Author Topic: New Zeus server (Read 396687 times)

jackberri · February 14, 2010, 09:03:48 am

Code: [Select]

hxxp://200.110.130.210

Code: [Select]

[server2.webelectronica.com.ar]AS18747
Argentina Ifx Networks Argentina S.r.l

Code: [Select]

hxxp://200.110.130.210/manual/server/config.binmd5sum ===> 8beddfc2c32cb96aa99ad74d998dd62c

Code: [Select]

hxxp://200.110.130.210/manual/server/cfg2.binmd5sum ===> 917100fc54d37a52738028ff92bac27e

Code: [Select]

hxxp://200.110.130.210/manual/server/ldr.exemd5sum ===> 480d7f7cc3e0a35d7b7b35a18702c954
http://www.virustotal.com/analisis/f6eee4dd5cc3a168e0884c1e5e613d5e2b335ac00d1fa9d52547e64cba6144d3-1265906214
VT 28/41 (68.29%)

Code: [Select]

hxxp://200.110.130.210/manual/server/funston.exemd5sum ===> 88ad13483267677b6260db72edb72353
http://www.virustotal.com/analisis/59eb78a8720c1399600d9e571f2bd46593d4fb4512e79503de7f4b92e526f7bb-1266137604
VT 11/41 (26.83%)

Code: [Select]

hxxp://200.110.130.210/manual/server/gate.php
Related:

Code: [Select]

hxxp://www.mobilhanger.de

Code: [Select]

[www.grafikundvideo.de]IP: 195.71.123.230
AS6805
Germany - Nordrhein-westfalen - Guetersloh - Franke & Partner Gbr

Lars Franke
Email: post@larsfranke-pro.de

Code: [Select]

hxxp://www.mobilhanger.de/server/config.binmd5sum ===> 917100fc54d37a52738028ff92bac27e

Code: [Select]

hxxp://www.mobilhanger.de/manual/server/cfg2.binmd5sum ===> 917100fc54d37a52738028ff92bac27e

Code: [Select]

hxxp://www.mobilhanger.de/server/funston.exemd5sum ===> 3ce0dc26a669901702afce170b069cbd
http://www.virustotal.com/analisis/7c85ebf846969f8588c660c30cafe7235e8484cdcc65b3c825262228de1b913d-1266135916
VT 11/40 (27.50%)

Code: [Select]

hxxp://www.mobilhanger.de/server/gate.php

jackberri · February 14, 2010, 09:00:10 pm

Code: [Select]

hxxp://pusicat.co.uk61.235.117.87
AS9394
Registered on: 13-Feb-2010
Last updated: 13-Feb-2010

Aulis Karvinen

Code: [Select]

hxxp://pusicat.co.uk/zend/bot.exemd5sum ===> a91d1ca4d2cc793c793ba6e5e2527e4b
http://www.virustotal.com/analisis/9649654708c3896971a85bc93eaaa7a78e38ea3c62ddcad2c5a845f35fa5acdc-1266179494

Code: [Select]

hxxp://pusicat.co.uk/zend/cfg.binmd5sum ===> 5751e6227faa57ace0e7a85e46133206

Code: [Select]

hxxp://pusicat.co.uk/zend/gate.php
Other domains:
axakcom.com
dimi4.com
googleset2.cn
porntakevideo.com
updatewin.cn
webpings.biz
adobecreativesuite4mastercollection.com
shishaloversclub.com

x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x

Code: [Select]

hxxp://27gr.co.tv

Code: [Select]

netnic.com.cn122.115.63.6
AS9803

Code: [Select]

hxxp://27gr.co.tv/1/gol.php

Code: [Select]

hxxp://27gr.co.tv/1/ccc.bin

jackberri · February 17, 2010, 10:34:59 am

Code: [Select]

hxxp://stignita.zapto.org/config.bin
hxxp://stignita.zapto.org/gate.php

jackberri · February 20, 2010, 08:43:07 pm

Code: [Select]

hxxp://repuzer.net.ua/perl/forum/sdram.dmtmd5sum ===> 7f5c9a858ba429e96a656e4428a2e7d1

jackberri · February 26, 2010, 12:16:56 am

Code: [Select]

hxxp://capital-team.net/funtix/cfg.binmd5sum ===> 2e05482a66f2571b0091d9e5c6bc775e

Code: [Select]

hxxp://capital-team.net/funtix/load.exemd5sum ===> 8a46224a96caea3ec00f66ee4c900ea1
http://www.virustotal.com/analisis/2a4b0eff30e6be12ce62d316bce18e144a275e947d07e4aeb2ee84b53b608ed3-1267143152
VT 8/42 (19.05%)

Code: [Select]

hxxp://capital-team.net/funtix/service/serv.php

jackberri · February 26, 2010, 07:09:41 am

Code: [Select]

hxxp://validatestreams.com/daily/help.txtmd5sum ===> 8cfea665a9e4c1e4e8a3ecc4d534cf91

Code: [Select]

hxxp://validatestreams.com/daily/game.exemd5sum ===> 38e9205a9cee4d9b692fd09da005e7d5
http://www.virustotal.com/analisis/b2fcd9c126a5143f07b7b783a7f3536c51cc046d6db44fdd66419cc6fc06ba29-1267168001

jackberri · February 26, 2010, 07:27:05 am

Code: [Select]

hxxp://193.105.0.44/pearchik.binmd5sum ===> 8833e2c7046ff8da33800bc475c1eb31

Code: [Select]

hxxp://193.105.0.44/sentjago.exemd5sum ===> 9ad44247c2e6dec448af2ce05c77ffa4
http://www.virustotal.com/analisis/c7e26dab79a3cd21022de03d8c2fda24e3a36b80cabae5a099621480662954ca-1267168680

Code: [Select]

hxxp://193.105.0.44//cableman.php

jackberri · February 26, 2010, 07:52:52 am

Code: [Select]

hxxp://193.105.0.21/xeruvindus.binmd5sum ===> 9a46015ad97cfaa086548a1199c68aac

Code: [Select]

hxxp://193.105.0.21/ruert78.exemd5sum ===> 42333ae8621dacd5b31af52cf6c1b2a3
http://www.virustotal.com/analisis/786b5006b1a45115d4ca52fd7e13fdaacbe5053b46498ea8b2d498c4559fd2bb-1267170209

Code: [Select]

hxxp://193.105.0.21/asterhoster.php

Code: [Select]

hxxp://193.105.0.83/avatarj.binmd5sum ===> 3092292948a6309945b238964fa55a5c

Code: [Select]

hxxp://193.105.0.83/icqcom.exemd5sum ===> a80ee959b47fddebfa8918e329e720be
http://www.virustotal.com/analisis/7fb0e483fc93ca0ff1996a455d63848d68997938d8723d1d6e06f04275177aa4-1267169774

Code: [Select]

hxxp://193.105.0.83/justinsert.php

jackberri · February 26, 2010, 09:00:49 am

Code: [Select]

hxxp://193.105.0.32/google.binmd5sum ===> 27199ccb14b67e88e76fd2e9c6846b46

Code: [Select]

hxxp://193.105.0.32/flowersis.exemd5sum ===> afe05c6487c31457bbcc984e4b34badb
http://www.virustotal.com/analisis/e7669f524f9d11caee41cb9a82d792f9ea1c86a79ea39e76afbad9c6bba628c4-1267171701
VT 3/41 (7.32%)

Code: [Select]

hxxp://193.105.0.32/gudlive.php

Code: [Select]

hxxp://193.105.0.130/delmara.binmd5sum ===> ecfe79699433bd71f683fee9380667c3

Code: [Select]

hxxp://193.105.0.130/inticlk.exemd5sum ===> 68bf2204459c006d279d710ea8bc1fab
http://www.virustotal.com/analisis/c91159d30ada3b2339c7416975fc7d37290245efd1ea668f8a42defda865f918-1267173707
VT 4/42 (9.53%)

Code: [Select]

hxxp://193.105.0.130/iklrte.php

Code: [Select]

hxxp://193.105.0.94/majorafr.binmd5sum ===> 6b6978944169f93592e846bce7d41de0

Code: [Select]

hxxp://193.105.0.94/axelf.exemd5sum ===> f0e09661589cd8b655e23ad990545cdc
http://www.virustotal.com/analisis/c39683d1ab15d3152d5c232b75c65a4a10c68c2389756230bf0452fb39d99fc1-1267174232
VT 3/42 (7.15%)

Code: [Select]

hxxp://193.105.0.94/dumnberd.php

jackberri · February 26, 2010, 10:47:30 am

Code: [Select]

hxxp://d0ing.net/do.binmd5sum ===> 21f41287a076a00836f02b54846e346c

Code: [Select]

hxxp://d0ing.net/gate.php

Code: [Select]

hxxp://google-statistics-uk.com/Y5v20t6Fdw7t3uT.binmd5sum ===> 170abccdd6f873ef508197d70b1c1a5b

Code: [Select]

hxxp://google-statistics-uk.com/jhtcd6u52nmTGHNQ25MUAym23GSajt2835JMhgsHJ735he.php

jackberri · February 26, 2010, 01:42:22 pm

Code: [Select]

hxxp://updateinfo22.comIP 91.212.41.60
AS29371

Code: [Select]

hxxp://updateinfo22.com/bru/grek4.exemd5sum ===> 94235e51ab70a64d9bc78a1632629e0e
http://www.virustotal.com/analisis/9ac94f75046c98efc0d4e440ca31d903d8ba04a9990ddf5be73ec17eaaed23c1-1267190771

Code: [Select]

hxxp://updateinfo22.com/bru/gate.php
others domains:

Code: [Select]

adjamadja.cn ===> trojan downloader
lusia777.com  ===> exploits

jackberri · February 26, 2010, 03:40:39 pm

Code: [Select]

hxxp://193.105.0.16AS50390
Pavlenko Tetyana Oleksandrivna
t.pavlenko@smilanet.net

Code: [Select]

hxxp://193.105.0.16/pauri.binmd5sum ===> 375dd021123df1333e054a3e2f59b130

Code: [Select]

hxxp://193.105.0.16/chentrer.exemd5sum ===> 3c68f8bfb0a257f36b3a0a9d07070938
http://www.virustotal.com/analisis/1c7ee1ae19a57bc1fdf12f5320b0b46b39b7761717db50ec436438c249f9b417-1267193606
VT 7/42 (16.67%)

Code: [Select]

hxxp://193.105.0.16/annheth.php

jackberri · February 26, 2010, 08:05:02 pm

Code: [Select]

hxxp://p1anka.cn/work777/apple.jpgmd5sum ===> 93a5793a8a1123f9429bf3ae3a085da6

Code: [Select]

hxxp://p1anka.cn/work777/antispy.exemd5sum ===> 1bb1e0a65824a5a0e3741818ebb6d460
http://www.virustotal.com/analisis/1af8426936736f9a469b59e1f26bb6556a52a1c4953ca380551d78ca9443c30d-1267213732
VT 5/42 (11.91%)

Code: [Select]

hxxp://p1anka.cn/work777/loveletter.php
hxxp://b1shop.cn/work777/loveletter.php

Code: [Select]

hxxp://remixta.com/images/thumb08.jpg
md5sum ===> 13e9e0b6bc90fc68415caa4226299648

Code: [Select]

hxxp://avtomoto.limewebs.com/cn/config.bin
md5sum ===> cce37aeaa8adbb6bd569d65c915b78cd

jackberri · February 27, 2010, 11:36:06 am

Code: [Select]

hxxp://115.100.250.82/uk/td.xlsmd5sum ===> 50fcfc540ed3c93ba6d971908820b632

Code: [Select]

hxxp://115.100.250.82/uk/topdevice.exemd5sum ===> 8699872aa974070a4320c830df9a5c05
http://www.virustotal.com/analisis/401ca6914ec1d1199403a44808df6d0a5ec8e4e52264c32dafa1600365b88679-1267270235
VT 12/42 (28.58%)

Code: [Select]

hxxp://115.100.250.82/7tImbTH8HY.php

Code: [Select]

hxxp://megalithrecords.com/store/images/yahoo/config.binmd5sum ===> e0d47091d5000901ae4c0b1e61a44978

Code: [Select]

hxxp://mszone.sytes.net/bnt001/config.binmd5sum ===> 591aa66cb0448f5dc1a331768c9e2f3a

jackberri · February 27, 2010, 04:15:37 pm

Code: [Select]

hxxp://aervrfhu.ru/nhjq/n09230945.aspmd5sum ===> d97421edacd4084ed7c311f3a9aa96f4

Code: [Select]

hxxp://aervrfhu.ru/nhjq/redir.php

Author Topic: New Zeus server (Read 396687 times)

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server

jackberri

Re: New Zeus server