Malware Domain List

Malware Related => Malicious Domains => Topic started by: eoin.miller on October 01, 2009, 04:24:25 pm

Title: sidneyfiles.cn - zeus
Post by: eoin.miller on October 01, 2009, 04:24:25 pm
http://sidneyfiles.ru/photo/rd.php?id=ezA3RDIxRDk1LTc0NjAtNENGQy05MjAwLThGMzQ4MEZGRTBFMn0=&ve=Nzc3LnYuNzc=&h=

Login:
http://sidneyfiles.ru/photo/login.php

Resolves - Non-authoritative answer:
Name:   sidneyfiles.ru
Address: 91.212.220.2

IP Address is listed over on https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist

Looks like infected box calling home to pickup config?
Title: Re: sidneyfiles.cn - zeus
Post by: WIEx on October 02, 2009, 04:37:08 pm
this is not zeus