
hxxp://promotiveimage.co.uk/syndicates/flashplayer.exemd5sum ===> 6cdf7118d8a719a34a66c2bf40ea1658
SHA256 ===>  86f43c48325ee68a95d81f8ddc1c7174fb0882d65c783cd62778f6982cf4ee65
http://www.virustotal.com/es/analisis/86f43c48325ee68a95d81f8ddc1c7174fb0882d65c783cd62778f6982cf4ee65-1278158149
VT 19/41 (46.35%)
Code: [Select]
hxxp://promotiveimage.co.uk/syndicates/flashupdate.exemd5sum ===> 55d39b196e1ac496a355e9bc16de3ba1
SHA256 ===>  e962af6f7a4166b0bac0e2ef52f6d627594910f83bc305f4f911e6b239ca62fe
http://www.virustotal.com/es/analisis/e962af6f7a4166b0bac0e2ef52f6d627594910f83bc305f4f911e6b239ca62fe-1278157876
VT 20/41 (48.79%)
Logged
July 07, 2010, 12:36:10 pm
Reply #356

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: United States  - HOSTNOC-8BLK Block1 - BurstNet Technologies, Inc.
IP 114.80.142.16
AS46393
Registrant/Registrant Email: Pavel Bubnov/kings@bigmailbox.ru
Code: [Select]
hxxp://regflinbullst.net/mas/cfg.binmd5sum ===> 5fff4b1e62a0ccaa17e7d9251f17ed98
SHA256 ===>  906cf82e9815e99d58ccca975142020259d703ffafd094f45098882465903c55

IP Location: Russian Federation  - DATACENTER2 - INFOBOX-AS Infobox.ru Autonomous System.
IP 77.221.140.102
AS30968
Registrant Email: support@infobox.ru
Code: [Select]
hxxp://z140877.infobox.ru/admin/c.binmd5sum ===> ce3ad838b74ec3a39669042bdd0685b2
SHA256 ===>  b3b3636c3eaa429927983b5594a9d14613faf07bb1a8246bec07e5bb1f8e38ab
Code: [Select]
hxxp://z140877.infobox.ru/admin/bot.exemd5sum ===> 99b9ad7ded46dc6ba48c7e1d55c62528
SHA256 ===>  72e05c605abfba1e3ecba8c59702b210a97ad0a21fc7b01177fc5f0820e77e88
http://www.virustotal.com/es/analisis/72e05c605abfba1e3ecba8c59702b210a97ad0a21fc7b01177fc5f0820e77e88-1278400852
VT 6/40 (15%)
Code: [Select]
hxxp://z140877.infobox.ru/admin/g.php
IP Location: Moldova  - STARNET-AS StarNet
IP 195.206.246.250
AS31252
Registrant/Registrant Email: Hilary Kneber/hilarykneber@yahoo.com
Code: [Select]
hxxp://update-java.com/src/update2.setmd5sum ===> 19093e2e96156992a3d340c2820df6e1
SHA256 ===>  83d8f984ce0a210dcbecaf691eeac154d21eb2135b836aeb029cb3c03db49de5

IP Location:  Kazakhstan  - AlfaHost LLP. Route Object - ALFAHOSTNET Alfa-Host LLP.
IP 193.105.207.102
AS50793
Registrant/Registrant Email: Private Person/vatchin@mail.ru
Code: [Select]
hxxp://mywebsource.ru/392cfg9/292mywebsource2main.jpgmd5sum ===> 1c70d927ba14a85590184e89eba7e271
SHA256 ===>  4b19658f43c7a16803edc045143f00c30a375c426c661fc7b64525e251b18461
Code: [Select]
hxxp://mywebsource.ru/exe38s/myweb.exemd5sum ===> 927b31e911e6ac61cfc00315f1f02c9c
SHA256 ===>  c0bb2861d0a126b2b180368dd3de65ffb77556b2da6b730e1b96c3d30ae66d54
http://www.virustotal.com/es/analisis/c0bb2861d0a126b2b180368dd3de65ffb77556b2da6b730e1b96c3d30ae66d54-1278319008
VT 14/41 (34.15%)
Code: [Select]
hxxp://mywebsource.ru/flash/adobe.php
IP Location: United States  - PEAKCLT Peak 10
IP 216.134.204.32
[mail.123wealthquest.com]
AS19271
Registrant/Registrant Email: Domains by Proxy, Inc./SWINGTIMING.COM@domainsbyproxy.com
Code: [Select]
hxxp://swingtiming.com/images/graph7.jpgmd5sum ===> 406ccc0947df51d2e66b7f845e97a9f3
SHA256 ===>  79810eb885d33832f6efda9aab0a4d909166cceaaffb1dc40ed0f493e9fbffbd
dropzone:
Code: [Select]
hxxp://keybussines.com/main/
IP Location: Moldova - STARNET-AS StarNet Moldova
IP 195.5.161.5
AS31252
Registrant ID: MESHDM-161504
Registrant/Registrant Email: Francis Maskrey/yolahume@rocketmail.com
Code: [Select]
hxxp://vertucom62.me/mas/cfg.binmd5sum ===> fddba3a01c97932e84543923b4a3aae8
SHA256 ===>  20f14c0b5e85abb0332da2abcaafbd92cfea55bdbdcaff8f755dac985f3aabdf

IP Location: Russian Federation  - SINCHROLINE-ROUTE - SYNCHROLINE Autonomous System Syncroline Ltd
IP 217.171.64.154
[ctes.ll.sl.ru]
AS20630
Registrant/Registrant Email: PrivacyProtect.org/contact@privacyprotect.org
Code: [Select]
hxxp://ggooggle.net/first.binmd5sum ===> 2bd5ff898e7b2d60498a518c4ff86f03
SHA256 ===>  9392c75411747eb0711f2c284f1e9d862c698405cfcc12993f495827b3e3116e
dropzone:
IP Location: Russian Federation  - HETZNER-RZ-FKS-BLK2 - HETZNER-AS Hetzner Online AG RZ
IP 178.63.3.186
[de2.reserver.ru]
AS24940
Registrant/Registrant Email: PrivacyProtect.org/contact@privacyprotect.org
Code: [Select]
hxxp://kingdonald.net/welcome.php
Logged
July 07, 2010, 12:44:05 pm
Reply #357

S!Ri

  • Special Members
  • Jr. Member
  • Offline
  • *
  • 21
Re: New Zeus server
Code: [Select]
http://www.umach.nl/images/zoom1.gifMD5: 11D313B26F58028BE2F1D3FAEE6B75D2

Code: [Select]
http://linkbuilding.nl/boom.jpg
http://www.linkbuilding.nl/boom.jpg
Logged
July 08, 2010, 07:23:42 pm
Reply #358

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Moldova  - STARNET-AS StarNet Moldova
IP 195.206.246.246
AS31252
Registrant/Registrant Email: Alex Frog/admin@agradomhome109.com
Code: [Select]
hxxp://agradomhome109.com/A1lT0berg/KLJ5idfveE43iDrD.binmd5sum ===> 84f3ffe670f91d35d478e1741105dd3b
SHA256 ===>  35a060f1d03045fa9fd7de494b23c7e2cec02f336c89a5355f8854bb8e58f357
Code: [Select]
hxxp://agradomhome109.com/A1lT0berg/tk76kHGFVtr6657Du4wdxytkVD4546757fj5vfv56.php
IP Location: Moldova  - STARNET-AS StarNet Moldova
IP 195.206.246.220
AS31252
Registrant/Registrant Email: Bahir Mashom/admin@google.name
Code: [Select]
hxxp://g3vrv3rveverfsd.tw/picture/gif.gifmd5sum ===> 361221fec75de5df71a2259f21c1028d
SHA256 ===>  3d05efe5711282d37f187b3837d828be25a74caf7b1bca263ab320e62987e2f0
Code: [Select]
hxxp://g3vrv3rveverfsd.tw/picture/gaterrz.php
IP Location: Russian Federation -VLine Telecom Block Moscow - VLTELECOM-AS VLineTelecom LLC Moscow
IP 109.196.143.91
AS39150
Registrant Email: contact@privacyprotect.org
Code: [Select]
hxxp://clocktribuh.biz/14592.fopmd5sum ===> 3f58a8deed4609de200456b7fa63dcc9
SHA256 ===>  5a7d18cba86d5ea85be34f1532ec7ea952c46079cea5bc5d7f044cc87b217e13
Code: [Select]
hxxp://clocktribuh.biz/dfi4ert9fgk4g.php
IP Location: United Kingdom - RapidSwitch Ltd - RAPIDSWITCH-AS
IP 78.129.242.243
AS29131
Registrant/Registrant Email: Dr Neil Witt/dgadd@ico3.com
Code: [Select]
hxxp://technologyenhancedlearning.net/images/6.jpgmd5sum ===> a6947b7db705c8b47a0df3c9f1c543f7
SHA256 ===>  e07a1a682c7df5c9c7e5caf5a583394e18fa68cd654d5224976c2a34f1b9d393
Code: [Select]
hxxp://technologyenhancedlearning.net/images/1.jpg
hxxp://technologyenhancedlearning.net/images/2.jpg
hxxp://technologyenhancedlearning.net/images/3.jpg
hxxp://technologyenhancedlearning.net/images/7.jpgdropzone:
IP Location: United States - GoDaddy.com, Inc. - Go Daddy
IP 208.109.113.170
[ip-208-109-113-170.ip.secureserver.net]
AS26496
Registrant/Registrant Email: Private Whois Service/s8zcuzf4c2b70f16a10e@n3omkv94bf61e901fd6c.privatewhois.net
Code: [Select]
hxxp://listwowgame.com/webstate/webstat.php
IP Location: China  - China Telecom JiangXi province - CHINA-TELECOM
IP 59.53.91.121
AS4134
Registrant/Registrant Email: Elena Zhuravleva/take@fastermail.ru
Code: [Select]
hxxp://playatord.com/caa/can.admd5sum ===> 19c40c479ddc9c4e776fccbc3e2353bf
SHA256 ===>  8ccf398008d72d90a431a972a5ed6e23b07d94cd478a7dbf760486a2eb7ce6b0
Code: [Select]
hxxp://playatord.com/caa/caa.exemd5sum ===> dd626a7f3c6a055afb54905f061a21b2
SHA256 ===>  e4a4cd9ecf579d772a0c97e072a43019dcabed0d9c97d8e50452ae16e36af6b9
http://www.virustotal.com/es/analisis/e4a4cd9ecf579d772a0c97e072a43019dcabed0d9c97d8e50452ae16e36af6b9-1278599820
VT 13/41 (31.71%)

IP Location: Bosnia and Herzegovina  - GlobalNET Bosnia - BA-GLOBALNET-AS GlobalNET Bosnia x Internet Service Provider
IP 77.78.240.5
AS42560
Registrant/Registrant Email: Rezeda Maratovna Hairutdinova/admin@mftn.ru
Code: [Select]
hxxp://shkafu.net/loh.lohmd5sum ===> 3d1aec076c33fba43d953e150fd6e407
SHA256 ===>  3f419b4e7fd88ec45a9450d8f0b97edd770fea8ccca4cbef1fdda4e03ac68375
Code: [Select]
hxxp://shkafu.net/hren.exemd5sum ===> b2926d18802547700f23a55457b59b50
SHA256 ===>  6cdd6dc77bcbfbe57fc397a29d67a6986b7b6fc3b93c2c6fd16ef486d2af1fde
http://www.virustotal.com/es/reanalisis.html?6cdd6dc77bcbfbe57fc397a29d67a6986b7b6fc3b93c2c6fd16ef486d2af1fde-1278608317
VT 38/41 (92.69%)
Code: [Select]
hxxp://shkafu.net/dver.php
Code: [Select]
hxxp://shkafu.net/add.exemd5sum ===> dd626a7f3c6a055afb54905f061a21b2
SHA256 ===>  863f680a9cbb832111ef739019b661e8d732549557bc75627ca75e91a6f211aa
http://www.virustotal.com/es/analisis/863f680a9cbb832111ef739019b661e8d732549557bc75627ca75e91a6f211aa-1278607655
Logged
July 09, 2010, 06:55:34 am
Reply #359

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location:  Moldova - STARNET-AS
IP 195.206.246.248
AS31252
Registrant/Registrant Email: Private person/admin@bestcasinotop.ru
Code: [Select]
hxxp://vaserys.ru/2a.jpgmd5sum ===> 08a2caa22524066f4751f69236c5313b
SHA256 ===>  827f63af8160649951878b195473d195bed1b39e5a5a210acc4b61a23d9f8638
Code: [Select]
hxxp://vaserys.ru/focu.php
IP Location:  Moldova - STARNET-AS
IP 195.206.246.251
AS31252
Registrant/Registrant Email: Kate Liss/admin@vaseajretikru.com
Code: [Select]
hxxp://vaseajretikru.com/asdfghjkl/endjiany.binmd5sum ===> fc7a2f6c2a93d556f1d84ba173d8f473
SHA256 ===>  3aa316d4f04cefa718c3704808a41a83e562ba0fd611e18782030287e42993ac

IP Location:  Russian Federation - CRONYX - RINET-AS Cronyx Plus Ltd (RiNet ISP) Autonomous System
IP 195.91.237.51
AS8331
Registrant Email: lakystrike@rambler.ru
Code: [Select]
hxxp://starsico.ru/NeW_pizdeC/configa.binmd5sum ===> a75dfc4bc759868a9bdd33e5dbe10505
SHA256 ===>  9b5a4ac6f73706c0cb13d8d4dfd081be1db0be06fcb6faeff69f0677b49d0109
Code: [Select]
hxxp://vaserys.ru/focu.php
Logged
Pages: 1 ... 22 23 [24] 25 26 ... 48   Go Up
« previous next »