Author Topic: TDL3/TDSS/Alureon 64-bit rootkit domains  (Read 3154 times)

0 Members and 1 Guest are viewing this topic.

August 29, 2010, 11:21:27 pm
Read 3154 times

highcontrastfan

  • Newbie

  • Offline
  • *

  • 2
Blog posts on the matter:

http://www.prevx.com/blog/154/TDL-rootkit-x-goes-in-the-wild.html
http://www.prevx.com/blog/155/x-TDL-rootkit--follow-up.html
http://blogs.technet.com/b/mmpc/archive/2010/08/27/alureon-evolves-to-64-bit.aspx


Domains:

hxxp://mahjongmuseum.com/.oieq/?getexe=dg.exe  (Virustotal Link)


Also worth investigating:

hxxps://68b6b6b6.com/
hxxps://61.61.20.132/
hxxps://34jh7alm94.asia
hxxps://61.61.20.135/
hxxps://nyewrika.in/
hxxps://rukkieanno.in/
hxxp://rudolfdisney.com/
hxxp://crozybanner.com/
hxxp://imagemonstar.com/
hxxp://funimgpixson.com/
hxxp://bunnylandisney.com/
hxxp://cri71ki813ck.com/
hxxp://lkckclckl1i1i.com/