Malware Domain List

Malware Related => Malicious Domains => Topic started by: GaryDee on April 23, 2012, 09:44:50 am

Title: Simply New
Post by: GaryDee on April 23, 2012, 09:44:50 am
Code: [Select]
http://www.ares.com.es/down.php
Adware.Downware.178

https://www.virustotal.com/url/732fd8916dee6a468b5c0fcb412b943ec0a1abfb20f95030e88ee7fc662cdb77/analysis/1335173711/
https://www.virustotal.com/file/8bbf62f0c7ea7f14f114a62b8ad6e13e5ebff4c64b7ed11c55869fa518ceab57/analysis/1335173713/
http://128.111.48.236/view.php?hash=c4039bdf20ae421b04eb96a4f70ba9ed&t=1335173723&type=js
http://anubis.iseclab.org/?action=result&task_id=1d030f21979bf99f41908a77b8f834127
Title: Re: Simply New
Post by: GaryDee on April 23, 2012, 08:29:04 pm
With Reports like this:

http://anubis.iseclab.org/?action=result&task_id=1b38d421dbd84aae415bd76891ec22e55&format=html

or

http://anubis.iseclab.org/?action=result&task_id=16b6d923b5fff08e4610bb10ff44d7c11&format=html

these possibly could be brandnew...you can find it at

Code: [Select]
http://www.xunsourj.com/bdtghelper.rar
It includes: (See Screenshot)

Some References:

https://www.virustotal.com/file/3d85774607569a5f1eb242d3ac6cc08eaa939aab36c40117def1645f0e2d9272/analysis/1335182563/
https://www.virustotal.com/file/49261be7f20c9d9dfd1ff35d71e9f3b1b7de17f65581c67beed43d933f1eb85c/analysis/1335180349/
https://www.virustotal.com/file/ff7a37653770ac171e3898c9f5b7a33c08baa6ed71bc578a3e02640179a17484/analysis/1335179753/

So, to be assured that its MW, see:

https://www.virustotal.com/file/dbeceadf49a2e2a33af612d08938cd78951eea7038e09952c032bd70dd25a1f4/analysis/1335213223/

Trojan-Dropper.Win32.Clons!IK
Generic.dx!vvc
TrojanDropper.Clons.abv
Title: Re: Simply New
Post by: GaryDee on April 24, 2012, 11:13:48 am
Domains with the possible MW-Package bdtghelper.rar:
Code: [Select]
http://www.xunsourj.com/bdtghelper.rar
Code: [Select]
http://www.baijinzhushou.com/
http://www.bdjingjia.com/
http://www.jingjia888.com/
http://www.jingjiasem.com/
http://www.semjingjia.com/
http://www.semruanjian.com/

Domains with the possible MW-Package vzz0506.rar:
Code: [Select]
http://www.vzzsoft.cn/vzz0506.rar
Code: [Select]
http://www.08195.com/
http://www.xmsem.com/
Title: Re: Simply New
Post by: GaryDee on April 25, 2012, 03:03:47 pm
Code: [Select]
http://www.myschoner.de/cgi-bin/links/verweis.cgi?ID=497
Trojan/Dropper.Viruce.c

https://www.virustotal.com/file/88d498ed0b4d974ab08242bd92eac2a97581c8f6d8849664956cc0bb0f8d8dd4/analysis/1335364891/

Title: Re: Simply New
Post by: GaryDee on April 26, 2012, 11:48:44 am
Code: [Select]
http://www.gedhtree.com/download/ght280.exe
Trojan/PSW.HyvBrowse.a

https://www.virustotal.com/file/e158fd3ac085943406e368ec201ce82204122dbff07143f031d098eb1c0b68be/analysis/1335440634/
http://128.111.48.236/view.php?hash=003f0c656a316680c20aba176acf47af&t=1335441158&type=js
http://anubis.iseclab.org/?action=result&task_id=15e5aa994b0cbad1461c5b583f686da92
Title: Re: Simply New
Post by: EP_X0FF on April 26, 2012, 01:34:48 pm
Code: [Select]
http://www.gedhtree.com/download/ght280.exe
Trojan/PSW.HyvBrowse.a

https://www.virustotal.com/file/e158fd3ac085943406e368ec201ce82204122dbff07143f031d098eb1c0b68be/analysis/1335440634/
http://128.111.48.236/view.php?hash=003f0c656a316680c20aba176acf47af&t=1335441158&type=js
http://anubis.iseclab.org/?action=result&task_id=15e5aa994b0cbad1461c5b583f686da92

This is false positive due to UPX. Here is the same without UPX
https://www.virustotal.com/file/a7ef873b417c55c88bacdd517ef857003a7b9f9d97dd385bfa1edad2161e96ab/analysis/1335447008/

Quote
GedHTree is a program for Windows 95 through XP, Vista and Windows 7 users that processes GEDCOM files to generate output pages in HTML format.
Title: Re: Simply New
Post by: EP_X0FF on April 26, 2012, 01:51:01 pm
Code: [Select]
http://www.myschoner.de/cgi-bin/links/verweis.cgi?ID=497
Trojan/Dropper.Viruce.c

https://www.virustotal.com/file/88d498ed0b4d974ab08242bd92eac2a97581c8f6d8849664956cc0bb0f8d8dd4/analysis/1335364891/



Same FP. It is Alfa 147 Cup screensaver.
Title: Re: Simply New
Post by: dlipman on April 26, 2012, 01:53:13 pm
The MAJORITY of what GaryDee posts are False Positives!
Title: Re: Simply New
Post by: GaryDee on April 27, 2012, 03:43:56 pm
Code: [Select]
http://www.editorandauthor.com/
Suspicious (PHISHING)

http://128.111.48.236/view.php?type=js&hash=a232c71b90692bcac478fe9e2cfbe73f&t=1335540465

http://128.111.48.236/domain.php?hash=a232c71b90692bcac478fe9e2cfbe73f&type=js

Links to:
Code: [Select]
http://ads.getthebar.com/ (Known by McAfee as a former Phishing-Site)

Code: [Select]
http://www.linkscout.com/
http://www.mywot.com/en/scorecard/linkscout.com

http://www.UnmaskParasites.com/security-report/?page=www.editorandauthor.com

See also:
http://www.sitetruth.com/fcgi/ratingdetails.fcgi?url=www.editorandauthor.com&details=true
Title: Re: Simply New
Post by: GaryDee on April 27, 2012, 04:55:42 pm
Code: [Select]
http://www.freeflashbuilder.com/
Additional (potential) malware:
Code: [Select]
http://www.freeflashbuilder.com/sitebuilder/usercontent&userurl1=http://www.free flashbuilder.com/sites&userid=index&subdomain=
http://128.111.48.236/view.php?hash=e04319a4febfbd6c8c62d0b290622c00&t=1335545136&type=js
Title: Re: Simply New
Post by: GaryDee on April 27, 2012, 07:32:15 pm
Site

Code: [Select]
http://www.nopaypoker.com/
appears to be good,

http://www.mywot.com/en/scorecard/nopaypoker.com

but:

Additional (potential) malware found:
Code: [Select]
http://www.nopaypoker.com/nopaypoker.exe
See:
http://128.111.48.236/view.php?hash=d0480f43e34cbc5a6d79d27482215b7e&t=1335554148&type=js
&
http://anubis.iseclab.org/?action=result&task_id=16fb9383d4a076ed469c973fdd98d6402&format=html

Also:

1 HIDDEN Link:

http://www.UnmaskParasites.com/security-report/?page=www.nopaypoker.com/UserSection/StaticPages/General/download.aspx
Title: Re: Simply New
Post by: GaryDee on April 28, 2012, 09:33:34 am
Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=3&type=1&id=85
Trojan-SMS!IK

https://www.virustotal.com/url/7f3dae83c74bc04c279ee6b3fb3097c719d9903ac16179c08192522e6f9ea99f/analysis/1335604824/
https://www.virustotal.com/file/81a7f6633b96fc25145e61925be20f4cf1f289afee6796be9c722ba86dc53052/analysis/1335604836/
Title: Re: Simply New
Post by: GaryDee on April 28, 2012, 11:13:01 am
Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=67
Trojan-SMS!IK
Riskware:Java/SmsSend.Gen!A
Trojan-SMS


https://www.virustotal.com/url/765b0baf4f218bbe5177db30c56e6c73fcf791cc29a9bcd480c8920173fbb88b/analysis/1335607751/
https://www.virustotal.com/file/1a82b511f308dedfb8571865e2c5731ac822c5c8ea8109eb2f332ed403d8e5eb/analysis/1335607756/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=62
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/url/a4f2b7ade59ce686adff6998fc534e1b18a01a5d0099750f73a68bfe2b141571/analysis/1335608042/
https://www.virustotal.com/file/1312016b03e4e3550a5a0b5cb72b5ada0395b3da77281849b62cb90637de61c6/analysis/1335608050/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=59
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/url/fa2e772aa34ffbb9b1911720a63159aaaad7c8462b758f2ff928eba1081942a8/analysis/1335608100/
https://www.virustotal.com/file/49ab705f50e510ea239ad3d7bdda4fd2c8abd531b15a74d62260313678cfba9f/analysis/1335608107/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=49
Trojan-SMS!IK
Riskware:Java/SmsSend.Gen!A
Trojan-SMS


https://www.virustotal.com/url/5ac6189838fa282378f1daaee9c748a35f6773796910e82eeea98aa70de55ae4/analysis/1335608177/
https://www.virustotal.com/file/a07d7b10ab04e5519c60e035b1c5e38ff6f249b4edea05ed9df3009db71e3e0f/analysis/1335608184/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=105
Java.SMSSend.780
Riskware:Java/SmsSend.Gen!A


https://www.virustotal.com/url/adf8d9da5351a565dc0391052dd0e3a9a1445ec9430358918df1e8ce872836d6/analysis/1335608683/
https://www.virustotal.com/file/52dbe9f4c9a04dd1aaf0d1ab8399c6a55df4addd1e25650ae26d661aa667402d/analysis/1335608689/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=43
Trojan-SMS!IK
Riskware:Java/SmsSend.Gen!A
Trojan-SMS


https://www.virustotal.com/url/849dc5bb7700d79b33d80ba6840d337d719d49f70269b2b5380f8fd7fb875556/analysis/1335608731/
https://www.virustotal.com/file/4003594889f00f7b16455a2b78e51813e284b7d080610dedbbca85a264ad37d8/analysis/1335608737/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=57
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/url/04803e20c501d9ce5db261f90db34026b44b056b049bfbe12409581c48701d77/analysis/1335608852/
https://www.virustotal.com/file/1036d68dc0c6a1dafedb7c2887978edfe40c25252e6ab158192005bcfc5cf4f4/analysis/1335608861/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=87
Trojan-SMS!IK
Trojan-SMS


https://www.virustotal.com/url/2249dc977700002b4d1abd484bcbef22d8896b2b010e2bd6e9e7508e3610aa0c/analysis/1335608997/
https://www.virustotal.com/file/72542f3054cdc94917fa1b4c930680ee2bed6cd4462a95fc2ba0bd2531d6915c/analysis/1335609005/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=47
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/url/21e576fe8456a5b4300139411248d422e1b060e79c0461a9c8ec0f9c08f66be7/analysis/1335609086/
https://www.virustotal.com/file/fdb2f423f08de84621f003978b57a99e1ab294d2d44803fbf0765f68c762aa4e/analysis/1335609091/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=99
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/url/7084f5276e86acf70452e55c20601f993e9fe1c01f999b77649c0def3f9fb70f/analysis/1335609409/
https://www.virustotal.com/file/0a6679be05a66f81d892c6151387030a99d93034f0e5996280c48cf66778460a/analysis/1335609415/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=46
Trojan-SMS!IK
Riskware:Java/SmsSend.Gen!A
Trojan-SMS


https://www.virustotal.com/url/540848b8653824359c31122c51ce34bde2269cdcc396598958a4aeed27e341e4/analysis/1335609528/
https://www.virustotal.com/file/f09711aaaa7495a89a12aa479f5d564e9436b6e9e2dd3bd9a04504c0b9edbad9/analysis/1335609533/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=104
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/c9e9d2de2a1bfff205c202a67d4001dc348eb3365f00f2943092dd176888493c/analysis/1335609850/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=101
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/931c476c3a5a4bb97e4eb18cda863b8969cecd28a712da69e436eaebf107807f/analysis/1335609936/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=64
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/7802558764ad041f08cb8c07377b23b07f0917ef1fd76c2c17b91d4bac491a71/analysis/1335610005/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=69
Trojan-SMS!IK
Riskware:Java/SmsSend.Gen!A
Trojan-SMS


https://www.virustotal.com/file/92b9835b1d7b0841cbf98553625c06ffcd718c22261cc88350aa894621c84ba7/analysis/1335610032/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=48
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/f17431cbb05f7dfe15cbd3009bb71f1957aaa09cb9c868268fe8b0de056cb7ec/analysis/1335610244/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=52
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/5ed45d726baef5c10b018a5a0ef73146f9c25292d48f90a886a1ff74f3ec9808/analysis/1335610260/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=58
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/9983a8f34dd2aaeabfcb8637ec952ec0ec2f18938fecfe78254867ae55d7c87d/analysis/1335610358/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=63
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/f1b6dbbe17bb6edbdddfbee726806b3d88e3277e2f8d364e3fccd5de072e81c7/analysis/1335610383/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=68
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/f88aad9e5b6a76598f7c0da76821d38284b1d8c4d49fb818a7e78628badb10b4/analysis/1335610478/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=73
JAVA_JIFAKE.SMA

https://www.virustotal.com/file/91bbbbc6317c8cf43f734ffc91f3afa325fcd02c75ca1a8ec272ebfd0935f308/analysis/1335610722/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=74
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/2c2845aa2081b1f672fccdb7c6577b99bd4c6e3b30ede72571b01e0fbe9d905d/analysis/1335610870/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=86
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/d997fe22203d695cc2c9d913e72c8c58accd84cc7a8c6adcaa47c97b826abe81/analysis/1335610907/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=50
Trojan-SMS!IK
Riskware:Java/SmsSend.Gen!A
Trojan-SMS


https://www.virustotal.com/file/c38876dd02d9eb9018b67d30ae10402d4ec234d6be74b57b6661235a4c979edc/analysis/1335611338/

Code: [Select]
http://game.qplay.vn/getfile.jspx?ver=1&type=1&id=77
Riskware:Java/SmsSend.Gen!A

https://www.virustotal.com/file/949b4869bb30f7ba602dadb7b201310313b9f3251b99cfbc9e8cd61ea19ada1c/analysis/1335611311/
Title: Re: Simply New
Post by: GaryDee on April 30, 2012, 10:04:30 am
Code: [Select]
http://www.bazagraphics.com/cms/css/sincronizar.exe
Trojan-Banker.Win32.Banbra.amvh
Trojan.Generic.6904328
TrojanSpy:Win32/Banker.ABU


https://www.virustotal.com/url/87baec2acb27b9015cb0704d231cfeb3729b3f4b132293aa69a097217d00330e/analysis/1335779612/
https://www.virustotal.com/url/5725219cae8cc66c581a67682f99c480c5b6b06fbec1a6dbf19209a842db30c4/analysis/1335779723/
https://www.virustotal.com/file/34b9bb5c758de56d62d84c5e9b2dd240fbd1e33f96a5ab739bcb2d53c11351e9/analysis/1335779725/
http://128.111.48.236/view.php?hash=0adf5838a3abfc8a861a9e9fb88b6de0&t=1335779884&type=js
http://anubis.iseclab.org/?action=result&task_id=16b5a941d5fa331e495c6a40f62fc7ad0
Title: Re: Simply New
Post by: GaryDee on May 03, 2012, 10:51:16 am
Code: [Select]
http://mybigtastybacon.my.ohost.de/
Hoax.JS.BadJoke.FlyWin.c

http://wepawet.iseclab.org/domain.php?hash=50aa7309c6462d2fb8ac7f1bb441aea7&type=js
http://vscan.novirusthanks.org/analysis/1d89438300cd9cd2a2608f939ef29cb7/aW5kZXg=/
Title: Re: Simply New
Post by: GaryDee on May 05, 2012, 01:28:13 pm
Code: [Select]
http://captiveimagination.com/download/MythAssistant.exe
Additional (potential) malware:

http://wepawet.iseclab.org/view.php?hash=ca7cd7ae3f8a366a116e918bd08f75ff&t=1336223779&type=js
http://anubis.iseclab.org/?action=result&task_id=12178d58fb08c82d4b131262e2c7cd69a
Title: Re: Simply New
Post by: GaryDee on May 05, 2012, 01:38:03 pm
Code: [Select]
http://captiveimagination.com/download/uberzip.exe
Virus.Win32.Heur.c

https://www.virustotal.com/url/81d5949d2d8784702bccdd4b66a130768ee2490d70fbf8fb8f3d6805ee031481/analysis/1336224636/
https://www.virustotal.com/file/98bc10c70bec3e4a59bc6ae48371ed8a88c5b7e6c62f258bcdd658681de61dbf/analysis/1336224637/
http://wepawet.iseclab.org/view.php?hash=1b0cff73ad11c4253599d3a595160add&t=1336224564&type=js
http://anubis.iseclab.org/?action=result&task_id=1004df6219fb64694c579ddb682e5221b
Title: Re: Simply New
Post by: GaryDee on May 05, 2012, 02:50:42 pm
Code: [Select]
http://thesacredturtle.com/
Trojan-Downloader.JS.Agent.gnk

http://wepawet.iseclab.org/view.php?hash=cbb44e574d654798acf9ad39842abeeb&t=1336228339&type=js
Title: Re: Simply New
Post by: GaryDee on May 08, 2012, 10:44:49 am
Code: [Select]
ftp://82.199.102.210/Soft/internet/P2P/eMule0.49C/eserver-16.40.i686-win32.exe
ftp://82.199.102.210/Soft/internet/P2P/eserver-16.40.i686-win32.exe
not-a-virus:NetTool.Win32.Agent.do


Code: [Select]
ftp://82.199.102.210/Soft/internet/ISA2006/%D0%E5%E7%E0%F2%FC%20%F1%EA%EE%F0%EE%F1%F2%FC/BSplitter.1.22.patch.exe
Trojan-Dropper.Win32.FC.jq


Code: [Select]
ftp://82.199.102.210/Soft/internet/IPDbrute/The%20Founder%20of%20Sheets.exeHackTool.Win32.BruteGen.a


Code: [Select]
ftp://82.199.102.210/Soft/Video%20ip/H264%20WebCam%20Deluxe%203.57/Patch/H264WebCam%20Patch.exe
Trojan.Win32.Refroso.dncy


Code: [Select]
ftp://82.199.102.210/Soft/internet/IPDbrute/IPDbrute_2.0_Pro_old/IPDbrute2.exe
not-a-virus:PSWTool.Win32.IpdBrute.20


Code: [Select]
ftp://82.199.102.210/Soft/OS/%C2%E8%E7%F3%E0%EB%FB/Aston/Aston1-9-6Russianinclsercrack.rar
Downloader.Banload.PES
Trojan-Downloader.Banload.isb
probably a variant of Win32/Spy.Banker.JZXTHGB

https://www.virustotal.com/file/ced23f4df978f800a9ada6dae4d94fb877514bd0f394ac693f470a9aafe90d9c/analysis/1336310801/

Code: [Select]
ftp://82.199.102.210/Soft/BS%201.22.rarTrojan-Dropper.Win32.FC.jq

Code: [Select]
ftp://82.199.102.210/Soft/OS/Win_7/Crack/Chew7601.exe
TR/Drop.agel.A
Riskware.Keygen.SuspectCRC!IK
Artemis!FCA847D91A57
HackTool:Win32/Keygen


https://www.virustotal.com/file/8c0c88c87a43d60000bbd7e5d8ffdee6fab9669b6620ae11eed1226a43a55d83/analysis/1336296716/



Code: [Select]
ftp://82.199.102.210/Soft/OS/Win_7/Crack/Activator/
Win32:PUP-gen [PUP]
Crack.CO
possible-Threat.Tool.Keygen
Artemis!8F9CCBDB647D
a variant of Win32/HackKMS.A
HackTool.Keygen!0MY2AQ6aVKo


https://www.virustotal.com/file/04bf7275a00ffbbfc8fae6e4b7b983aef72b75f67b150d97c8e7811e839bde91/analysis/1336297624/


Code: [Select]
ftp://82.199.102.210/Soft/1c/1c/1C-8.2/1Cv8.1/crack/loaddrv.exe
Win32.TrojanHorse

https://www.virustotal.com/file/f5fb71eedee55094a47b8a06b732a6c7f07a36b0e153dca42dbcff60e3d575ba/analysis/1336289694/


Code: [Select]
ftp://82.199.102.210/Soft/Amicon/AmiVPN_4_1_18_for_Windows.zip
Heur.Packed.Unknown

https://www.virustotal.com/file/231e3d033e4bc018a20464e48f2a3d50e7d05cec563fcacd77a939f13200dc39/analysis/1336290440/

includes

WinFPSUHash.exe

Posible_Worm32

https://www.virustotal.com/file/a822dd7a31980726d0dfabe5ffafd8b457278225ceb373ef3d51cb0c85a11cb2/analysis/1336290559/


Code: [Select]
ftp://82.199.102.210/Soft/CD/CloneCD%205.3.1.4/SetupCloneCD5314.exeWin32.TrojanHorse

https://www.virustotal.com/file/3ace8788f60cdfdea28e7473e5d5df0a7408859c3bdab4423d95e3cbfa67f2c3/analysis/1336291906/


Code: [Select]
ftp://82.199.102.210/Soft/CD/Daemon_Tools/YASU_1.1.7/YASU.exe
Heuristic.LooksLike.Win32.Suspicious.F!81
Trojan.Win32.Generic.127753D0
PAK_Generic.001


https://www.virustotal.com/file/476d9ae064e728b9c31659b46cba49306c2963d215e396c7720430ffd926fe79/analysis/1336292101/


Code: [Select]
ftp://82.199.102.210/Soft/CD/SFNightmare.exe
Virus.Win32.Heur.e
Sus/UnkPack-C
PAK_Generic.015


https://www.virustotal.com/file/76e2816a7c69f2fb1a1c10c8ba5082a5cdd4ff299de94d0910eb1ee3238273cd/analysis/1336292504/


Code: [Select]
ftp://82.199.102.210/Soft/HDD/FlashKa/AlcorMP_AU698X_091111/AlcorMP_AU698X_091111/AlcorMP.exe
WS.Reputation.1

https://www.virustotal.com/file/ebef0365f14cb6ee58f7e743c022aa2332dbfe3b37817c29c9444314455359e5/analysis/1336293477/


Code: [Select]
ftp://82.199.102.210/Soft/HDD/Norton.PartitionMagic.v8.05/Keygen/Keygen.exe
Troj/KeyGen-GP

https://www.virustotal.com/file/31f5fe8bc06b07f37ef6728baeec8dc6627af9e58e0c7411d7ec431fb2e512ad/analysis/1336294722/


Code: [Select]
ftp://82.199.102.210/Soft/HDD/Partition%20Magic_disket/pm80_1.exe
W32/Suspicious_Gen2.VIZN

https://www.virustotal.com/file/8a76b7756f4ea018fec5bf9defc06943537de134634471a5077c5389ad38f7a3/analysis/1336295834/


Code: [Select]
ftp://82.199.102.210/Soft/HDD/Partition%20Magic_disket/pm80_2.exe
W32/Suspicious_Gen2.VIZN

https://www.virustotal.com/file/eaf76f594b77cf7795a5606fc43bfbbe021478bb39c932a69f25bcce2b169138/analysis/1336295997/


Code: [Select]
ftp://82.199.102.210/Soft/HDD/%C2%EE%F1%F2%E0%ED%EE%E2%EB%E5%ED%E8%E5/QSFVINST.EXE
Suspicious File

https://www.virustotal.com/file/5c3f0124338a53f73a013ac71a79f3e4c410fa31f1e6dcf75d2aa286c160daf2/analysis/1336296032/


Code: [Select]
ftp://82.199.102.210/Soft/HDD/%C2%EE%F1%F2%E0%ED%EE%E2%EB%E5%ED%E8%E5/R-Studio_en_3.5/R-Studio_en_3.5.exe
Heur.Suspicious

https://www.virustotal.com/file/29eaf61e1497b4ca7620f73fb868d8396f20f857b600d9703da5099a759ca9ae/analysis/1336296271/


Code: [Select]
ftp://82.199.102.210/Soft/OS/Win_7/%C2%E8%E7%F3%E0%EB%FB/CubeDesktop%20Pro%201.3.1/%D0%F3%F1%E8%F4%E8%EA%E0%F2%EE%F0/CubeDesktopProRUS.exe
Artemis!198D2316FC3B

https://www.virustotal.com/file/434d6d77381ad82586cb1a45edced37a7035d4114148bd971b4a167bfb2359e0/analysis/1336298083/


Code: [Select]
ftp://82.199.102.210/Soft/OS/Win_7/%C2%E8%E7%F3%E0%EB%FB/CubeDesktop%20Pro%201.3.1/CubeDesktop.exe
PUA.Packed.EXECryptor
PAK_Generic.009


https://www.virustotal.com/file/a52e64c7ba09326f4775272e5d3eac6db7b35e116faa190c6b565f1a301e678f/analysis/1336298433/


Code: [Select]
ftp://82.199.102.210/Soft/OS/Windows%207%20Themepack/Extras%20v.3/RocketDock-v1.3.5.exe
Win32.TrojanHorse

https://www.virustotal.com/file/43759b0c441fd4f71fe5eeb69f548cd2eb40ac0abfa02ea3afc44fbddf28dc16/analysis/


Code: [Select]
ftp://82.199.102.210/Soft/OS/Windows%207%20Themepack/Extras%20v.3/WIN%207%20OEM%20Themes/TOSHIBA/Toshiba%20Wallpaper%20Install.exe
Trojan.Win32.Jpgiframe (v)

https://www.virustotal.com/file/d4c85fdad79575047dcb5966f87b31f575eb19b66137b82ab9612921ba6c10fa/analysis/1336308240/


Code: [Select]
ftp://82.199.102.210/Soft/OS/%C2%E8%E7%F3%E0%EB%FB/Aston/Aston%202.0.3/Crack/Dll/A2Menu.dll
TrojanSpy.Ardamax.bcp

https://www.virustotal.com/file/7e53ac638fcdd988955b1d82e431f132609b97df128a13884144430f37ecc8dc/analysis/1336309907/


Code: [Select]
ftp://82.199.102.210/Soft/OS/%C2%E8%E7%F3%E0%EB%FB/Aston/Aston-1.96-RUS/Cracked/A-Master.exe
Heuristic.BehavesLike.Win32.PasswordStealer.H

https://www.virustotal.com/file/5befb0a282a2ddd9761845e8ee0c762ce16eac9f1d679b756db07a4338c35839/analysis/1336310209/


Code: [Select]
ftp://82.199.102.210/Soft/OS/%C2%E8%E7%F3%E0%EB%FB/Aston/Aston-1.96-RUS/Cracked/Aston.exe
PUA.Packed.ASPack

https://www.virustotal.com/file/52ea16bd85fa283ccdffef8be77906f03ecfba29a95c07dc07ed7fe9eb3c5836/analysis/1336310224/


Code: [Select]
ftp://82.199.102.210/Soft/OS/%C2%E8%E7%F3%E0%EB%FB/Aston/Aston-1.96-RUS/Cracked/Thwizard.exe
Heuristic.LooksLike.Win32.Suspicious.J
WS.Reputation.1


https://www.virustotal.com/file/56be01125dcaaaa78815a9c3bcf58d2f1463413d66bbf13e3d276c93432a0032/analysis/1336310389/



Code: [Select]
ftp://82.199.102.210/Soft/OS/%C2%E8%E7%F3%E0%EB%FB/Aston/Aston1-9-6Russianinclsercrack.rar.part
Downloader.Banload.PES
Trojan.Generic.566860
PWS-Banker


https://www.virustotal.com/file/b5a1af95bcaa35eff2e8378f57e340e4e35b3470ce858fb60c4350b50a90e17d/analysis/1336310845/



Code: [Select]
ftp://82.199.102.210/Soft/OS/%C2%E8%E7%F3%E0%EB%FB/Stardock_ObjectDock_Plus_2.0Rus/keygen.exe
HackTool.Win32.Keygen!IK
Generic.dx!vte
W32/QQShou.JE!tr


https://www.virustotal.com/file/55a8340ba9f05921b63fe91392d9ab61e8284685af0510ccb1d17fc23f4489f0/analysis/1336311527/



Code: [Select]
ftp://82.199.102.210/Soft/OS/%C2%E8%E7%F3%E0%EB%FB/Stardock_ObjectDock_Plus_2.0Rus/%D0%F3%F1%E8%F4%E8%EA%E0%F2%EE%F0%20v.1.8%20%E4%EB%FF%20ObjectDock%20Plus%20v.2.0.exe
TR/ADH.2.579
Trojan-Dropper!IK
Artemis!184AD32BF5F2


https://www.virustotal.com/file/2d36e057efde5a82a86d60c51156e7a129ddfcacab36ce905e8897d6a4d2ed3c/analysis/1336311807/



Code: [Select]
ftp://82.199.102.210/Soft/Office/AVS-Organaiser/avsorg616.exe
Adware/Gator.3202

https://www.virustotal.com/file/aa3333ab68b42c35a31ac71c0a7ea1054907e571c117927dde9f01c0ba890b72/analysis/1336313126/



Code: [Select]
ftp://82.199.102.210/Soft/Office/AWicons%20Pro%2010.0/AWiconsPro.exe
(Suspicious) - DNAScan

https://www.virustotal.com/file/5dedcf9b212956386590e862683d5e580382c3f66bf3516459ba3371a9f90d36/analysis/1336313990/


Code: [Select]
ftp://82.199.102.210/Soft/Office/AWicons%20Pro%2010.0/awiconsprosetup.exe
TrojanDropper.Agent.brxi
Trojan/Dropper.Agent.exkw


https://www.virustotal.com/file/6cd56790c6ee0e54262c8704d2b815416e41bdb33d9e1ff9deb297e305f5f23b/analysis/1336314209/



Code: [Select]
ftp://82.199.102.210/Soft/Office/Adobe/Flash_CS5/adobe_FP_CS5_keygen/adobe_FP_CS5_keygen.exe
SPR/Patcher.P.4
Riskware.Keygen.SuspectCRC!IK
Artemis!1F0FBE28C0A0


https://www.virustotal.com/file/6978a510acf78d1f90f8b053b2fff16b9fdcd25a5d11599cea73ac2d492fb9b3/analysis/1336314271/



Code: [Select]
ftp://82.199.102.210/Soft/Office/Adobe/Photoshop%20CS5%20Extended%20v12.0%20Rus/adobe_PS_CS5_keygen.exe
SPR/Tool.Keygen.1324
ApplicUnsaf.Win32.HackTool.Keygen.~C


https://www.virustotal.com/file/e11434558518a2b9a43ce0857e1149c927916c208931f6c3a03a921a307ad628/analysis/1336314878/


Code: [Select]
ftp://82.199.102.210/Soft/Office/Adobe/Photoshop%20CS5%20Extended%20v12.0%20Rus/%CF%EB%E0%E3%E8%ED%FB/Im.Port.2.3.08_Rus.rar
Downloader.Generic9.BYXL
W32/MalwareF.HXBC
HackTool:Win32/Keygen


https://www.virustotal.com/file/25fd821d541d3a5d9139cedd16c118de3d33b70f412b7e0ba83b7715d9bf9180/analysis/1336384140/



Code: [Select]
ftp://82.199.102.210/Soft/Office/ArtIcons%20Pro/V.5.14/aipro.exe
PUA.Packed.ASPack

https://www.virustotal.com/file/8e5da97ed2fe92289f734a38dcd3d1c62c78d8fbe19d2582a96aef53315ec28a/analysis/1336384955/


Code: [Select]
ftp://82.199.102.210/Soft/Office/Office/Office.2003.Full.SP3.rus.corp/VISIO/VISIO%202007/msa2007kg.exe
BackDoor.Bifrose.DEX
ApplicUnsaf.Win32.HackTool.Office2007.~A
CRCK_KEYGEN


https://www.virustotal.com/file/c246046625359a2f07f5a156df4fb463a0aa18a232de27d442254b296c32eaf1/analysis/1336385910/



Code: [Select]
ftp://82.199.102.210/Soft/Office/Office/msoffice_2007_ent_rus/keygen/OFFICE%202007.exe
Riskware.Keygen.office2007!IK
Heuristic.LooksLike.Win32.Suspicious.C!87
Troj/Agent-GAU


https://www.virustotal.com/file/9eace85afdfc3d1fee53cf42907219b569ef77f47638360ecebcdd92f6b8830e/analysis/1336386167/



Code: [Select]
ftp://82.199.102.210/Soft/Office/SumatraPDF-1.9-install.exe
Trojan-Downloader.win32.Small.gen.105

https://www.virustotal.com/file/a1305d46598656d51a3107e4f7e135a9b2beeca99aa5d33b47847d1851c8f343/analysis/1336386510/



Code: [Select]
ftp://82.199.102.210/Soft/Office/Ulead%20Gif%20Animator%20V%205.0.5/Rus/Rus.exe
Trojan/PSW.LdPinch.cwi

https://www.virustotal.com/file/06841dab18f1b176617b145214be3bddfd6e0667631ce75fd9fb4b5a28860939/analysis/1336386704/



Code: [Select]
ftp://82.199.102.210/Soft/Office/%D4%EE%F2%EE%E0%EB%FC%E1%EE%EC/Flex-e-Wizard_Free/Flex-e-Wizard_Free.rar
Sus/UnkPack-C

https://www.virustotal.com/file/b92897174f624606d005f1cf213e0a5457fd74903410f5919bf7118dc9f44ca9/analysis/1336386946/



Code: [Select]
ftp://82.199.102.210/Soft/Office/%D4%EE%F2%EE%E0%EB%FC%E1%EE%EC/%CF%F0%EE%E3%E0/V.7.0.1.363/Rus/LDS_rFAVista.7.0.1.363.Retail/facommon.dll
W32/D_Downloader!GSA
Trojan/Dropper.Injector.cslb


https://www.virustotal.com/file/d7a129b816800fd44b769c5ded6d9c7c1b07a4a1197e3587d8a6f14febc432cd/analysis/1336387494/



Code: [Select]
ftp://82.199.102.210/Soft/Office/%D4%EE%F2%EE%E0%EB%FC%E1%EE%EC/%EF%F0%EE%E3%F0%E0%EC%EC%E0/FlipAlbumHelp.rar
TrojWare.Win32.Downloader.Zlob.~RB
W32/Suspicious_Gen2.CGRII
Trojan/Downloader.Zlob.pwy


https://www.virustotal.com/file/1c48019bdb9150d26076df7d9c7784d94aa357c9857e07f4676602631d8006a0/analysis/1336387860/



Code: [Select]
ftp://82.199.102.210/Soft/Seo-text/%CF%EE%EB%E2%E5%F0%EA%E0/Textus%20Pro%20Setup.exe
Win32.APPLAgent.Dp

https://www.virustotal.com/file/f3889777b860e7a0d084552d76dea4d58dc40bf6542cccae3932cc30da57f367/analysis/1336388581/



Code: [Select]
ftp://82.199.102.210/Soft/Video%20ip/WebCam_Looker.4.2.ru/setup.exe
Trojan.Win32.Generic.1277E531
PAK_Generic.001


https://www.virustotal.com/file/ea8246afcf11e63bc28103c22ae0d4b2c3a210444eabc827f15ca275be69d8c7/analysis/1336389351/



Code: [Select]
ftp://82.199.102.210/Soft/Video%20ip/H264%20WebCam%20Deluxe%203.57/H264WebCam_Setup.exe
UnclassifiedMalware

https://www.virustotal.com/file/7d970ab60c1abd1bb2137d0eaf74919585d23ca7d0a08d595a0a82a9a23ba040/analysis/1336389363/



Code: [Select]
ftp://82.199.102.210/Soft/Vir.rar
ftp://82.199.102.210/Soft/Vir_SMS.rar

Virus in password protected archive

https://www.virustotal.com/file/b33d5de2aa285ca61a867793111ebf9a7d5e157638d05289160af777341243b8/analysis/1336389616/



Code: [Select]
ftp://82.199.102.210/Soft/Win7_Loader_Lite.zip
SPR/Tool.WPAkill.B.7
HackTool.Win32.Wpakill
Artemis!347C23328DF3


https://www.virustotal.com/file/8560a17f288e62a1a365d5079873410f2c977a50440c6835222e7b0d70a9fcac/analysis/1336390105/


Code: [Select]
ftp://82.199.102.210/Soft/gp_win_rc6.1.zip
JailBreak - Greenpois0n

https://www.virustotal.com/file/196490b746fc8c6912562955cfba531842dea982025ed5691775aa7d7e9c0949/analysis/1336390179/



Code: [Select]
ftp://82.199.102.210/Soft/internet/Gene6%20FTP%20Server/Plugins%20&%20Scripts/%5BPlugin%5D%20g6_maintenance/g6_maintenance.dll
WS.Reputation.1

https://www.virustotal.com/file/441ce34cde24facd64a65c262ae475109575fa76119cbfa628392912feed5041/analysis/1336390788/



Code: [Select]
ftp://82.199.102.210/Soft/internet/Gene6%20FTP%20Server/Pro.v3.10.0.2/lang_ru/languages.sib
Heuristic.BehavesLike.Exploit.JS.CodeExec.O

https://www.virustotal.com/file/0ced649ccd623a2047e3161299064db8f592670e92bacf565ddc92206035aeaa/analysis/1336391459/



Code: [Select]
ftp://82.199.102.210/Soft/internet/Gene6%20FTP%20Server/Utilites/g6utilities-setup.zip
Suspicious File

https://www.virustotal.com/file/d5332701850d4e46687f84c39e81ec5a9bb3e70a0890a87f87ebb9e98cf6814a/analysis/1336391755/



Code: [Select]
ftp://82.199.102.210/Soft/internet/IMMonitor.ICQ.Spy.2.0.WinALL.Regged/icqchecker.exe
DR/MonitorSniffer.E
not-a-virus:Monitor.Win32.MonitorSniffer.e
Spyware.IMMonitor


https://www.virustotal.com/file/2f3965c0e6f001b2d8b7c6ca86307e0cd883ea4590e5bfc8e87752c76b494c9a/analysis/1336391969/



Code: [Select]
ftp://82.199.102.210/Soft/internet/Kerio%20control/V-7.0/2.4%20vityan/Windows%20(X64)/ukaip64.exe
WS.Reputation.1

https://www.virustotal.com/file/fec9fdde86de0928c81695b95a8a31b8556b609cef15079fd49550fd26db6fcc/analysis/1336404238/


Code: [Select]
ftp://82.199.102.210/Soft/internet/P2P/EvID4226Patch.exe
Riskware.Patch.TCPIP!IK
Generic PUP.x!bh
VirTool:Win32/Evidpatch.A


https://www.virustotal.com/file/d700fd837228f49b85bcc1012ae9d550338192d7b3810d0e834e9cf3f4de87ef/analysis/1336405447/



Code: [Select]
ftp://82.199.102.210/Soft/internet/P2P/eMule0.49C/eMule0.47c-Installer.exe
Win32.Luder.a

https://www.virustotal.com/file/81809ad5f19284bed08c11ee7ca7c832007058c192ac6f7b047d6140a7ec080a/analysis/1336405829/


Code: [Select]
ftp://82.199.102.210/Soft/internet/Proxy.Switcher.Pro/Proxy.Switcher.Pro.4.2.0.5101/Proxy%20Switcher.exe
Artemis!E45CEC09941A

https://www.virustotal.com/file/689ad5731f3c1e34aa06da8d053d166fafdb65c3f8e06554bbe9e384e0435538/analysis/1336406769/


Code: [Select]
ftp://82.199.102.210/Soft/internet/Sniff/sniffer%204.1.116/ufasoft_sniffer_4.1.116.exe
Trojan.Win32.Generic.11F0C3ED

https://www.virustotal.com/file/4468c1ef2a7208355a2869e5f04d16336aebaf1e7adf79906936d104af28031f/analysis/1336408009/


Code: [Select]
ftp://82.199.102.210/Soft/internet/USD/Plagins/DepositFilesSKB.plg
Trojan.Agent/Gen-Cryptor[Virut]

https://www.virustotal.com/file/3249efa27021b49fc61f2fce7f9c99cbdc365dc7888dc4cb6b6d2feeed69bfff/analysis/1336408133/


Code: [Select]
ftp://82.199.102.210/Soft/internet/USD/Plagins/LetitbitSKB.plg
Trojan.Agent/Gen-Cryptor[Virut]

https://www.virustotal.com/file/fff092f8b9a006264b3880c5b160bc189c25b635c88d5489fff42f008a75b809/analysis/1336467607/


Code: [Select]
ftp://82.199.102.210/Soft/internet/USD/sborka_blackmanos_13_69.exe
ftp://82.199.102.210/Soft/internet/blackmanos/sborka_blackmanos.exe
ftp://82.199.102.210/Soft/internet/sborka_blackmanos.zip

TR/Agent.ExeScript.F.13
Password-Stealer


https://www.virustotal.com/file/79603a8052671f89674fbe883309520a57e25691aaa887c9e167183b2a077fc4/analysis/1336467651/


Code: [Select]
ftp://82.199.102.210/Soft/internet/USD/Plagins/ShareFlareAB44.plg
PAK_Generic.005

https://www.virustotal.com/file/8b6a55df9d3b4555ebe9ca57c718dc4f8f818e167ce73feb437181f96629d7d8/analysis/1336467950/



Code: [Select]
ftp://82.199.102.210/Soft/internet/blackmanos/update.rar
PAK_Generic.001

https://www.virustotal.com/file/ba6f1a8c0ff2b79240b884f2ae11b08e1432864bba7802c806da21fa20326f3b/analysis/1336468273/


Code: [Select]
ftp://82.199.102.210/Soft/internet/r-Admin/Radmin%203.4%20Full/rserv34en.msi
RemoteAdmin/Win32.RAdmin.gen
PUA.Packed.EXECryptor
not-a-virus:RemoteAdmin.Win32.RAdmin.ic


https://www.virustotal.com/file/e9015f4ebfeda2d74d7fe7e4bde31aba54b647d4fe617468a6fc5526fae4ce0e/analysis/1336468423/


Code: [Select]
ftp://82.199.102.210/Soft/internet/r-Admin/Radmin%203.4%20Full/rserv34ru.msi
RemoteAdmin/Win32.RAdmin.gen
not-a-virus:RemoteAdmin.Win32.RAdmin.ic


https://www.virustotal.com/file/a4a3b93f015de3c9cb6b96b7e88ab90af238159475c7129ccb6eca605116f87c/analysis/1336468987/


Code: [Select]
ftp://82.199.102.210/Soft/internet/r-Admin/V.3.4/keymaker/keymaker.exe
Trojan/JmGenGeneric.ahk
Artemis!56252885EEB2


https://www.virustotal.com/file/7d884f951a31b5fe862040b14721a87fd0c00c0217ecbd12ccdfae7afa2c8d3b/analysis/1336469026/


Code: [Select]
ftp://82.199.102.210/Soft/internet/r-Admin/V.3.4/rserv34.exe
not-a-virus:RemoteAdmin.Win32.RAdmin.ic

https://www.virustotal.com/file/96de1043aea2980ec2f36d4ddb31b68fa1e244cd3c0febf3f632cc1f0f1dd7c8/analysis/1336469319/


Code: [Select]
ftp://82.199.102.210/Soft/internet/utorrent/V/utorrent.exe
Trojan/Win32.Patched.gen

https://www.virustotal.com/file/78e137e8620302243e8b11c136a8fdf0bc3ce96db1969acce5f0241ff4157bd4/analysis/1336469515/


Code: [Select]
ftp://82.199.102.210/Soft/internet/%C0%ED%F2%E8%F1%EF%E0%EC/agtbp.exe
DR/TMAagent.V.55
not-a-virus:WebToolbar.Win32.TMAagent.v
Target Marketing Agent


https://www.virustotal.com/file/5ab8dfee3db443a5979aaf7694c5d6be65462c95b2087acde98003d624d896da/analysis/1336469928/


Code: [Select]
ftp://82.199.102.210/Soft/multimedia/CyberLink%20PowerDVD/CyberLink%20PowerDVD%20Ultra%2011.0.2024.53%20%20+%20Portable%20ML_RUS/CyberLink%20PowerDVD%2011.0.2024.53/Crack/keygen/Keygen.exe
Trojan/win32.agent.gen
possible-Threat.Keygen.Core!IK
HackTool:Win32/Keygen


https://www.virustotal.com/file/52436c4b9f2276768facd1194dbad95622e43bf61b0fa2acca41876efbe5cae2/analysis/1336470265/


Code: [Select]
ftp://82.199.102.210/Soft/multimedia/Tag%20Rename/V.3.5.6/Patch%20v3.x.x%20BRD%20Cult.rar
Trojan.Generic.3853246
HackTool.Patcher.A
a variant of Win32/HackTool.Patcher.T


https://www.virustotal.com/file/d70c88d3c6a21314c0295494f6f88421825505800cb1830485fe77e67696dc55/analysis/1336470678/


Code: [Select]
ftp://82.199.102.210/Soft/multimedia/Tag%20Rename/V.3.5.6/Patch.exe
HackTool.Patcher.A

https://www.virustotal.com/file/c6c88b74b0fc8456b94064f8ea518b60d3101a9b02174287d902d4c74fdd6ecb/analysis/1336470702/


Code: [Select]
ftp://82.199.102.210/Soft/multimedia/UVScreenCamera_4.7.0.102/crack%20UVScreenCamera%204.7.0.102.exe
TR/Dropper.Gen
Mal/Behav-381


https://www.virustotal.com/file/3cf45e3122ea06809bd5df12dc19df7bfbafd34d65140d4611f1cf0331a13d36/analysis/1336471028/


Code: [Select]
ftp://82.199.102.210/Soft/multimedia/UVScreenCamera_4.7.0.102/UVSC_0407_102_setup.exe
Mal/Generic-L

https://www.virustotal.com/file/5d037cf98af9639ef273bc4ef893bb5c380a0b14ef41b2df8260cf40af44932f/analysis/1336471061/


Code: [Select]
ftp://82.199.102.210/Soft/multimedia/%C3%EE%EB%EE%F1%20%F0%F3%F1/SAPI5/Akapella_Alena_22k_Balabolka_v1_26_0_397/Akapella_Alena_22k/03-%C3%E5%ED%E5%F0%E0%F2%EE%F0%20%EB%E8%F6%E5%ED%E7%E8%E9.exe
Trojan/JmGeneric.can

https://www.virustotal.com/file/e3b64fc52a4a3d930b8b5e1eb1748e43c4dccb5e655210028669a70c05cb2ebe/analysis/1336471744/


Code: [Select]
ftp://82.199.102.210/Soft/multimedia/%C3%EE%EB%EE%F1%20%F0%F3%F1/SAPI5/Akapella_Alena_22k_Balabolka_v1_26_0_397/Balabolka_v1_26_0_397/setup.exe
PUA.Packed.ASPack

https://www.virustotal.com/file/e577e5978803bd63d534b713a004767d947c443919dce48e4567e70a5aa36300/analysis/1336471864/


Code: [Select]
ftp://82.199.102.210/Soft/multimedia/%CF%EE%E8%F1%EA%20%E4%F3%E1%EB%E5%E9%20MP3/Audio%20Comparer%20v1.0/Audio%20Comparer%201.0%20Setup.exe
Suspicion: unknown virus
Win32.SusComPack.c


https://www.virustotal.com/file/b701aa7e598c3eae89f69ddfda11f370a53e8ae3a6a04d61eb016444cf355b8e/analysis/1336471988/


Code: [Select]
ftp://82.199.102.210/Soft/utilits/shadowuser/Crak/keygen.exe
Win-Trojan/Xema.variant
Generic.dx


https://www.virustotal.com/file/17c738aa6997b91e29fe8a64c3fda18994a9f5d0b48466cc5f38e84255fa6251/analysis/1336472266/
Title: Re: Simply New
Post by: GaryDee on May 09, 2012, 05:51:03 pm
Code: [Select]
http://www.crackz.ws/down/48077/RaidenFTPD.v2.4.1236_crack.html
Application.Aseye.AYA

Title: Re: Simply New
Post by: EP_X0FF on May 10, 2012, 04:50:18 am
You have a lot of work to do - cracks site contains hundreds of thousands keygens and hack tools. I guess you will report every one.
Title: Re: Simply New
Post by: GaryDee on May 22, 2012, 04:21:21 pm
Code: [Select]
http://easystatsanalytics.org/counter450.js
Malicious
Title: Re: Simply New
Post by: dlipman on May 22, 2012, 04:48:41 pm
Code: [Select]
http://easystatsanalytics.org/counter450.js
Malicious

You state it is malicious and provide no proof.

The URL and the JavaScript you provided has 0 hits on VT

https://www.virustotal.com/file/d8914bee479943901fa0a0e3174674a06d278543c526b2e223dfcf9c1e02d3d1/analysis/1337704177/

Checking the website itself I could see no malicious activity.  In fact, it is a GoDaddy Parked Web Page.

Title: Re: Simply New
Post by: GaryDee on May 23, 2012, 08:52:44 am
Ask:

Code: [Select]
Denis.Parinov@kaspersky.com
Senior Malware Analyst
Statistical Analysis and Detection Group

He will confirm, as i wont post a copy here.

Cheers
Title: Re: Simply New
Post by: GaryDee on May 24, 2012, 02:28:59 pm
Code: [Select]
http://www.spyprocessdb.com/download.php?m=tool&id=Fix-mint4win-12.exe
Suspicious & Risky
Title: Re: Simply New
Post by: dlipman on May 24, 2012, 02:42:49 pm
Code: [Select]
http://www.spyprocessdb.com/download.php?m=tool&id=Fix-mint4win-12.exe
Suspicious & Risky

Enigma affiliate downloader for SpyHunter.  NOT Malware !!!!

Research before you post crap!
Title: Re: Simply New
Post by: GaryDee on May 24, 2012, 04:52:04 pm
Code: [Select]
http://f8web.net/
Code: [Select]
f8web.net/sites/all/modules/thickbox/thickbox.js
Trojan/JS
Title: Re: Simply New
Post by: GaryDee on May 24, 2012, 05:07:56 pm
Code: [Select]
http://f8web.net/misc/drupal.js
Trojan/Script
Title: Re: Simply New
Post by: john_ on May 24, 2012, 08:41:23 pm
Amazing this topic. Other forums label the topics like this as spam :P
Title: Re: Simply New
Post by: GaryDee on June 05, 2012, 11:00:17 am
Code: [Select]
http://a.installabl3z.com/IC/GPLAppBundler78/38033/0/a460d017-cf2d-45a8-a9ce-bddca5bb83fd/ActionpackSetup.exe
http://install.blamcity.com/installer/download/6447/1426579/1/?lp=http%3A%2F%2Fwww.lookoutsoft.net%2Fdownload.html

not-a-virus:AdWare.Win32.ScreenSaver.e

Title: Re: Simply New
Post by: GaryDee on June 09, 2012, 09:31:10 pm
Code: [Select]
http://www.externe.klmusik.de/safe/software/PantsOff.zipnot-a-virus:PSWTool.Win32.Finder.d

---------------------------------------------------------------------------------------------------------------------

Code: [Select]
http://www.externe.klmusik.de/safe/software/passwordfox.zipnot-a-virus:PSWTool.Win32.NetPass.zm
Title: Re: Simply New
Post by: dlipman on June 09, 2012, 09:55:24 pm
Code: [Select]
http://www.externe.klmusik.de/safe/software/PantsOff.zipnot-a-virus:PSWTool.Win32.Finder.d

---------------------------------------------------------------------------------------------------------------------

Code: [Select]
http://www.externe.klmusik.de/safe/software/passwordfox.zipnot-a-virus:PSWTool.Win32.NetPass.zm

Quote
PasswordFox v1.20
Copyright (c) 2008 - 2010 Nir Sofer
Web site: http://www.nirsoft.net

How about NirSoft or SysInternals PsTools? Will you also post links to them here? :)

Yeah, he did

The other "Simply New", 2004 Simply OLD !   (http://multi-av.thespykiller.co.uk/GIF/doh.gif)

Title: Re: Simply New
Post by: Amishrabbit on June 09, 2012, 10:41:45 pm
Hey mods: Is there a way for me to filter or block posts from GaryDee? His high volume of spammed crap posts of questionable quality really bring the level of this forum way down.

-=A
Title: Re: Simply New
Post by: GaryDee on June 19, 2012, 10:20:46 am
Code: [Select]
fa54e697e77eb97d106bb65f1319b8aa
https://www.virustotal.com/file/58a078c296d9abbded64dc006c1ea775a056aa7f9ce1a0257892e2d5a14b503d/analysis/1340099635/

Cheers
Title: Re: Simply New
Post by: dlipman on June 19, 2012, 10:45:11 am
Code: [Select]
fa54e697e77eb97d106bb65f1319b8aa
https://www.virustotal.com/file/58a078c296d9abbded64dc006c1ea775a056aa7f9ce1a0257892e2d5a14b503d/analysis/1340099635/

Cheers

(http://multi-av.thespykiller.co.uk/GIF/doh.gif)             (http://multi-av.thespykiller.co.uk/GIF/7.gif)
Title: Re: Simply New
Post by: GaryDee on June 25, 2012, 07:28:07 pm
Code: [Select]
fa54e697e77eb97d106bb65f1319b8aa
https://www.virustotal.com/file/58a078c296d9abbded64dc006c1ea775a056aa7f9ce1a0257892e2d5a14b503d/analysis/1340099635/

Cheers

(http://multi-av.thespykiller.co.uk/GIF/doh.gif)             (http://multi-av.thespykiller.co.uk/GIF/7.gif)

I meanwhile guess that there is a sort of hate towards KASPERSKY, otherwise THE VIEW or OUTLOOK could be better, in the strange world of Malicious CODE however: CHEERS anyway  8)

http://www.google.de/#hl=de&sclient=psy-ab&q=%22hate+kaspersky%22&oq=%22hate+kaspersky%22&aq=f&aqi=g-K1&aql=&gs_l=hp.3..0i30.4852.7563.1.8167.2.2.0.0.0.0.148.289.0j2.2.0...0.0.7OQC3sdPhNY&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.,cf.osb&fp=a052f1b0d496c73e&biw=1600&bih=730

http://www.google.de/#hl=de&sclient=psy-ab&q=%22love+Kaspersky%22&oq=%22love+Kaspersky%22&aq=f&aqi=g-K3g-bK1&aql=&gs_l=hp.3..0i30l3j0i8i30.1713.8155.0.8673.16.16.0.0.0.1.1039.4660.0j8j4j1j2j7-1.16.0...0.0.jovS8UjyP70&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.,cf.osb&fp=a052f1b0d496c73e&biw=1600&bih=730

The shots are included ;)
Title: Re: Simply New
Post by: GaryDee on October 22, 2013, 12:24:06 pm
NEW Malware
Exploit.JS.Pdfka.gki
https://www.virustotal.com/de/file/e2026bb8497daeb6f507c3919b0e7e5b1d9867a51a1d5ae5ca863cef8303b77a/analysis/
Title: Re: Simply New
Post by: GaryDee on October 27, 2013, 03:14:29 pm
NEW Malware
Trojan-Downloader.JS.Iframe.ddp
Code: [Select]
FOLLOWING LINKS ARE INFECTED WITH: Trojan-Downloader.JS.Iframe.ddp
DETECTED: 26.10.2013 11:57:02
DOMAIN: http://www.hoching.com/
https://www.virustotal.com/de/url/6579f19955139d5cebd7bcc9ec5246f51188b82535e9d5e6c6a9a8d01831e041/analysis/
MALICIOUS LINKS:
1)
http://www.hoching.com/college2/kelvin
https://www.virustotal.com/de/url/f1c54b65e60b8fab2fc5187bd910e2349de2beceb5c280ec13e63b71ad9ded27/analysis/1382782527/
https://www.virustotal.com/de/file/0655213edddb136c9f306576a8d089295b71151c605ddd8b27638aca3b2ceb1b/analysis/1382782200/
2)
http://hoching.com/about/index.html
https://www.virustotal.com/de/url/1739a7864f74d98de9bfa21fa947ad2d43494fec0cbb9b0c4ec6f6a4be6ab26b/analysis/1382783425/
https://www.virustotal.com/de/file/fe4c9408901e188503b3d7382c6ee53767746a9cd659bd08a6fb07cfe5a0504c/analysis/1382783051/
3)
http://hoching.com/hba
https://www.virustotal.com/de/url/97d2194c8f13ba3a1b76720619a3ee7291eb3556509f898173a4a51c476c424c/analysis/1382783499/
https://www.virustotal.com/de/file/95d064adeb8f681d8d51ae700db4f79c817667664f2b70235cd44f5c62ae3e12/analysis/1382783345/
4)
http://hoching.com/lbs
https://www.virustotal.com/de/url/55768d643da58315673463ae5cf48e68ab5e3811574419327b6146f74cda1806/analysis/1382783584/
https://www.virustotal.com/de/file/11520906bace69f2fb9d3b200a63c38879480fd612dff46703debb12d2dc8cd9/analysis/1382783254/
5)
http://hoching.com/events
https://www.virustotal.com/de/url/98901a90e81fb0421e24c10e992c9dff7085d77aa18c2848bcd266ce6d06a4ee/analysis/1382783697/
https://www.virustotal.com/de/file/fd0efad809c28014fbf003f3d778c10ed1c0411831c3ae91b4fcaa2068458278/analysis/1382783191/
6)
http://hoching.com/college2
https://www.virustotal.com/de/url/841e7a354acb1e520ac3aae7ebbb3f5e75515bfd9fef3ec7f84ab5633a180547/analysis/1382783773/
https://www.virustotal.com/de/file/7ada58829a79bca7eed8802e2f6c9b49cbc0b130cf9766f8af4af17aba3d58fb/analysis/1382783037/
7)
http://hoching.com/menand
https://www.virustotal.com/de/url/8349d3ccdbfe834edb1e4101d99d57ae2aa6299b9c6f2b61fceed46938211c09/analysis/1382783840/
https://www.virustotal.com/de/file/5fffbc7ec1fbde6c577d15ae52a77566e2ce1045d19ed1e6ad6080914d1f5c29/analysis/1382783036/

Code: [Select]
SCREENSHOT WITH OTHER INFECTED LINKS OF THIS DOMAIN
http://s1.directupload.net/file/d/3422/ld62kkqq_jpg.htm
Title: Re: Simply New
Post by: GaryDee on October 27, 2013, 03:19:35 pm
NEW MALWARE
Exploit.JS.Agent.bnu
Code: [Select]
INFECTED: Exploit.JS.Agent.bnu
DETECTED: 27/10/2013 12:08:38
http://eldesaparecido.com/
https://www.virustotal.com/de/url/ce814952fec77330b39e4add2909f5059ca81b14d5c66fbbe45ac859716ff5d5/analysis/
Exploit.JS.Agent.bnu
https://www.virustotal.com/de/file/daae88a57cb1b8287d64bbf884a81ac7112b60f0e37d17b4dd3bcc460ef30304/analysis/
--->
http://lanotfo.com/
https://www.virustotal.com/de/url/6ff7f2d41dd24b4613f5c7f2ddf8045fb0cf966e530535a171dc971168a03bdb/analysis/
http://lanotfo.com/exit.php
https://www.virustotal.com/de/url/418aefb901fd9cef797a1419bd4c3b82f15eab2e5fac9688998f3ce1cee83775/analysis/
ALSO INVOLVED:
http://www.sosvirus.net/
https://www.virustotal.com/de/url/7a4a2c4a418aa42a51e12eba041ea7030920505f0a42c06ff444a271892a48b7/analysis/
**************************
ADDITIONALLY:
IP OF eldesaparecido.com:
213.186.33.19 (FRANCE)
https://www.virustotal.com/de/url/b782c657efca3b3d94fd66245d617b01113f6698a43fd8c1639a13ec1dabc07e/analysis/1382876571/
290.052 appearances in Spam e-mails or Spam post urls
https://www.projecthoneypot.org/ip_213.186.33.19
**************************
http://urlquery.net/report.php?id=7208759
http://urlquery.net/report.php?id=6957455
http://www.urlvoid.com/scan/eldesaparecido.com/
http://app.webinspector.com/public/reports/18080173
http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=eldesaparecido.com
http://wepawet.iseclab.org/view.php?hash=21f73f8039583c5e592eafbd4a25af9a&t=1382007486&type=js
http://www.avgthreatlabs.com/website-safety-reports/domain/eldesaparecido.com/domain-search-widget/www.avg.com.au/
Title: Re: Simply New
Post by: GaryDee on October 29, 2013, 01:16:20 pm
NEW MALWARE:
Trojan.JS.Agent.cbn
INFECTED: Neutrino Exploit Kit Clicker.php
DETECTED: 29.10.2013 11:19:51
Code: [Select]
http://pupolandia.com/
https://www.virustotal.com/de/url/d7d38d1d1c9e1b46ed3419aa600ee6a1c09e9d9db78066885354396180278573/analysis/1383042127/
Trojan.JS.Agent.cbn
https://www.virustotal.com/de/file/04709c9b47e8c25cd64344de8fa4f6791033f385982dc0414e87546d35ee552d/analysis/1383042593/
http://urlquery.net/report.php?id=7271925
--->
http://hr.oncallinteractive.com/clicker.php
https://www.virustotal.com/de/url/080a03e550781f13f2d8a8899efa3e10c116ad2a99110f5fa6178add9eff4b7a/analysis/1383042778/
http://urlquery.net/report.php?id=7272125
https://www.virustotal.com/de/url/fb48ce1a6989c6bd01b55403e9dd7ab191c70dac424dc2eaf0ef1cb3188cdc6c/analysis/
Title: Re: Simply New
Post by: GaryDee on October 30, 2013, 07:37:45 am
NEW MALWARE:
Trojan-Downloader.JS.Iframe.dfe
Code: [Select]
INFECTED: HEUR:Trojan.Script.Generic
DETECTED: 26.10.2013 10:54:29
http://sbrpuram.com/
https://www.virustotal.com/de/url/8d61467e659879506cd205756d82060ae9d1532d402ced1010c4124c30cf6d2b/analysis/1383084583/
Trojan-Downloader.JS.Iframe.dfe
https://www.virustotal.com/de/file/aee6a2257108cd8c13ec9f95f7aef34486df6228bd79ea530b33aa698ac5863b/analysis/1383084826/
http://urlquery.net/report.php?id=7288052
--->
http://www.hiruzta.com/hispatek/YPwgqRNk.php
https://www.virustotal.com/de/url/4eb08b4a0d2abb56d2cc5ec56f75187cccc6d338cd3c3715187112f9203e905a/analysis/1383085160/
http://www.hiruzta.com/
https://www.virustotal.com/de/url/82893ed4471c4875ff0bc9e88b0e635c042f2887d107a905b5c01518485ce94a/analysis/1383085169/
http://sbrpuram.com/images/injection_graph.css
https://www.virustotal.com/de/url/9f95b981cf4339858d4b6b1a13507a570d51ef7048ca59dfdf17809737e1dd57/analysis/1383085435/
Title: Re: Simply New
Post by: GaryDee on October 30, 2013, 05:03:42 pm
NEW MALWARE:
Trojan.JS.Iframe.aes
Code: [Select]
INFECTED: Trojan.JS.Iframe.aes
DETECTED: 26.10.2013 10:57:00
http://www.energomania.ru/
https://www.virustotal.com/de/url/161b698c67604bfda5918229705aeb17fa2bc87185ffee419901afa398ab23d8/analysis/1383149133/
Trojan.JS.Iframe.aes
https://www.virustotal.com/de/file/76f7933efdb9f099a25e24a8485594e0dab29a13fbf9288e439ce63c1caec505/analysis/1383149230/
http://urlquery.net/report.php?id=7312334
--->
http://www.energomania.ru/js/main.js
https://www.virustotal.com/de/url/7f09c3bb3284bd6910f50e2a3ecb1c481c772bc091456f10196f0c2014940eeb/analysis/1383149955/
https://www.virustotal.com/de/file/d87de09b59c5c8f9beed9dbe4f2027c78199a70fda4e8aa2c459707df5d6e9b7/analysis/1383149959/
---->
http://www.energomania.ru/js/main_01.js
https://www.virustotal.com/de/url/fd9bd805291a43b8bf7a3822819f79ef65fe04bd90fabb60d6a59a5c9b095961/analysis/1383150097/
https://www.virustotal.com/de/file/f53099c04addc2f0615a87d4770cdb78b64a237a843224a7ef80f366716d11e8/analysis/1383150099/
----->
about:blank
------>
http://www.pufuqa.toh.info/openstat/appropriate/bound-side-load_odds.php
https://www.virustotal.com/de/url/d044119398ac6006e3e1dbcf8d622d9cd051437e99ec3983a5efbe9bbec1a734/analysis/1383150211/
**********************************************************************
http://wepawet.iseclab.org/domain.php?hash=b6f32d36ea9bdb438868300a5ed8310c&type=js
Title: Re: Simply New
Post by: GaryDee on October 31, 2013, 04:37:17 pm
NEW MALWARE:
Trojan-Downloader.JS.Iframe.dfe
Code: [Select]
INFECTED: Trojan-Downloader.JS.Iframe.dfe
DETECTED: 30.10.2013 11:06:10
http://balochrise.com/
https://www.virustotal.com/de/url/4c95e3a04610b12760e136dcc810cedffb4c1ee792fe022b264d3d74bf0376b3/analysis/1383235887/
Trojan-Downloader.JS.Iframe.dfe
https://www.virustotal.com/de/file/30e5c0824113af3038b19e5adea7e46e8e9b6a1394ae6e310c0f4fec353631e8/analysis/1383236194/
http://urlquery.net/report.php?id=7352187
--->
about:blank
---->
http://ezahrada.sk/js/rel.php
https://www.virustotal.com/de/url/a68c6678c6c33c7182c43f2ac6026510fa938f90424b5960f33841ac76d68dec/analysis/1383236765/
----->
http://localhost/
ALSO:
http://balochrise.com/home.html
https://www.virustotal.com/de/url/b7c8366ba2b9a4f72abc28e127d4f3f7f99095318e11de81804ec84f84137b98/analysis/
JS:Trojan.JS.Iframe.DL
https://www.virustotal.com/de/file/70323b930cc51516abcd0ef76d3a80a018a4043b646af876e168bba7d51f7395/analysis/1383236935/
Title: Re: Simply New
Post by: GaryDee on December 09, 2013, 07:58:01 pm
New Malicious Code:
Trojan-Spy.HTML.Fraud.iz
Code: [Select]
MALWARE: Trojan-Spy.HTML.Fraud.iz
http://escrituras.com/
https://www.virustotal.com/de/url/023bdad1bf212b69fc38f942d94a10605e3586e9c13bae9fab12eef580d48f62/analysis/1386595660/
Trojan-Spy.HTML.Fraud.iz
https://www.virustotal.com/de/file/e5a2cf61957340d4e0f991a6df9819636110d687856eae56c54d88ec6b21b86d/analysis/
IP: 200.98.247.12
https://www.virustotal.com/de/url/08f6a35041572c517d0f37b678212f07fd393105cb12a6cb0193b7897e23b2cb/analysis/1386596265/
https://www.virustotal.com/de/ip-address/200.98.247.12/information/
--->
http://mensagens.host.uol.com.br/
https://www.virustotal.com/de/url/023f4a8bdd186e4454df21696a38c99557b7ea48c2f88af4cd87965a6723b1d1/analysis/1386596045/
http://mensagens.host.uol.com.br/aviso/aviso_compartilhado.html
https://www.virustotal.com/de/url/c2509e06f5edb12d74aa3f1f50eb0774fc2d113246a96e824eaf4d6e08e58cef/analysis/1386596036/
IP: 200.98.199.177
https://www.virustotal.com/de/url/f5d0fadaea1a2477c78d88e32a3c47f3ee1088ad986960bbefd88f6af44336bc/analysis/1386596399/
https://www.virustotal.com/de/ip-address/200.98.199.177/information/