Author Topic: Malicious Domains by Lelenina  (Read 82925 times)

0 Members and 1 Guest are viewing this topic.

October 17, 2010, 08:20:11 pm
Reply #165

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://pihrbu.net.in/scaner/?id=02915
Fake scanner page
Code: [Select]
http://pihrbu.net.in/get.php?id=02915
Fake AV

October 18, 2010, 03:26:03 am
Reply #166

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://zgggrusd.ru/wint2
Redirects to fake scanner page

October 19, 2010, 03:41:37 am
Reply #167

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://updatenews.cz.cc/firefox-updates/
Fake Firefox update
Code: [Select]
http://updatenews.cz.cc/firefox-updates/ff_secure_upd.exe
Fake AV
Code: [Select]
http://binertug.com/2ajimifr1.php?s=IBBGA
Exploit kit

October 19, 2010, 11:22:01 pm
Reply #168

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://bentrolmy.com/3d8h6j60fll.php?s=IBBGA
Exploit kit

October 21, 2010, 03:58:05 am
Reply #169

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://djdbttb.co.cc/red.php
Iframe directs to exploit kit
Code: [Select]
http://broundfal.com/dm3rgu.php?s=IBBKB
Exploit kit

October 21, 2010, 08:33:53 pm
Reply #170

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://4frank.cz.cc/c/enasfmdtiwjwkujm1.php
Exploit kit

October 21, 2010, 11:44:23 pm
Reply #171

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://curtyacupt.com/mytds/go.php?s=32
Redirects to fake scanner page

October 22, 2010, 06:58:45 pm
Reply #172

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://myutilitom.com/eoiouo8aa781io/kwgmctgvjrfmcqy.php
Exploit kit

October 22, 2010, 09:17:08 pm
Reply #173

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://webvideocentral.net/xplays.php?id=45031
Directs to trojan
Code: [Select]
http://fileplatz.com/video-plugin.45031.exe
Trojan
Code: [Select]
http://ymedonesalykura.cjb.com/land/maindirectory/adobeflashplayerv10.0.32.20.exe
Trojan
Code: [Select]
http://190.162.24.18:11066/index.html?u=406&t=1
Fake scanner page

October 22, 2010, 09:23:09 pm
Reply #174

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://sungbyuk.com/51ba0qq5x.php?s=IBBGA
Exploit kit

October 23, 2010, 11:56:45 pm
Reply #175

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://bestrecie.com/bjzlmpc779rh.php?s=IBBKB
Exploit kit
Code: [Select]
http://bestrecie.com/yocraqywyoyqe.pdf
http://bestrecie.com/yudrevgpeukrini.pdf
http://bestrecie.com/fpdletxubniuewd.pdf
http://bestrecie.com/crknxwbocphwctf.pdf
Pdf exploits

October 24, 2010, 06:30:03 am
Reply #176

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://vitaminki.co.cc/
If referrer is google, iframe directs to exploit kit.
Code: [Select]
http://yourqare.com/anawa8h8.php?s=IBBKB
Exploit kit

October 27, 2010, 03:40:37 am
Reply #177

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://lampasit.com/dx.php?i=91e33396-775d-4b95-81ce-c5084c00a332&a=1091409010&f=0
Tdss

October 29, 2010, 11:28:10 pm
Reply #178

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://availableused.co.cc/red.php
Redirects to exploit kit

October 31, 2010, 12:44:09 am
Reply #179

lelenina

  • Sr. Member

  • Offline
  • ****

  • 239
Code: [Select]
http://whitesquarecube.com/1/gqitgzjqhlfph.pdf
http://ujsoltfinl.com/xwgzjmgwyvht.pdf
Pdf exploits
These pdf files are encrypted.  Can Malzilla be used to find the URLS of the payloads they download?  If not, how can the URLS be found?