« previous next »
Pages: 1 ... 32 33 [34] 35 36 ... 48   Go Down

Author Topic: New Zeus server  (Read 386829 times)

0 Members and 2 Guests are viewing this topic.

November 18, 2010, 07:59:03 pm
Reply #495

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: United States - Proxy for Wiresix - WIRESIX Proxy aut-num by GNAX for WireSix
IP 66.71.245.206
[hal.g33k.ws]
AS14141
ns1.bidisa.net
ns2.bidisa.net
Registrant/Email Registrant: Cross, Matthew/dendy75@rocketmail.com
Code: [Select]
hxxp://samsung-tv-3dmy.com/conf_uk01.binmd5sum ===> e47f2e79d2f6db3a9608b764b7645511
Code: [Select]
hxxp://samsung-tv-3dmy.com/UK01.exemd5sum ===> 30e52c1104a0de343dccd124880d3283
http://www.virustotal.com/file-scan/report.html?id=2084531221dfd14fd6b8ab06e79a08ea31dd1a037d7c1d1149ae6591315c5838-1290109959
VT 18/43 (41.9%)
Code: [Select]
hxxp://samsung-tv-3dmy.com/EUADM/gotobot.php
Code: [Select]
hxxp://samsung-tv-3dmy.com/EUADM/rapport.exemd5sum ===> 6118f37f9d0b7db157d2bd99eaa261c4
http://www.virustotal.com/file-scan/report.html?id=cee4e04fb7abdf64f648dd06bf2af8d316d84456afc0a66bb5a1dfb6396a7ec9-1290109657
VT 3/41 (7.3%)
Logged
November 18, 2010, 09:04:06 pm
Reply #496

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Ukraine - INFORMEX-NET - INFORMEX-MNT
IP 193.178.172.85
AS20564
ns1.iciq.biz
ns2.iciq.biz
Registrant/Email Registrant: Jenna Miller/Jenna@ersafunds.com
Code: [Select]
hxxp://dakpowj.com/snksy.binmd5sum ===> 81213cf0139dd3a21eefce37961e915a
Code: [Select]
hxxp://dakpowj.com/snk.php

IP Location: Russian Federation - K2K-NET - K2K-AS Contel 2000 Ltd
AS43181
Code: [Select]
hxxp://193.27.232.50/1/usa.binmd5sum ===> cec8ac6a6d71061f9ecd93afce134518

IP Location: Ukraine - YaltaInfo ISP
AS34528
Code: [Select]
hxxp://193.41.38.143/zorrin6.binmd5sum ===> cd57fe62ce47364bf117c1dabe24fa7a
Code: [Select]
hxxp://193.41.38.144/zoroute.php
Logged
November 19, 2010, 01:01:49 pm
Reply #497

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Ukraine - GORBY-AS Alexandr Gorbunov
IP  195.226.197.27
AS51303
ns1.freedns.ws AS24940
ns2.freedns.ws AS50297
Registrant/Email Registrant: Loann T Young/admin@frasertooper.com
Code: [Select]
hxxp://frasertooper.com/abudabi/ukdase.dbmd5sum ===> 4842fa0526e314d17c9d49565ef14600
Code: [Select]
hxxp://frasertooper.com/abudabi/uk.exemd5sum ===> 351038dfc5c0622ce66b3000c62fd566
http://www.virustotal.com/file-scan/report.html?id=b019df7f88b3ca440205a059e4b6e2659ac99ac1900885d6b4d5f3db62ea39a5-1290171516
VT 3/42 (7.1%)
Logged
November 19, 2010, 09:06:51 pm
Reply #498

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: United States - MTO Telecom inc. Proxy Route Object Gogax - MAINT AS
IP  76.76.99.52
[reverse-mtl-76-76-99-52.gogax.com]
AS21793
free01.editdns.net AS33517
free02.editdns.net AS32748
Code: [Select]
hxxp://makasim48dnara.com/hhruhsDDd/hggtik.binmd5sum ===> 1b55e75994b281d235674e6a5f50a095
Code: [Select]
hxxp://77.120.109.24/sa.c.exemd5sum ===> b6fc7db948b9e3e6775d983f4ec072c4
http://www.virustotal.com/file-scan/report.html?id=1d533cb415116751696b042e07943aef871d893c4db949599f1559c135601962-1290199841
VT 12/42 (28.6%)
Code: [Select]
hxxp://77.120.109.24/updatewin7.exe md5sum ===> ad14dbc371b71d7653a13f95e81b3745
http://www.virustotal.com/file-scan/report.html?id=0f8c26d5eaa327a1610aa2492587408d40e54fade6828d9b8688eb2768c3f851-1290200373
VT 5/43 (11.6%)
Code: [Select]
hxxp://makasim48dnara.com/hhruhsDDd/lvv.php
Logged
November 20, 2010, 10:25:53 am
Reply #499

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Russian Federation - VLine Telecom - VLTELECOM-AS
IP  109.196.130.58
AS39150
ns1.1223vsvsn21221.net
ns2.1223vsvsn21221.net
Registrant/Email Registrant: Malus Ozanakis/malusozanakis@yahoo.com
Code: [Select]
hxxp://1223vsvsn21221.net/urla/c2.binmd5sum ===> ea3a690b8d0249a1fdbb452ddc5c2a7c

IP Location: Russian Federation - L-NET Route Object - LYAHOV-AS Lyahovich Maksim
IP  91.217.249.167
AS51554
ns1.derttttt.ru
ns2.derttttt.ru
Email Registrant: info@derttttt.ru
Code: [Select]
hxxp://basildomut.ru/files/file.exemd5sum ===> 91e3f63be4c3d71fd920c7d45b537909
http://www.virustotal.com/file-scan/report.html?id=7ea21ea7efad475d22d7189a09331792ec88bda569b9615c8916b1a27daa52cb-1290208558
VT 8/43 (18.6%)

IP Location: Russian Federation - K2K-NET - K2K-AS
IP  193.27.232.51
AS43181
ns1.nameself.com AS43146
ns2.nameself.com AS30968
Email Registrant: admin@nvffr.ru
Code: [Select]
hxxp://ulssew.ru/a.binmd5sum ===> 002ade0a52c34c82bd0d9dd997de12f5
Code: [Select]
hxxp://ulssew.ru/b.php

IP Location: Singapore - AH-INC Go Daddy Software
IP  182.50.134.1
[sg2nlhg96c1096.shr.prod.sin2.secureserver.net]
AS26496
ns1.freedns.ws AS24940
ns2.freedns.ws AS50297
Code: [Select]
hxxp://chilliwinefactory.com/last/fversionmd5sum ===> 68650d695ecfd2055f32d28df70d4ce8
Code: [Select]
hxxp://chilliwinefactory.com/gamecenter/versioncheck.php

Logged
November 21, 2010, 09:22:02 am
Reply #500

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Tanzania - ASN-WIATZ WIA
IP 41.221.61.109
AS36965
ns1.uniqol.net
ns2.uniqol.net
Registrant/Email Registrant: Igor Nikenin/ChapoohNet-domains@gmail.com
Code: [Select]
hxxp://fryloop.net/ppnl3.bin
hxxp://fryloop.net/panel3/ppnl3.bin
hknwc9ncmehqblccyflrm9nkr.net/ppnl3.bin
hknwc9ncmehqblccyflrm9nkr.net/panel3/ppnl3.binmd5sum ===> a1bbf4ed69971c623acaace3d1b5ccb5
Code: [Select]
hxxp://fryloop.net/panel3/ppnl3.exe
hknwc9ncmehqblccyflrm9nkr.net/ppnl3.exemd5sum ===> 249b4b05e3678564a47a9fedbf171dce
http://www.virustotal.com/file-scan/report.html?id=6e77c46db6c7c786b46ce232543fb526674aab9a6804cb5ba5e55a34660b70d0-1290258365
VT 10/39 (25.6%)
Code: [Select]
hxxp://fryloop.net/panel3/gotobank.php
hknwc9ncmehqblccyflrm9nkr.net/panel3/gotobank.php
Logged
November 21, 2010, 11:07:12 pm
Reply #501

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Ukraine - W-NET ISP - WNET W-NET
IP  92.60.177.243
[grusha-92-60-177-243.hostinghutor.com]
AS15772
ns2.3i3i3i3i.net
ns1.3i3i3i3i.net
Registrant/Email Registrant: Tedy Moon/tedy.moon@yahoo.ca
Code: [Select]
hxxp://3i3i3i3i.net/frame.somd5sum ===> 10972372d64829dc46d3cc10c35a3684
Code: [Select]
hxxp://3i3i3i3i.net/analytics.php
IP Location: Ukraine - Tob Intelektyalni Telecomynikacijni Merezhi
IP  194.1.220.43
AS50738
ns1.nameself.com  AS43146
ns2.nameself.com  AS8342
Registrant/Email Registrant: Private Person/admin@ruoff.ru
Code: [Select]
hxxp://intupdate.ru/fhiuqw8713fs10f/W7Ou3P.binmd5sum ===> a3598c98dc4193b5ffc5013f678e7a60

IP Location: Russian Federation - VHost route - VolgaHost-as PE Bondarenko Dmitriy Vladimirovich
IP  91.213.174.9
AS29106
ns2.reg.ru AS42244
ns1.reg.ru AS25532
Registrant/Email Registrant: PrivacyProtect.org/contact@privacyprotect.org
Code: [Select]
hxxp://xinetdstart.com/000u5.somd5sum ===> e2e8a42326d5a67c61646139cdc5b7da
Code: [Select]
hxxp://xinetdstart.com/i.php
IP Location: Ukraine - INFORMEX-NET - INFORMEX-MNT
IP  193.178.172.38
AS20564
ns3.cnmsn.com  AS24544
ns4.cnmsn.com  AS4134
Registrant ID:orgvb89908697002
Email Registrant: ijghhrgcsq@whoisservices.cn
Code: [Select]
hxxp://az-investment.org/cms/321i9uasdhdas/data_base.mysqlmd5sum ===> 538d1b216e78ca67617714000a14364d
Code: [Select]
hxxp://az-investment.org/cms/9918ahbbdklkshgfpa.php
Logged
November 22, 2010, 10:32:35 am
Reply #502

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Russian Federation - ISPsystem-RU - ISPSYSTEM-AS
IP  188.120.225.116
AS29182
ns2.firstvds.ru
ns1.firstvds.ru
Registrant/Email Registrant: Private Person/abuse1@privatdot.com
Code: [Select]
hxxp://privacyposta.com/zxc/config.binmd5sum ===> 59764bf1ae3ae0704d1d9343a1cba137
Code: [Select]
hxxp://privacyposta.com/zxc/bot.exemd5sum ===> e05909ac2dd0754161b5d8bc8e662ea6
http://www.virustotal.com/file-scan/report.html?id=435b78bfa61dfb6e920e0fc82b0fb36b69aa8091057fec84b65efe39ea503b59-1290421345
VT 3/43 (7.0%)
Code: [Select]
hxxp://privacyposta.com/zxc/gate.php
Logged
November 22, 2010, 05:54:05 pm
Reply #503

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
Code: [Select]
hxxp://195.226.197.27/abudabi/ukdase.dbmd5sum ===> 579df790d304d5aad7af5dc6f1a83422
Code: [Select]
hxxp://195.226.197.27/abudabi/uk.exemd5sum ===> de62f8894967531d68b95e0e3aa33609
http://www.virustotal.com/file-scan/report.html?id=c10c8eff899f7a6e98fcf3b47cbbbf27a5b75d4a4f933b3b0afa0d93ff93f7f0-1290448225
VT 2/43 (4.7%)

IP Location: Russian Federation - L-NET Route Object - LYAHOV-AS Lyahovich Maksim
IP  91.217.249.171
AS51554
ns1.bestwebrecords.ru. 91.217.249.171
ns2.bestwebrecords.ru. 91.217.249.172
Registrant/Email Registrant: Private Person/info@bestwebrecords.ru
Code: [Select]
hxxp://bestwebrecords.ru/cfg/lks34bestwebrecords.jpgmd5sum ===> 702fabec07e06af6fea4fa85f8b4c9f8

IP Location: Russian Federation - L-NET Route Object - LYAHOV-AS Lyahovich Maksim
IP  91.217.249.168
AS51554
ns1.superboy999.ru
ns2.superboy999.ru
Registrant/Email Registrant: Private Person/dns@superboy999.ru
Code: [Select]
hxxp://mnogofiilok.ru/public_htlm/baskov.binmd5sum ===> 03cd0400dea1c00f742602090ebff676
Logged
November 24, 2010, 05:58:57 am
Reply #504

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: United Kingdom - FasthostInternet Ltd - FASTHOSTS-INTERNET
IP  213.171.218.9
[server213-171-218-9.livedns.org.uk]
AS15418
ns1.streamlinedns.co.uk
ns2.streamlinedns.co.uk
Registrant: James Connolly
Code: [Select]
hxxp://jdconnolly.co.uk/music/x9000.exemd5sum ===> 9a127dc840c1868e18077a0cf31c10f6
http://www.virustotal.com/file-scan/report.html?id=2fae778b4f787d8e0d018bc8eb8be515588f1ea6f663180d0143040e2144cd7c-1290577974
VT 23/43 (53.5%)
related (already listed):
Code: [Select]
hxxp://ourpole.com/x9000_z/jq.jpg
Logged
November 24, 2010, 10:03:56 am
Reply #505

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Latvia -GreatHost-ALTNET - ALTNET-LV DG Holding SIA
IP  91.217.153.50
AS41390
ns3.cnmsn.com AS24544
ns4.cnmsn.com AS4134
Registrant/Email Registrant: Whois Privacy Protection Service/napjxicxle@whoisservices.cn
Code: [Select]
hxxp://universaladp.com/qwresrtyhgfadwet4y5/codssase/confdsfdsgfig.binmd5sum ===> daf22ca892b2b00ec1570d1dc0acc234
Code: [Select]
hxxp://universaladp.com/qwresrtyhgfadwet4y5/codssase/bofdaededdsft.exemd5sum ===> af6184bdb7b59f98a561b84ea0dcdb3a
http://www.virustotal.com/file-scan/report.html?id=f51aa0c583f57d36e9314bdaff9618519cca702e217e5a6f41c038f180e1e629-1290590710
VT 25/42 (59.5%)
Code: [Select]
hxxp://qwresrtyhgfadwet4y5/codssase/gafsddsdsrdasdete.php
Logged
November 25, 2010, 03:11:06 pm
Reply #506

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Ukraine - GORBY-AS Route Object - GORBY-AS Alexandr Gorbunov
IP  195.226.197.27
AS51303
ns1.freedns.ws AS24940
ns2.freedns.ws AS50297
Registrant/Email Registrant: Cuc H Rogers/admin@for-advanced-cfg1.com
Code: [Select]
hxxp://for-advanced-cfg1.com/abudabi/uk.dbmd5sum ===> b35ad52663bc35a5f601b620f9848250
Code: [Select]
hxxp://for-advanced-cfg1.com/monte-karlo/usdase.dbmd5sum ===> 06b24ccca94384bf58ea17e03869f01d
Code: [Select]
hxxp://for-advanced-cfg1.com/abudabi/uk.exemd5sum ===> 0738aaaf5fb77f13ac0413c1641670ce
http://www.virustotal.com/file-scan/report.html?id=b33cdf620f0ffd5b992f30d09ce3f8519b997aa202cdd701f5a7272115423430-1290695986
VT 3/43 (7.0%)
Code: [Select]
hxxp://for-advanced-cfg1.com/monte-karlo/us.exemd5sum ===> 611adf9caec8bf9b248bf679d680d5a4
http://www.virustotal.com/file-scan/report.html?id=723edd29801405f1c590f47c1586e90ea1e88362ef79f8df6f3662d1873bd7e4-1290696500
VT 3/42 (7.1%)
already listed:
Code: [Select]
hxxp://195.226.197.24/~hosting/woops/ttf.php
Logged
November 26, 2010, 05:46:29 pm
Reply #507

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Latvia -NET-VPNME Route Object - VPNME-AS Igor Vladimirovich Kanaev
IP  195.226.220.45
AS51354
ns1.freedns.ws AS24940
ns2.freedns.ws AS50297
Registrant/Email Registrant: Private Person/dm.nagib@ymail.com
Code: [Select]
hxxp://gocontinental.com/cdlist/covers/0102_mgm9.jpgmd5sum ===> cd7e1f3c7882111e38267cf3c1e90d70
Code: [Select]
hxxp://fireshowonline.com/index.php
IP Location: Ukraine - it-outsource-as LLC
IP  91.207.182.25
AS48280
ns1.dns-diy.net
ns2.dns-diy.net
Registrant/Email Registrant: Fleya Marla/admin@ramblegara-torentilla.com
Code: [Select]
hxxp://ramblegara-torentilla.com/tor1n0mosk/JNYi8Ge4FEf2re65.binmd5sum ===> de1ec4bc4456fa5d6899da2c74e3e0d0
Code: [Select]
hxxp://ramblegara-torentilla.com/tor1n0mosk/muBvc4cjF5876fVKG4TfU6gf65gtft022Htu.php
Logged
December 01, 2010, 11:48:42 am
Reply #508

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Ukraine - Alexandr Gorbunov
IP  195.226.197.27
AS51303
ns1.freedns.ws
ns2.freedns.ws
Registrant/Email Registrant: Kuanita Thompson/admin@for-advanced-cfg2.com
Code: [Select]
hxxp://for-advanced-cfg2.com/monte-karlo/usdase.dbmd5sum ===> ea40ea75c06baf297607acc8193b1efb
Code: [Select]
hxxp://for-advanced-cfg2.com/abudabi/uk.dbmd5sum ===> 6c88164d42099036a7b0712a96618382
Code: [Select]
hxxp://for-advanced-cfg2.com/abudabi/uk.exemd5sum ===> bbfc8adad69895c51ced1430f7e9cb0e
http://www.virustotal.com/file-scan/report.html?id=69451ec09555ff19f418c04acec44a9d6c0ea5e5e59d9b369d4f556ca52d9918-1291203033
VT 12/43 (27.9%)
Code: [Select]
hxxp://for-advanced-cfg1.com/monte-karlo/us.exemd5sum ===> 536815f08c4ecf152b4c6f65c62e9e06
http://www.virustotal.com/file-scan/report.html?id=361229ff420a65a77370826953adc59d8706bfb67ba22a167935303397791970-1291202979
VT 4/43 (9.3%)

IP Location: Ukraine -VHost route - VolgaHost-as PE Bondarenko Dmitriy Vladimirovich
IP  195.226.220.45
AS29106
ns1.nameself.com
ns2.nameself.com
Registrant/Email Registrant: Evgeniy Jaakson/eejaak@aol.com
Code: [Select]
hxxp://linuxfesttallins.com/0099.somd5sum ===> 90144206b695349222b3719b035a5994
Code: [Select]
hxxp://linuxfesttallins.com/i.php
Logged
December 01, 2010, 03:14:03 pm
Reply #509

jackberri

  • Special Members
  • Hero Member
  • Offline
  • *
  • 1508
Re: New Zeus server
IP Location: Ukraine -ITMUA-AS TOB
IP  194.1.220.48
AS50738
ns3.gkg.net
ns4.gkg.net
Registrant/Email Registrant: James Pokracki/duqiledibegaseci@yahoo.com
Code: [Select]
hxxp://fvrwqtvedjqthln.com/news/?s=9032
hxxp://uqmiqmvsnsjsnxol.info/news/?s=9032
hxxp://194.1.220.48/news/?s=9032md5sum ===> a8c4f0d2918783a4c2c3146fc58e67d9
Code: [Select]
hxxp://fvrwqtvedjqthln.com/news/?s=6225
hxxp://uqmiqmvsnsjsnxol.info/news/?s=6225
hxxp://194.1.220.48/news/?s=6225md5sum ===> 885254e2cb1b9645ed952de3ba29402e
http://www.virustotal.com/file-scan/report.html?id=9351e95d5829e818f58cc2a25a42d83a2d9e0326ec1b0a13258a5a97aff48dbb-1291210202
VT 33/43 (76.7%)
Code: [Select]
hxxp://fvrwqtvedjqthln.com/main.exe
hxxp://uqmiqmvsnsjsnxol.info/main.exe
hxxp://194.1.220.48/news/main.exe
md5sum ===> 1e1770e129aebdbb41da6e382643d178
http://www.virustotal.com/file-scan/report.html?id=3baddae4668aeecb011017b5a7824cc43125e8629f6e26375469774ae5a751a3-1291211548
VT 16/43 (37.2%)

IP Location: Germany -Keyweb AG IP Network - KEYWEB-AS
IP  95.169.186.126
[ns.km33904.keymachine.de]
AS31103
ns2.regway.com
ns1.regway.com
Registrant/Email Registrant: PrivacyProtect.org/contact@privacyprotect.org
Code: [Select]
hxxp://myloanandcredit.net/777.binmd5sum ===> bc4f4ee5169aa70fda8b742df1bc8ee9
Logged
Pages: 1 ... 32 33 [34] 35 36 ... 48   Go Up
« previous next »