Author Topic: mamj.ru  (Read 3289 times)

0 Members and 1 Guest are viewing this topic.

May 30, 2009, 08:46:05 pm
Read 3289 times

JohnC

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1964
Code: [Select]
mamj.ru/pump/?7e1a6945893126e5bcbe80f8e7dfdf3d

Multiple IPs associated with this domain.

200.171.170.10
210.1.248.252
217.219.20.242
219.148.202.25
220.164.82.72
58.251.56.239





May 30, 2009, 09:05:09 pm
Reply #1

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Wepawet can't handle this one, and it sends Malzilla into an endless 302 loop .... but it's a LuckySploit by the looks of it

Code: [Select]
*****************************************************************
vURL Desktop Edition v0.3.7 Results
Source code for: http://mamj.ru/pump/?7e1a6945893126e5bcbe80f8e7dfdf3d
Server IP: 220.164.82.72 [ 72.82.164.220.broad.ws.yn.dynamic.163data.com.cn ]
 > 58.251.56.239 [ reverse.gdsz.cncnet.net ]
 > 200.171.170.10 [ 200-171-170-10.supernet.com.br ]
 > 210.1.248.252 [ Resolution failed ]
 > 219.148.202.25 [ Resolution failed ]
hpHosts Status: Listed [ Class: EXP ]
MDL Status: Not Listed
PhishTank Status: Not Listed
Scripts: 0
iFrames: 0
via Proxy: TeMerc Internet Countermeasures (US)
Date: 30 May 2009
Time: 21:53:49:53
*****************************************************************
0xKAIuJSPlvnO2UabGOYZKRbGsCRocXlMEVwR271K+vF93gNZPz4oCIbyOVDiEt07gmqHYtSpc1BRoYPqRJJNfHBrnYsPI3ObwRLscAXCf+uGgBwnEOb6o2V5ifRbXZ0x3sb62tXx3dTiDe3Ck0fbR9dsbEuxz7YIXR9xv445egxMWGpVvhyqb7DpmC6UbGIF1QfbDjK7oxtICBMd7fRrOct2T04ZyCAELF5WfRzW7xyX7GROEdDcmeEUI8YqAP1aAyb0JCWLqGgdC/WBWmKWbnodjLXj9ojnTDGKUch7jCCS+dfQqSf9z+JXO5kIe2UFO2XPTHJFHA0bgJa5+qQaDJMxHq2JcpvHOobXaImpCamtyAuqBQObL3CLe4s2DA5bOG3ly6oeBEgc40wA0/VQFB9B+T4pHyipVCjEHOK0Bkpx5uobuV+kudZgmgJ0hpYx3th2sA0WkL2YHanQTyDTIOfqTzwIiiS5r9xcrKkFLIwDIlWQteM3hTdYgv9Jh3fxvEKtfP2/mrsh71CP5m652UA4rx4u1X4fmaEflCT6BU5LDuouZTaBI31wNWcLlUQeOwcGZF69cdj1aW+/n1WHf0B0N9pzMpr+B2yb/40+ng2cCAv2+oAFO8vdyzfniV1gMT665mzsH9W+gWU+FPHTnTiIYlzIsEkrHscXQZZ24SAF8TCOgH4LxjZq/oHMjC7K6pAVs/rsuF+a8wgJScRE1iDooArUnVCF5P4v02Cw6pBdsV5Tw==

Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net