Author Topic: daily something...... (Read 859104 times)

techhelplist.com · March 26, 2015, 02:37:05 pm

encrypted dyreza binaries for upatre to download

46.160.125.167/p2603us11.pdf
91.194.239.126/p2603us11.pdf
93.123.40.17/p2603us11.pdf
134.249.63.46/p2603us11.pdf
194.28.191.218/p2603us11.pdf
195.3.157.218/p2603us11.pdf
46.160.125.167/2603uk12.pdf
91.194.239.126/2603uk12.pdf
93.123.40.17/2603uk12.pdf
134.249.63.46/2603uk12.pdf
194.28.191.218/2603uk12.pdf
195.3.157.218/2603uk12.pdf

trapwot fake-av malware downloads (get params can change, use an IE user-agent)

liveoakresort.com/document.php?rnd=2211&id=9393939393
www.royalemanagement.com/document.php?rnd=2211&id=9393939393
carina-paris-hotel.com/document.php?rnd=2211&id=9393939393

techhelplist.com · March 27, 2015, 10:58:29 am

dridex botnet 125 malware downloads

pi2dancz.cba.pl/ford/445.exe
w47e4q423.homepage.t-online.de/joshua/74.exe
boysclub.web.fc2.com/mono/11.exe
stream1.sexrura.pl/rtd/43.exe

techhelplist.com · March 31, 2015, 03:02:40 pm

dridex downloads

botnet 120:
185.39.149.21/jsaxo8u/g39b2cx.exe
31.41.45.197/jsaxo8u/g39b2cx.exe
185.91.175.64/jsaxo8u/g39b2cx.exe
93.26.217.203/jsaxo8u/g39b2cx.exe
193.26.217.203/jsaxo8u/g39b2cx.exe

botnet 125:
www.geocult.it/54/78.exe
xianshabuchang.com/54/78.exe

techhelplist.com · April 01, 2015, 04:43:26 am

upatre malware downloads, left active for over 8 hours by logmein / cubby.

https://www.cubbyusercontent.com/pl/RYR5601763.zip/_33cdead4ebfe45179a32ee175b49c399
https://www.cubbyusercontent.com/pl/RYR3056967.zip/_de159fbeaefc42d9906a863782b21395

Author Topic: daily something...... (Read 859104 times)

techhelplist.com

Re: daily something......

techhelplist.com

Re: daily something......

techhelplist.com

Re: daily something......

techhelplist.com

Re: daily something......