Author Topic: Fragus exploit pack  (Read 25180 times)

0 Members and 1 Guest are viewing this topic.

September 13, 2009, 06:02:09 pm
Reply #15

danielch1

  • Special Access
  • Newbie

  • Offline
  • *

  • 4
user:
admin
password:
adminadmin

September 13, 2009, 09:21:50 pm
Reply #16

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Code: [Select]
gat77.biz/peg/show.php?s=75dbfbfc1f
gat77.biz/iloprsvxy.ipg
gat77.biz/dost.pdf
gat77.biz/manual.swf
gat77.biz/peg/aeq2.exe
gat77.biz/peg/bghprwz5.exe
gat77.biz/peg/admin.php (control panel)
Wepawet
VirusTotal - 3/41 (7.32%)

September 14, 2009, 09:49:33 am
Reply #17

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Exploits:
Code: [Select]
fot77.biz/peg/show.php?s=ccc648c6ef
fot77.biz/peg/ckz.pdf
fot77.biz/peg/manual.swf

Trojan:
Code: [Select]
fot77.biz/peg/abdehinw3.exe
fot77.biz/peg/aklpqty2.exe
fot77.biz/peg/bcginru3.exe
fot77.biz/peg/ehity3.exe
fot77.biz/peg/ehlpquvyz3.exe
fot77.biz/peg/hiuvz5.exe
fot77.biz/peg/kmsw3.exe
fot77.biz/peg/luxy3.exe

Control Panel:
Code: [Select]
fot77.biz/peg/admin.php

Wepawet
VirusTotal - 2/41 (4.88%)

File size: 32768 bytes
MD5: 051ae824e14a68e0c8c77c18ebd6d557

McAfee-GW-Edition: Heuristic.LooksLike.Worm.Bezopi.B
Rising: Unknown Win32 Virus

September 14, 2009, 09:55:03 pm
Reply #18

CkreM

  • Special Access
  • Hero Member

  • Offline
  • *

  • 567
Few Fragus exploit kit links:

Code: [Select]
kilogid2.biz/pol/admin.php
kilogid2.biz/pol/show.php
kilogid2.biz/pol/manual.swf
kilogid2.biz/pol/pdf.pdf
kilogid2.biz/pol/load.php?e=2

Code: [Select]
ledyzpizdik.cn/admin.php
ledyzpizdik.cn/show.php
ledyzpizdik.cn/manual.swf
ledyzpizdik.cn/pdf.pdf
ledyzpizdik.cn/load.php?e=2

Code: [Select]
domain25.net/index/admin.php
domain25.net/index/show.php
domain25.net/index/manual.swf
domain25.net/index/pdf.pdf
domain25.net/index/load.php?e=2
Mal-Aware

September 14, 2009, 11:30:04 pm
Reply #19

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Exploits
Code: [Select]
fit77.biz/peg/show.php?s=75dbfbfc1f
fit77.biz/peg/show.php?s=ccc648c6ef
fit77.biz/peg/manual.swf

Trojan
Code: [Select]
fit77.biz/peg/bcemqrv3.exe
fit77.biz/peg/cdnw3.exe
fit77.biz/peg/clpvx3.exe
fit77.biz/peg/degoqrz5.exe
fit77.biz/peg/efginopy2.exe
fit77.biz/peg/eikmnpuv3.exe
fit77.biz/peg/gilo3.exe
fit77.biz/peg/hiks3.exe

Control Panel:
Code: [Select]
fit77.biz/peg/admin.php

Wepawet
VirusTotal - 4/41 (9.76%)

a-squared: Worm.Win32.Bezopi!IK
Ikarus: Worm.Win32.Bezopi
Microsoft: VirTool:Win32/Obfuscator.GP
Rising: Unknown Win32 Virus

October 10, 2009, 02:19:47 pm
Reply #20

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Code: [Select]
justpaythis.cn/frag/news.php?s=3b7e95ce5d
justpaythis.cn/frag/manual.swf
justpaythis.cn/frag/ipsz.pdf
justpaythis.cn/frag/sdfg.jar
justpaythis.cn/frag/click.php?r=
justpaythis.cn/frag/afhnwy2.exe
justpaythis.cn/frag/bimnuz2.exe
justpaythis.cn/frag/binwx2.exe
justpaythis.cn/frag/dhjku2.exe
justpaythis.cn/frag/efksvw7.exe
justpaythis.cn/frag/ejkx2.exe
justpaythis.cn/frag/nqtx2.exe
justpaythis.cn/frag/sdgsg5.exe
http://wepawet.iseclab.org/view.php?hash=4ae087e346a324548d108e4e5e9594d3&t=1255079289&type=js

October 12, 2009, 11:00:03 pm
Reply #21

CkreM

  • Special Access
  • Hero Member

  • Offline
  • *

  • 567
Fragus:
Code: [Select]
soft-bumbum.biz/cat/news.php?s=24e79fe4f2http://wepawet.iseclab.org/view.php?hash=f7e140053ef8f27aaa8cf876a2406bdb&t=1255387491&type=js
PDF:
Code: [Select]
soft-bumbum.biz/cat/ijlpuy.pdf
soft-bumbum.biz/cat/gnpsz.pdf
Flash:
Code: [Select]
soft-bumbum.biz/cat/manual.swfjava exploit?:
Code: [Select]
soft-bumbum.biz/cat/sdfg.jarhttp://www.virustotal.com/analisis/eb4f3bd460824c701f3a99463a16e4307f5a4c111f1dc610d26db82d6436f842-1255387420


also redirects to:
Code: [Select]
yoriksli.net?uid=176&pid=3&ttl=9194f502492which redirects to fake AV at:
Code: [Select]
scan-localzone.com/?p=WKmimHVlb2%2BHjsbIo22EhHV8ipnVbWeMnNah2qeMoIHT0NqnWJaimHWWl3%2BnU9janW1mZWtsymKSYmSfX4nX15Krp6mih9esb2VraW1ncHCUY5SMlJNq
Mal-Aware

October 13, 2009, 09:37:23 pm
Reply #22

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Code: [Select]
blogkz.cn/news.php?s=326356cda1
blogkz.cn/dhmy.pdf
blogkz.cn/manual.swf
blogkz.cn/sdfg.jar
blogkz.cn/dshdsgfh4.exe
blogkz.cn/aekoz2.exe
blogkz.cn/bglm2.exe
blogkz.cn/cfhjz2.exe
blogkz.cn/dfnpw2.exe
blogkz.cn/dghkr7.exe
blogkz.cn/djtu2.exe
blogkz.cn/fpsy2.exe
blogkz.cn/sdgsg5.exe
blogkz.cn/file.exe

Code: [Select]
privetmedved.cn/news.php?s=326356cda1
privetmedved.cn/click.php?r=
privetmedved.cn/aeikvw2.exe
privetmedved.cn/asuxy2.exe
privetmedved.cn/bgkou2.exe
privetmedved.cn/bgnou7.exe
privetmedved.cn/celtvw2.exe
privetmedved.cn/efjmq2.exe
privetmedved.cn/gjmz2.exe
privetmedved.cn/sdgsg5.exe
privetmedved.cn/file.exe

Code: [Select]
fromads.com/in.cgi?10
Code: [Select]
goople.biz/adv.js/news.php?s=827ac7d108
goople.biz/adv.js/bcelpu.pdf
goople.biz/adv.js/manual.swf
goople.biz/adv.js/sdfg.jar
goople.biz/adv.js/dshdsgfh4.exe
goople.biz/adv.js/amortv2.exe
goople.biz/adv.js/anqrt2.exe
goople.biz/adv.js/aopsy2.exe
goople.biz/adv.js/dghk7.exe
goople.biz/adv.js/dknuv2.exe
goople.biz/adv.js/ikpy2.exe
goople.biz/adv.js/izrd2.exe
goople.biz/adv.js/sdgsg5.exe
goople.biz/adv.js/file.exe
http://wepawet.iseclab.org/view.php?hash=a52840a5c5718667a0fcbe59a547224a&t=1255441903&type=js

October 13, 2009, 09:50:51 pm
Reply #23

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Code: [Select]
qweasdd.net/fragus/pdf.php
qweasdd.net/fragus/load.php
qweasdd.net/fragus/admin.php