Malware Domain List

Malware Related => Malicious Domains => Topic started by: sowhat-x on October 29, 2007, 05:20:58 pm

Title: ee.souxse.cn
Post by: sowhat-x on October 29, 2007, 05:20:58 pm
Quote
hxxp://ee.souxse.cn/l/dh.exe
hxxp://ee.souxse.cn/l/dh3.exe
hxxp://ee.souxse.cn/l/wd.exe
hxxp://ee.souxse.cn/l/mh.exe
hxxp://ee.souxse.cn/l/zt.exe
hxxp://ee.souxse.cn/l/jh.exe
hxxp://ee.souxse.cn/l/my.exe
hxxp://ee.souxse.cn/l/qj.exe
hxxp://ee.souxse.cn/l/qq.exe
hxxp://ee.souxse.cn/l/dj.exe
hxxp://ee.souxse.cn/l/0.exe
hxxp://ee.souxse.cn/l/1.exe

Malware for free...that's a really evil domain >:(
Title: Re: ee.souxse.cn
Post by: sowhat-x on October 29, 2007, 05:46:18 pm
Plus more stuff from our "friends" above...

Quote
hxxp://ee.souxse.cn/down8.Exe
Title: Re: ee.souxse.cn
Post by: JohnC on October 29, 2007, 07:39:38 pm
This will be in the list soon thanks.
Title: Re: ee.souxse.cn
Post by: tjs on November 12, 2007, 12:35:25 am
More active malware observed. Looks like the souxse downloaders hit this site for a list:
Quote
hxxp://www.souxse.cn/xuik.txt

11/11/07 @ 4.36pm:

Quote
hxxp://ee.souxse.cn/l/dh.exe
hxxp://ee.souxse.cn/l/dh3.exe
hxxp://ee.souxse.cn/l/wd.exe
hxxp://ee.souxse.cn/l/mh.exe
hxxp://ee.souxse.cn/l/zt.exe
hxxp://ee.souxse.cn/l/tl.exe
hxxp://ee.souxse.cn/l/qqhx.exe
hxxp://ee.souxse.cn/l/sf.exe
hxxp://ee.souxse.cn/l/wow.exe
hxxp://ee.souxse.cn/l/jh.exe
hxxp://ee.souxse.cn/l/my.exe
hxxp://ee.souxse.cn/l/qj.exe
hxxp://ee.souxse.cn/l/wm.exe
hxxp://ee.souxse.cn/l/qq.exe
hxxp://ee.souxse.cn/l/qq3g.exe
hxxp://ee.souxse.cn/l/zx.exe
hxxp://ee.souxse.cn/l/wl.exe
hxxp://ee.souxse.cn/l/cq.exe
hxxp://ee.souxse.cn/l/jr.exe
hxxp://ee.souxse.cn/l/dj.exe
hxxp://ee.souxse.cn/l/0.exe
hxxp://ee.souxse.cn/l/1.exe
hxxp://ee.souxse.cn/l/2.exe
hxxp://ee.souxse.cn/l/3.exe
hxxp://ee.souxse.cn/l/4.exe
hxxp://ee.souxse.cn/l/5.exe
hxxp://ee.souxse.cn/l/6.exe
hxxp://ee.souxse.cn/l/7.exe
hxxp://ee.souxse.cn/l/8.exe
hxxp://ee.souxse.cn/l/9.exe
hxxp://ee.souxse.cn/l/10.exe

-tjs
Title: Re: ee.souxse.cn
Post by: sowhat-x on November 12, 2007, 07:25:07 am
...he-he,nice work there...I had also came across this list,
but at that moment,these samples weren't accessible...
seems like these guys make their stuff unavailable on occasion,
playing "hide and seek" or so...