Author Topic: New Zeus server  (Read 374583 times)

0 Members and 1 Guest are viewing this topic.

January 19, 2011, 08:27:33 pm
Reply #555

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Russian Federation - VLTELECOM-AS VLineTelecom LLC
IP 109.196.142.42
AS39150
ns2.ccatalunya.com
ns1.ccatalunya.com
Registrant/Email Registrant: Olesya Bogolepova/finale@bigmailbox.ru
Code: [Select]
hxxp://ccatalunya.com/gbt/uka.okmd5sum ===> 84732a30cbcdf8b6da798df58ea2d985
Code: [Select]
hxxp://ccatalunya.com/gbt/ang.exemd5sum ===> 65b3341d91451f9e3e2389ba7516b73c
http://www.virustotal.com/file-scan/report.html?id=98f1d38be5b43e495c19a38929ab05194e4e71a16a3953a2fd09476ed4bf291d-1295467503
VT 19/43 42 (45.2%)

IP Location: Moldova - SunCommunications-AS - JV
IP 83.218.223.11
[dt.globnet.md]
AS31204
ns1.beatsbyct.net
ns2.beatsbyct.net
Registrant/Email Registrant: Kirill Sulkhanyants/shea@free-id.ru
Code: [Select]
hxxp://eamba.com/vvx2222x/xxzz2.jpgmd5sum ===> 0e8b36df29149a1b94ff676ac77b7cf9
Code: [Select]
hxxp://eamba.com/vvx2222x/sdfn923kjlfan29iolafsd3.php

January 20, 2011, 12:28:45 pm
Reply #556

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Ukraine - NNCNT route -  NICE-AS Nice LTD
AS49158
Code: [Select]
hxxp://91.212.158.52/z2/config.binmd5sum ===> c1adcbac358bda63b7eae76f24006132
Code: [Select]
hxxp://91.212.158.52/z2/bot.exemd5sum ===> c3152209ac6ceb3b672ec35addfc1296
http://www.virustotal.com/file-scan/report.html?id=92e722b8f507809a5d9e54264ab2ae18c7afd7f3100ec4a1e2358c7e497eed3c-1295526251
VT 9/42 (21.4%)

January 21, 2011, 08:05:27 pm
Reply #557

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Russian Federation - VLTELECOM-AS VLineTelecom LLC
IP 109.196.142.37
AS39150
ns1.glasgosurvine.com 109.196.142.37
ns2.glasgosurvine.com 109.196.142.37
Registrant ID:           QTVMYUB-RU
Registrant/Email Registrant: Landysh F Akhmadullina/snowy@freenetbox.ru
Code: [Select]
hxxp://glasgosurvine.com/scr/pokermd5sum ===> 9c40b1ac7b10f67647ce4f0c17bf4a48
Code: [Select]
hxxp://glasgosurvine.com/scr/poker2md5sum ===> ee64bf068899eaf76d439fa0a639cb61

IP Location: Ukraine - VLTELECOM-AS VLineTelecom LLC
IP 91.200.188.230
AS44016
ns1.reg.ru
ns2.reg.ru
Registrant/Email Registrant: PrivacyProtect.org/contact@privacyprotect.org
Code: [Select]
hxxp://t3onyghop.com/you1.7zmd5sum ===> ad19cb70eae38404cdcedacecb3f51f8

January 21, 2011, 11:13:46 pm
Reply #558

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Russian Federation - ServerSnab network - SERVERSNAB-AS
IP 94.127.68.37
[s094127068037.m.truevds.ru]
AS48235
ns1.freedns.ws
ns2.freedns.ws
Registrant/Email Registrant: Chang So/changso@yahoo.com
Code: [Select]
hxxp://arakasa.com/svhost.pdf
hxxp://dishicage.net/svhost.pdf
md5sum ===> cb5c98bde98807c10591e34a78b19098
Code: [Select]
hxxp://arakasa.com/roub/google.php
hxxp://dishicage.net/roub/google.php

IP Location: Netherlands - ServerBoost network - INTERACTIVE3D-AS
IP 188.95.48.103
[ns1.h18server.info]
AS49544
DNS1.NAME-SERVICES.COM
DNS2.NAME-SERVICES.COM
DNS3.NAME-SERVICES.COM
DNS4.NAME-SERVICES.COM
DNS5.NAME-SERVICES.COM
Registrant ID:a6821a602156a110
Registrant/Email Registrant: Malus  Ozanakis/malusozanakis@yahoo.com
Code: [Select]
hxxp://stersboy777.in/rang/dast.binmd5sum ===> 8ba562ab6313f63aaec2ecbd4ff4d0a5
Code: [Select]
hxxp://stersboy777.in/forum/support.php

January 22, 2011, 11:00:59 am
Reply #559

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Ukraine - Pvkp Pacservice
IP 91.200.188.230
AS44016
ns1.reg.ru
ns2.reg.ru
Registrant/Email Registrant: PrivacyProtect.org/contact@privacyprotect.org
Code: [Select]
hxxp://3tnoongfed.com/you2.7zmd5sum ===> 79509fa238061f0d043e365ced90ee42

January 23, 2011, 09:06:21 pm
Reply #560

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Ukraine - Pvkp Pacservice
IP 91.200.188.96
AS44016
ns1.nameself.com
ns2.nameself.com
Registrant/Email Registrant: Vishnjakov Viktor Stepanovich/actionreklama@yandex.ru
Code: [Select]
hxxp://ltrdnt.net/cfg554/logo.gifmd5sum ===> 5b5f97078a2280f824b44550f69dfdeb
Code: [Select]
hxxp://ltrdnt.net/vavilo/iktrkdjslppld.php
IP Location: Ukraine - Pvkp Pacservice
IP 91.200.188.235
AS44016
ns1.iciq.biz
ns2.iciq.biz
Registrant/Email Registrant: Jenna Miller/Jenna@ersafunds.com
Code: [Select]
hxxp://djskdbks.com/dsadsa.bin
md5sum ===> 9672ab819d649d9054d98e187dec54f5

January 24, 2011, 03:54:09 pm
Reply #561

CkreM

  • Special Access
  • Hero Member

  • Offline
  • *

  • 567
Zeus Ver: 1.3.3.0

Code: [Select]
http://txcp.co.cc/files/21
http://txcp.co.cc/files/22
http://pregport.org:81/one/upload/sys.tif
http://pregport.org:81/one/go.php
Mal-Aware

January 24, 2011, 04:08:15 pm
Reply #562

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: China - CHINANET-JS-AS-AP
IP 61.147.67.249
AS23650
yns1.yahoo.com
yns2.yahoo.com
Registrant/Email Registrant: Alex Straub/straubalex93@yahoo.com
Code: [Select]
hxxp://buildyoursleep.com/images/logo.jpg
md5sum ===> 561a214bbd18e0e8e82a63c57f4b5ddc

January 25, 2011, 04:03:59 pm
Reply #563

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Russian Federation - Info-Media route - VLTELECOM-AS
AS39150
Code: [Select]
hxxp://91.213.29.24/~kotosel/new/tt/saaa.somd5sum ===> e318ed43838829bd085eaac4b8713a1f
Code: [Select]
hxxp://91.213.29.24/~kotosel/new/saxa.php
IP Location: Russian Federation - VLine Telecom Block - VLTELECOM-AS
IP 109.196.142.35
AS39150
NS1.GAMEMATOROG.COM
NS2.GAMEMATOROG.COM
Code: [Select]
hxxp://gamematorog.com/ger/ber.lnmd5sum ===> 832727e3584f70768b07e8cdfbb7bbbf
Code: [Select]
hxxp://gamematorog.com/ger/dea.exemd5sum ===> 6a6e8071a846074dd185513d7106d079
http://www.virustotal.com/file-scan/report.html?id=9d961739a5733630e0a97da2a7f26612c96ef4c5cbf9803ecd9cc79358e3b91b-1295969216
VT 16/43 (37.2%)

January 26, 2011, 11:35:30 am
Reply #564

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: China - CHINANET-JS-AS-AP
IP 61.147.67.249
AS23650
ns3.01isp.com
ns4.01isp.net
Registrant/Email Registrant: Virgina K. Mello/virginakmello@gmail.com
Registrant/Email Registrant: Sally J. Carroll/SallyJCarroll@gmail.com
Code: [Select]
hxxp://spfpratinendfggtone.net/images/logo.jpgmd5sum ===> 2c157fe7488cada33529c3dcd0b8c5cc
Code: [Select]
hxxp://specialforspmdate.net/list.php

January 26, 2011, 08:07:25 pm
Reply #565

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Ukraine - Digital Network JSC - DINET-AS
IP 91.200.188.231
AS12695
ns1.reg.ru
ns2.reg.ru
Registrant/Email Registrant: PrivacyProtect.org/contact@privacyprotect.org
Code: [Select]
hxxp://f4o3thboifmsr.com/G3.7zmd5sum ===> e16d56ad0a1e07e03706197ccf42afce

January 27, 2011, 12:24:12 pm
Reply #566

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Netherlands Antilles - COLUMBUS NETWORKS BLOCK
IP 72.252.8.103
AS27781
ns1.realtynmotio.com
ns2.realtynmotio.com
Registrant/Email Registrant: Private Person/cave@ca4.ru
Code: [Select]
hxxp://oneboy.ru/au.cpm
hxxp://oneboy.ru/22oct_bir.cpm
hxxp://oneboy.ru/22oct_ic3.cpm
hxxp://oneboy.ru/22oct_pac.cpm
hxxp://oneboy.ru/22oct_dmi.cpm
hxxp://oneboy.ru/22oct_den.cpm
hxxp://oneboy.ru/14oct_usa.cpm
md5sum ===> bd25942f77779476a2e77c710c0cf518
Code: [Select]
hxxp://oneboy.ru/au.exemd5sum ===> a30f7446024ad8aea2b0be6f6f6b2598
http://www.virustotal.com/file-scan/report.html?id=f8e1fa6a790117c5d699c0b633dc439d5697cb4b5eabbdfeaedc3e419f9bd029-1296129622
VT 27/43 (62.8%)
Code: [Select]
hxxp://oneboy.ru/22oct_bir.exemd5sum ===> f508e43496c078f71953487232c3ac73
http://www.virustotal.com/file-scan/report.html?id=50663abc87834f967231b886344546cc870b0ed54fffbec1b0f7936a53e8b14e-1296129758
VT 21/43 (48.8%)
Code: [Select]
hxxp://oneboy.ru/22oct_ic3.exemd5sum ===> ee68283c0c8494c322c8f6d41aa4e8d6
http://www.virustotal.com/file-scan/report.html?id=ef70f2a7fc9c987e9d1420f12dcc83899e822cf68f86a4f6006e4553faa7c9d2-1296129905
VT 40/42 (95.2%)
Code: [Select]
hxxp://oneboy.ru/22oct_pac.exemd5sum ===> eefbe4c73a25a44bcc0d5df146b13fce
http://www.virustotal.com/file-scan/report.html?id=b68072cc74f356106fc638ce0d912a1fe4f6573da26336e80aabea89cbebca2c-1296130091
VT 42/43 (97.7%)
Code: [Select]
hxxp://oneboy.ru/22oct_dmi.exemd5sum ===> add058a4f13c3b5f2a97ecc80933cfff
http://www.virustotal.com/file-scan/report.html?id=6266922df8b6574a0e6c4a8049e691fbc86673764c908f107eb479dacc485a4a-1296130266
VT 42/43 (97.7%)
Code: [Select]
hxxp://oneboy.ru/22oct_den.exemd5sum ===> 16f092ac72fa89def619e7e45c1b023d
http://www.virustotal.com/file-scan/report.html?id=1c5731ed76ec501dd41504269d56b1b374163de3c48626c5205f02b8e728fc39-1296130388
VT 21/43 (48.8%)
Code: [Select]
hxxp://oneboy.ru/14oct_usa.exemd5sum ===> 70734b55ab2fe874e44706be389dc77b
http://www.virustotal.com/file-scan/report.html?id=c3a0d72b6c2d1d885117685d0548d976a00e7a5b9efb6c30e0edd8cd16431960-1296130508
VT 42/43 (97.7%)

January 29, 2011, 03:40:28 pm
Reply #567

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: Ukraine - FIN-ACTIVE-NET
AS44209
ns3.co.cc
ns.co.cc
Code: [Select]
hxxp://193.186.9.81/1.binmd5sum ===> 0789e76662701ed4b0e79343757d3ff7
Code: [Select]
hxxp://193.186.9.81/~lamparasc/error2/gate.php
IP Location: Ukraine - FIN-ACTIVE-NET
IP 193.186.9.77
AS44209
ns1.nameself.com
ns2.nameself.com
Registrant/Email Registrant: Private Person/admin@nvffr.ru
Code: [Select]
hxxp://khfsdki.ru/e.binmd5sum ===> ee9181dd5327ba5d4d00412085158fee

January 30, 2011, 02:14:55 pm
Reply #568

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: United States - ENRON-wvision - CALPOP proxy aut-num for CALPOP by Mzima
IP 216.240.151.98
[asualcance.com]
AS7796
ns57.domaincontrol.com
ns58.domaincontrol.com
Registrant/Email Registrant: tobon, john/jtobon@asualcance.com
Code: [Select]
hxxp://www.mrdcolombia.com/admin/linkpt.binmd5sum ===> 0477c783490560ddc14674901ef0ae64
Code: [Select]
hxxp://www.mrdcolombia.com/admin/linkpt.exemd5sum ===> f6d70dae9ef7812954f36e6a64d556e2
http://www.virustotal.com/file-scan/report.html?id=c4f652bd8fbba29f275ea5a2b2197efc9b59f53b1079ef3544c5e7231decffe9-1296396236
VT 20/41 (48.8%)
Code: [Select]
hxxp://www.mrdcolombia.com/admin/colombia.php

January 30, 2011, 08:06:59 pm
Reply #569

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location: United States - PAH-INC Go Daddy Software, Inc.
IP 97.74.144.127
[p3nlh127.shr.prod.phx3.secureserver.net]
AS26496
NS03.DOMAINCONTROL.COM
NS04.DOMAINCONTROL.COM
Registrant/Email Registrant: Kevin Kroes/dr.kevinkroes@yahoo.com
Code: [Select]
hxxp://irvine-chiropracticcenter.com/images/vitamin.jpgmd5sum ===> 93f8f9cb2c4b70b342542c9bb7179921
related:
IP Location: China - CHINANET-JS-AS-AP AS
IP 61.147.67.249:80
AS23650
ns3.01isp.com
ns4.01isp.com
Registrant/Email Registrant: Sally J. Carroll/SallyJCarroll@gmail.com
Code: [Select]
hxxp://hryyyymerwireless.net/list.php