Malware Related > BIGNESS - AS49093

AS49093

(1/1)

Malware-Web-Threats:
IP for exploits

work with

/s/in.cgi?3&ab_iframe=0&ab_badtraffic=0&ab_trash=1&antibot_hash=bot


--- Code: ---bfivuzop.cn
cazkafuq.cn
cqodezuz.cn
dhoqoyal.cn
jagbibiv.cn
kgapofef.cn
khumemit.cn
nfovidab.cn
qtorifik.cn
qmesanic.cn
rjilegiv.cn
sjimilah.cn
ssesodoq.cn
vkodewol.cn
wjaxoxeh.cn
zekxowiv.cn
zyejanag.cn

--- End code ---

Trojan Tedroo (Spammer)

--- Code: ---bzefowum.cn/de/
bzefowum.cn/de/evenLooksBelief.pdf
bzefowum.cn/de/oldEven.swf
bzefowum.cn/de/update.php
bzefowum.cn/de/update.exe
bzefowum.cn/de/admin.php (liberty control panel)

--- End code ---

Wepawet
ThreatExpert

VirusTotal: 10/41 (24.39%)

SysAdMini:
This network is really interesting and we should keep an eye on it.
We have seen exploit kits like Fragus, Liberty and LuckySploit at this net in the last weeks.

http://www.malwaredomainlist.com/mdl.php?inactive=on&sort=Date&search=49093&colsearch=ASN&ascordesc=DESC&quantity=All&page=0

The registrant Steven Lucas and the fact, that this company is located in St.Petersburg,
makes it even more interesting.

Let's open a dedicated board for urls from this AS.

CkreM:
maybe add a new child board for it?

CkreM:
there are many domains on the IP range with a default blog page(wordpress) in russian

cleanmx:
follow up these

http://support.clean-mx.de/clean-mx/viruses.php?as=AS49093&response=alive

Navigation

[0] Message Index