Author Topic: daily something......  (Read 797411 times)

0 Members and 1 Guest are viewing this topic.

April 14, 2009, 07:01:53 pm
Reply #315

RS-232

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 165
Only for the "fun" of it...rs-232 aka sowhat-x aka younameit ;-)
http://www.youtube.com/watch?v=fADjY97_KTw

April 14, 2009, 07:09:03 pm
Reply #316

GmG

  • Special Members
  • Full Member

  • Offline
  • *

  • 92

April 15, 2009, 12:30:51 am
Reply #317

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Rogue Fake AV

Code: [Select]
hxxp://star4scan.com
hxxp://scan6easy.com
hxxp://scan6fast.com
hxxp://lux4scan.com
hxxp://luxscan4.com
hxxp://msscanner-files-av.com/200109/scan/

April 15, 2009, 05:10:20 am
Reply #318

CkreM

  • Special Access
  • Hero Member

  • Offline
  • *

  • 567
Mal-Aware

April 15, 2009, 09:34:25 am
Reply #319

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Code: [Select]
kroto.biz/myy/index.php
kroto.biz/myy/cache/readme.pdf
kroto.biz/myy/cache/flash.swf
kroto.biz/myy/load.php?id=4
http://wepawet.cs.ucsb.edu/view.php?hash=ba0ba1b23890b2b70125f744960bd863&t=1239788253&type=js
http://www.virustotal.com/analisis/c7363f8f6efe964c3c07a32bbbd6e93e 5/40

Code: [Select]
kroto.biz/myy/index.php
kroto.biz/ins/cache/readme.pdf
kroto.biz/ins/cache/flash.swf
kroto.biz/ins/load.php?id=4
http://wepawet.cs.ucsb.edu/view.php?hash=e7fd2ee3c218c66ad961163569df5dca&t=1239788768&type=js
http://www.virustotal.com/analisis/1176e423edaf89cf29ca7299fac7eefd 0/40

Code: [Select]
kroto.biz/opi/index.php
kroto.biz/opi/cache/readme.pdf
kroto.biz/opi/cache/flash.swf
kroto.biz/opi/load.php?id=4
http://wepawet.cs.ucsb.edu/view.php?hash=a21882d077d3295aa223d46ef0e61158&t=1239788777&type=js
http://www.virustotal.com/analisis/c7363f8f6efe964c3c07a32bbbd6e93e 5/40

Ruining the bad guy's day

April 15, 2009, 11:58:10 am
Reply #320

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
redirector, play with the number
Code: [Select]
cjtrader.biz/in.php?s=1
redirects to Fake AV
Code: [Select]
tdncgo2009.com/?uid=36&pid=3
Fake AV
Code: [Select]
http://virussweeper-scanvirus.net/?p=nqd2a16poZ2eYJqMoKNqq6iQtFPEmZSjj8KqqVeYlJjXnrmMiXl%2BhIo%3D
vswpr.googlecode.com/svn/trunk/ReleaseXP.exe
http://www.virustotal.com/de/analisis/29d5d657b1b1e9b49b7ba3ca26f76fbe 2/40

Ruining the bad guy's day

April 15, 2009, 10:08:34 pm
Reply #321

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
All rogue

74.54.156.234

Code: [Select]
hxxp://download.adwarealert.com/vistasetup.exe
hxxp://download.adwarealert.com/setupxv.exe
hxxp://download.adwarealert.com/setup.exe
hxxp://download.adwarebot.com/setup.exe
hxxp://download.adwarebot.com/setupxv.exe
hxxp://download.antispyware.com/setup.exe
hxxp://download.antispyware.com/setupxv.exe
hxxp://download.antispyware2009.com/setup.exe
hxxp://download.antispywarebot.com/vistasetup.exe
hxxp://download.antispywarebot.com/setupxv.exe
hxxp://download.antispywarebot.com/setup.exe
hxxp://download.registrysmart.com/vistasetup.exe
hxxp://download.registrysmart.com/setupxv.exe
hxxp://download.registrysmart.com/setup.exe
hxxp://download.errorsweeper.com/vistasetup.exe
hxxp://download.errorsweeper.com/setup.exe
hxxp://download.privacycontrol.com/vistasetup.exe
hxxp://download.privacycontrol.com/setup.exe
hxxp://download.regclean.com/setupxp.exe
hxxp://download.regclean.com/setup.exe
hxxp://download.regclean.com/vistasetup.exe
hxxp://download.errorsmart.com/setup.exe
hxxp://download.errorsmart.com/vistasetup.exe
hxxp://download.regsweep.com/setupxv.exe
hxxp://download.regsweep.com/setup.exe
hxxp://download.regsweep.com/vistasetup.exe
hxxp://errorsmartdownload.com/setupxv.exe
hxxp://errorsmartdownload.com/setup.exe

75.125.200.226

Code: [Select]
hxxp://restore-pc.com/setup.php
hxxp://www.adwarealert.com/setup.exe
hxxp://evidenceeraser.com/setup.exe

April 16, 2009, 04:14:07 am
Reply #322

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Code: [Select]
www.r6c8d.cn/qvodsetupplus.exe
195.88.80.150/myfiles/138/v3/file.exe
u8.wgcn8.com/sb/ok.exe
www.bem1010.pagebr.com/bin/dat/.ubbs/videos.exe
www.hotlinkfiles.com/files/1473144_c3k20/wr-1-1974_3.exe
files.ms-load-av.com/exe/setup_200002.exe
ugh-softwares.com/promo.exe
winpc-antivirus.com/winav.exe
millanchannel.info/uddb.exe
www.infindha.com.br/images/ttopus.zip
web.cplnn.com/mmf32.exe
76.73.21.186/ploads/eula.exe
203.112.128.95/images/cgibin.exe
www.marrento.com/msg/messenger_2.exe
blog.npo-mash.org/nucleus/plugins/baby.jpg
94.247.2.123/Install.exe
lvdesign2.uuuq.com/creating/Instalador.gif
fullandtotalsecurity.com/install/ws.zip
91.212.65.12/o9s833f/uerty/wtaqlu.exe
www.adam.com.au/beaumont/virus/stinger.exe
webseguropronta.pagebr.com/kl/2.jpg
soft6.com/news/detail.asp?id=12557
sub.njcc.edu.cn/njhyxxx/index.asp
www.transport.net.cn
tongji.ctei.gov.cn
www.cqyfs.gov.cn
bbs.gddgw.com
blog.cnhubei.com/usera1/5589/index.html
medicine1.bjmu.edu.cn/department/bingli/index.htm
www.xlcedu.com
szsjmg.cn
xwb.hebtu.edu.cn/lwws/index.asp
www.0571auto.cn/showauto.asp?autoid=4322
zsb.xpu.edu.cn/2009zsb/z2-1.html
www.668662.cn
585828.cn
www.688166.com
www.900388.com
www.338cp.com
www.cpw8282.cn
www.gp5588.com
www.998666.com
www.559678.com
www.552500.com
600976.com
www.34047.com
www.592233.com
www.678009.com
678009.com
www.97980.com
www.888897.cn
www.884886.com
www.mk55.cn
www.tjdeda.com
www.aouchina.com
www.001jk.net
xinan.ccw.com.cn/shangpin.asp?id=39687
www.haobaobe.cn/sort/1_1.htm
www.jzjgxx.gov.cn
www.xacf168.com
www.jjwyy.com
szsjmg.cn
tongji.ctei.gov.cn
www.zgcy.gov.cn/videonews/index.asp
www.cqyfs.gov.cn
blog.cnhubei.com/usera1/5589/index.html
www.lygmzzjj.gov.cn
cae.nuaa.edu.cn/ftp/educ.htm
www.xachangfang.com
xx2.mao9988.cn
tougao.cnhubei.com
enews.guitarchina.com/picture
cae.nuaa.edu.cn/ftp/educ.htm
www.vip2009-qq.com
qqtx-10.com
alww-ts.cn
www.piypay.cn
www.163niu.cn
www.qqtx-10.com
u7.wgcn8.com/cj/a1.exe
ipkipk.3322.org/ipk.exe
u1.wgcn8.com/la/L7.exe
u2.wgcn8.com/gz/G1.exe
u9.wgcn8.com/cj/a2.exe
u4.wgcn8.com/gb/B7.exe
w1.aoc8.com/01/e1.exe
www.3d606.cn
www.gp890.com
www.539238.com
www.cp137.com
600906.com
cp137.com
www.3d3567.cn
www.wxdz7788.cn
www.cp05777.cn
www.44789.com
332336.com
331888.com
www.007788.net
www.331888.com
2009999.com
www.658658.cn
www.45765.com
www.113111.com
www.97980.com
www.888897.cn
www.884886.com
www.mk55.cn
www.jjsga.gov.cn
zsb.xpu.edu.cn/2009zsb/z2-1.html
www.haobaobe.cn
www.cacda.org.cn
www.transport.net.cn
www.jaycn.com
www.bjjdxy.com.cn
qqszn.cn/qqd
qqfof.com
www.yometop.cn
www.cvbnmdgesc.cn/1.exe
w5.ys8c.com/05/s.exe
sohu.go.8866.org
www.dnfdv.com
www.worldpersondictionary.com/5/C/C20.htm
www.worldexperts.org/9/T/T22/T22-1.htm
www.worlddailyweb.com
www.world-ad.com
www.chineseedu.org
www.chinesefamousdoctor.org
tour.dahe.cn/travelsite/PicShow.asp?tsid=349&dv_topicid=1533&picid=1301
www.jinleyuan.com/index.asp?ty=3
qq.200.net
radio.zjfc.edu.cn
www.oiac.com.cn/Df_web/index.asp
www.colour777.com
www.chinamf.com
www.qingdaochina.com
stu.syict.edu.cn
www.lyanjie.com
aes-online.ycu.jx.cn
hangji.nchu.jx.cn
ce.scu.edu.cn/bkjx/detail.asp?id=206
sph.bjmu.edu.cn/Html/downloads/index.htm
hkml.hainan.net/bszn/blsx.asp?newsId=394
job.icxo.com/corpJobIndex.do
www.yayunyq.com
www.cnhuishou.com
www.xawyrd.gov.cn/gly/wj/flashly/show.asp?id=17
www.nmg3j.com
www.jxgzsz.com/yw/readnews.asp?newsid=42
www.00186755.net
www.123-4.net
www.zjerhu.com/product.asp
www.chinese-chemical.net
www.szbus.com.cn
www.njrenchuang.com
www.gpec.cn
test.200.net
www.0571auto.cn
www.bjnissan.com.cn
www.jhxmzs.com
www.xsx.com.cn
zhaoban.bbxy.edu.cn/news_view.asp?newsid=413
www.hnemap.com/PublicWebUI/index.aspx
www.jinhaiyang-fdc.com.cn/d15573637
www.wyren.com.cn/d15542574/12.htm
www.lvzhou.com.cn
xstj.spe-edu.net/readnews.asp?newsid=132
www.xjjmh.com
www.zw001.net/index.asp
www.b3018.cn/article/4631.htm
www.ist.com.cn/news/rongyu/rongyu.html
www.lm188.com.cn/d3181052
www.4241.com/data.asp?dataid=2899
yyxz2.nhxy.com
www.tw103.com/soft/softcoshow.asp?id=1136
www.5tj.com
211.80.243.105/dlib/list.asp?lang=gb
www.goodsisters.cn/c3338
www.jeast.net/list.asp?classid=0
www.gkjiaolian.cn
www.lsit.net
www.cliy.com.cn/home/yuefu/index.asp
www.best4c.cn/star/10536
www.lvzhou.com.cn
www.lego123.com
www.p800.com
gbz.ycu.jx.cn
www.liuqiaoyun.com.cn
www.sdlfyz.cn/d5565381/4.htm
qqhx.uugua.cn/?196
rsz.ccjy.cn/school/gzzd/sfgl.htm
www.batongkeji.cn/d13462609
www.fsjy.cn/xg/xgkxfzg/onews.asp?id=58
www.adear.com.cn/tz
www.999art.com.cn/blog/blog.asp?name=ysf8s&month=2008-1
www.chinawatch.net
www.73ren.com/bbs/viewthread.php?tid=1755
www.cdxgt.com/product.asp?categoryid=0000100002
xy2mibao163.com.cn
x22qq.cn
s234.8866.org/1.exe
w1.akc8.com/01/s.exe
gg.onegreen.net/funshioninstall_c11407.exe
w1.163.com7w.com/01/o.exe
w9.akc8.com/09/s.exe
dlqlb.3322.org/box.exe
www.flczx.cn
www.cpzlw.cn
www.fc238.cn
www.fulicaipiao.com
www.cp728.com
www.zh-cw.com
www.68146.cn
tc908.com
www.cp110.com
www.dzhzqw.com
www.gpw858.cn
www.cp6158.cn
www.8688cp.cn
cp80998.cn
www.gcw58.cn
www.665578.com
www.sddz78.cn
www.163in.com
www.lf288.cn
www.hkying.cn
bo2288.com
www.bet2008.cc
www.wk988.com
www.maybao888.com
www.tt9898.com
www.66666ball.net
hk6669.com
hk6669.com
www.1688nba.com
www.mh48.com
899266.com
www.hk633.com
www.hkball.net.ru
www.238555.com
666128.com
www.zq5599.com
www.238111.com
www.gtx888.com
www.bet866.com
www.228cp.com
www.366555.cn
www.229899.cn
www.zh033.com
www.flcpglzx.cn
www.cp3555.com
www.84882.com
www.234444.com
www.789977.com
www.3d6848.cn
www.229899.cn
234444.com
www.1601800.com
www.zzwwong.cn
www.qiu7.cn
www.zq9a.cn
www.uugoal.com
qvod.com-2.cn/QvodSetup3.exe
keowo.cn/zip/pic02.exe
qyyjly.com/ie.exe
www.10000kp.cn
cfqqy.com
kk.hh51888.cn/cfqqy.com/1.htm
www.qqcfq.cn
ksss.us/taobao/index10.htm
jz2009jx.com
www.x-ba.com.cn
www.npgysy.com
invest.eefoo.com/jd/sdpx/200904/02-1313860.html
welcome.xz.vnet.cn
iom.ccom.edu.cn
auto1.zbinfo.net/jhby
www.zhonghuiaf.com
www.ghly.com
www.clima.org.cn
www.syzsrc.com/
www.ziweixing.com
www.ktv8848.cn/fhtz_info.asp?id=1614
www.51clean.com/co_cp_view.asp?id=205
www.hnyisheng.com/about.asp
www.sdxunda.cn
www.xtscl.cn
www.kimspetschool.cn
www.wow175.cn/news_display.asp?id=34
house.c029.com/newhouse/newhouse_dc.asp?id=458
www.qsxx.cn
gdtemei.cn
www.nb-water.com
www.csdnet.org/ynsm_show.asp?ID=9
www.keqi.com.cn
sph.bjmu.edu.cn
www.gpec.cn
www.langfangtv.com/html/zixun/index.html
www.towinner.com

Posted to:
http://bbs.vc52.cn/redirect.php?tid=82103
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

April 16, 2009, 05:33:33 am
Reply #323

CkreM

  • Special Access
  • Hero Member

  • Offline
  • *

  • 567
Code: [Select]
www.r6c8d.cn/qvodsetupplus.exe
195.88.80.150/myfiles/138/v3/file.exe
u8.wgcn8.com/sb/ok.exe
www.bem1010.pagebr.com/bin/dat/.ubbs/videos.exe
www.hotlinkfiles.com/files/1473144_c3k20/wr-1-1974_3.exe
files.ms-load-av.com/exe/setup_200002.exe
ugh-softwares.com/promo.exe
winpc-antivirus.com/winav.exe
millanchannel.info/uddb.exe
www.infindha.com.br/images/ttopus.zip
web.cplnn.com/mmf32.exe
76.73.21.186/ploads/eula.exe
203.112.128.95/images/cgibin.exe
www.marrento.com/msg/messenger_2.exe
blog.npo-mash.org/nucleus/plugins/baby.jpg
94.247.2.123/Install.exe
lvdesign2.uuuq.com/creating/Instalador.gif
fullandtotalsecurity.com/install/ws.zip
91.212.65.12/o9s833f/uerty/wtaqlu.exe
www.adam.com.au/beaumont/virus/stinger.exe
webseguropronta.pagebr.com/kl/2.jpg
soft6.com/news/detail.asp?id=12557
sub.njcc.edu.cn/njhyxxx/index.asp
www.transport.net.cn
tongji.ctei.gov.cn
www.cqyfs.gov.cn
bbs.gddgw.com
blog.cnhubei.com/usera1/5589/index.html
medicine1.bjmu.edu.cn/department/bingli/index.htm
www.xlcedu.com
szsjmg.cn
xwb.hebtu.edu.cn/lwws/index.asp
www.0571auto.cn/showauto.asp?autoid=4322
zsb.xpu.edu.cn/2009zsb/z2-1.html
www.668662.cn
585828.cn
www.688166.com
www.900388.com
www.338cp.com
www.cpw8282.cn
www.gp5588.com
www.998666.com
www.559678.com
www.552500.com
600976.com
www.34047.com
www.592233.com
www.678009.com
678009.com
www.97980.com
www.888897.cn
www.884886.com
www.mk55.cn
www.tjdeda.com
www.aouchina.com
www.001jk.net
xinan.ccw.com.cn/shangpin.asp?id=39687
www.haobaobe.cn/sort/1_1.htm
www.jzjgxx.gov.cn
www.xacf168.com
www.jjwyy.com
szsjmg.cn
tongji.ctei.gov.cn
www.zgcy.gov.cn/videonews/index.asp
www.cqyfs.gov.cn
blog.cnhubei.com/usera1/5589/index.html
www.lygmzzjj.gov.cn
cae.nuaa.edu.cn/ftp/educ.htm
www.xachangfang.com
xx2.mao9988.cn
tougao.cnhubei.com
enews.guitarchina.com/picture
cae.nuaa.edu.cn/ftp/educ.htm
www.vip2009-qq.com
qqtx-10.com
alww-ts.cn
www.piypay.cn
www.163niu.cn
www.qqtx-10.com
u7.wgcn8.com/cj/a1.exe
ipkipk.3322.org/ipk.exe
u1.wgcn8.com/la/L7.exe
u2.wgcn8.com/gz/G1.exe
u9.wgcn8.com/cj/a2.exe
u4.wgcn8.com/gb/B7.exe
w1.aoc8.com/01/e1.exe
www.3d606.cn
www.gp890.com
www.539238.com
www.cp137.com
600906.com
cp137.com
www.3d3567.cn
www.wxdz7788.cn
www.cp05777.cn
www.44789.com
332336.com
331888.com
www.007788.net
www.331888.com
2009999.com
www.658658.cn
www.45765.com
www.113111.com
www.97980.com
www.888897.cn
www.884886.com
www.mk55.cn
www.jjsga.gov.cn
zsb.xpu.edu.cn/2009zsb/z2-1.html
www.haobaobe.cn
www.cacda.org.cn
www.transport.net.cn
www.jaycn.com
www.bjjdxy.com.cn
qqszn.cn/qqd
qqfof.com
www.yometop.cn
www.cvbnmdgesc.cn/1.exe
w5.ys8c.com/05/s.exe
sohu.go.8866.org
www.dnfdv.com
www.worldpersondictionary.com/5/C/C20.htm
www.worldexperts.org/9/T/T22/T22-1.htm
www.worlddailyweb.com
www.world-ad.com
www.chineseedu.org
www.chinesefamousdoctor.org
tour.dahe.cn/travelsite/PicShow.asp?tsid=349&dv_topicid=1533&picid=1301
www.jinleyuan.com/index.asp?ty=3
qq.200.net
radio.zjfc.edu.cn
www.oiac.com.cn/Df_web/index.asp
www.colour777.com
www.chinamf.com
www.qingdaochina.com
stu.syict.edu.cn
www.lyanjie.com
aes-online.ycu.jx.cn
hangji.nchu.jx.cn
ce.scu.edu.cn/bkjx/detail.asp?id=206
sph.bjmu.edu.cn/Html/downloads/index.htm
hkml.hainan.net/bszn/blsx.asp?newsId=394
job.icxo.com/corpJobIndex.do
www.yayunyq.com
www.cnhuishou.com
www.xawyrd.gov.cn/gly/wj/flashly/show.asp?id=17
www.nmg3j.com
www.jxgzsz.com/yw/readnews.asp?newsid=42
www.00186755.net
www.123-4.net
www.zjerhu.com/product.asp
www.chinese-chemical.net
www.szbus.com.cn
www.njrenchuang.com
www.gpec.cn
test.200.net
www.0571auto.cn
www.bjnissan.com.cn
www.jhxmzs.com
www.xsx.com.cn
zhaoban.bbxy.edu.cn/news_view.asp?newsid=413
www.hnemap.com/PublicWebUI/index.aspx
www.jinhaiyang-fdc.com.cn/d15573637
www.wyren.com.cn/d15542574/12.htm
www.lvzhou.com.cn
xstj.spe-edu.net/readnews.asp?newsid=132
www.xjjmh.com
www.zw001.net/index.asp
www.b3018.cn/article/4631.htm
www.ist.com.cn/news/rongyu/rongyu.html
www.lm188.com.cn/d3181052
www.4241.com/data.asp?dataid=2899
yyxz2.nhxy.com
www.tw103.com/soft/softcoshow.asp?id=1136
www.5tj.com
211.80.243.105/dlib/list.asp?lang=gb
www.goodsisters.cn/c3338
www.jeast.net/list.asp?classid=0
www.gkjiaolian.cn
www.lsit.net
www.cliy.com.cn/home/yuefu/index.asp
www.best4c.cn/star/10536
www.lvzhou.com.cn
www.lego123.com
www.p800.com
gbz.ycu.jx.cn
www.liuqiaoyun.com.cn
www.sdlfyz.cn/d5565381/4.htm
qqhx.uugua.cn/?196
rsz.ccjy.cn/school/gzzd/sfgl.htm
www.batongkeji.cn/d13462609
www.fsjy.cn/xg/xgkxfzg/onews.asp?id=58
www.adear.com.cn/tz
www.999art.com.cn/blog/blog.asp?name=ysf8s&month=2008-1
www.chinawatch.net
www.73ren.com/bbs/viewthread.php?tid=1755
www.cdxgt.com/product.asp?categoryid=0000100002
xy2mibao163.com.cn
x22qq.cn
s234.8866.org/1.exe
w1.akc8.com/01/s.exe
gg.onegreen.net/funshioninstall_c11407.exe
w1.163.com7w.com/01/o.exe
w9.akc8.com/09/s.exe
dlqlb.3322.org/box.exe
www.flczx.cn
www.cpzlw.cn
www.fc238.cn
www.fulicaipiao.com
www.cp728.com
www.zh-cw.com
www.68146.cn
tc908.com
www.cp110.com
www.dzhzqw.com
www.gpw858.cn
www.cp6158.cn
www.8688cp.cn
cp80998.cn
www.gcw58.cn
www.665578.com
www.sddz78.cn
www.163in.com
www.lf288.cn
www.hkying.cn
bo2288.com
www.bet2008.cc
www.wk988.com
www.maybao888.com
www.tt9898.com
www.66666ball.net
hk6669.com
hk6669.com
www.1688nba.com
www.mh48.com
899266.com
www.hk633.com
www.hkball.net.ru
www.238555.com
666128.com
www.zq5599.com
www.238111.com
www.gtx888.com
www.bet866.com
www.228cp.com
www.366555.cn
www.229899.cn
www.zh033.com
www.flcpglzx.cn
www.cp3555.com
www.84882.com
www.234444.com
www.789977.com
www.3d6848.cn
www.229899.cn
234444.com
www.1601800.com
www.zzwwong.cn
www.qiu7.cn
www.zq9a.cn
www.uugoal.com
qvod.com-2.cn/QvodSetup3.exe
keowo.cn/zip/pic02.exe
qyyjly.com/ie.exe
www.10000kp.cn
cfqqy.com
kk.hh51888.cn/cfqqy.com/1.htm
www.qqcfq.cn
ksss.us/taobao/index10.htm
jz2009jx.com
www.x-ba.com.cn
www.npgysy.com
invest.eefoo.com/jd/sdpx/200904/02-1313860.html
welcome.xz.vnet.cn
iom.ccom.edu.cn
auto1.zbinfo.net/jhby
www.zhonghuiaf.com
www.ghly.com
www.clima.org.cn
www.syzsrc.com/
www.ziweixing.com
www.ktv8848.cn/fhtz_info.asp?id=1614
www.51clean.com/co_cp_view.asp?id=205
www.hnyisheng.com/about.asp
www.sdxunda.cn
www.xtscl.cn
www.kimspetschool.cn
www.wow175.cn/news_display.asp?id=34
house.c029.com/newhouse/newhouse_dc.asp?id=458
www.qsxx.cn
gdtemei.cn
www.nb-water.com
www.csdnet.org/ynsm_show.asp?ID=9
www.keqi.com.cn
sph.bjmu.edu.cn
www.gpec.cn
www.langfangtv.com/html/zixun/index.html
www.towinner.com

Posted to:
http://bbs.vc52.cn/redirect.php?tid=82103


gogo sysadm  ;D
Mal-Aware

April 16, 2009, 06:14:43 am
Reply #324

CkreM

  • Special Access
  • Hero Member

  • Offline
  • *

  • 567
Trojan Webmoner
Code: [Select]
wiz2wix.com/out.exehttp://www.virustotal.com/analisis/b4c3c35969ab9091652570b7bb8f83ae
Ftp Stealer
Code: [Select]
tayforlive.ru/ftp_G.exehttp://www.virustotal.com/analisis/978f0644b6375647f10d3043123aa537
Trojan:
Code: [Select]
ftpgeoit.com/exe/9sys270.exehttp://www.virustotal.com/analisis/bdaf84af42d6fe1c146ae4a68479674b
Trojan:
Code: [Select]
ftpgeoit.com/exe/gld.exehttp://www.virustotal.com/analisis/2813968773754764f195f9abc458672a
Trojan:
Code: [Select]
ftpgeoit.com/exe/lich.exehttp://www.virustotal.com/analisis/a3d56941a5206226d019d76071f9c354
Exploits/trojan:
Code: [Select]
homesy.net/mu/index.phphttp://wepawet.iseclab.org/view.php?hash=943da6e620aeb897e9586e68771d1467&t=1239861325&type=js

Redirect to rogue:
Code: [Select]
Blogtransaction.cn/in.cgi?9
Bankinggolf.cn/in.cgi?9
Acousticnail.cn/in.cgi?9
ay.goldrushclub.cn/in.cgi?9
all redirect to
Code: [Select]
1000league.com/in.cgi?9 (which is on MDL)
http://wepawet.cs.ucsb.edu/view.php?hash=a67a5af0914956eaf26cb260d4632a3e&t=1239830585&type=js
Then to Rogue:
Code: [Select]
msscan-files-antivir.com/200109/scan/
Mal-Aware

April 16, 2009, 11:43:26 am
Reply #325

RS-232

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 165
Here's a nifty pdf exploit...
Quote
hxxp://d0lphin.biz/max/in.php
Result: 4/40 (10%)
http://www.virustotal.com/analisis/de6f75f3c03f508662872923ff3c73bb

Here's what it returns for the time being...
http://wepawet.iseclab.org/view.php?hash=5edd49ee3561911ff34c53abade513a6&type=js
Result: 12/40 (30.00%)
http://www.virustotal.com/analisis/4e8ce4cab8a08a7754395eaf6192ce3a
Now go dig on the rest of domains there...
http://www.robtex.com/ip/210.83.85.94.html
===========================
Quote
hxxp://megapupseg.ru/xtrm/index.php
hxxp://www.murka-best.com/index.php?sall=miks_ind
===========================
Quote
hxxp://team-sleep.by.ru/menu.html
hxxp://bizoplata.ru/pay.html?
hxxp://bizoplata.ru/courier.html
hxxp://5rublei.com/unique/index.php
hxxp://bizoplata.ru/mortgage.html
hxxp://myrurrly.com/in.cgi?pipka3S
hxxp://tixwagoq.cn/in.cgi?4
hxxp://tochtonenado.com/yes/index.php
hxxp://paylayos.cn/nuc/index.php
hxxp://mixbunch.cn/thread.html
hxxp://mixbunch.cn/belt.html
hxxp://mixbunch.cn/scarf.html
http://wepawet.iseclab.org/view.php?hash=7ac93ca405a6fc78e1e19062eee91e52&t=1239885967&type=js
===========================
Quote
hxxp://startdontstop.ru/bigmac.html
hxxp://tixwagoq.cn/in.cgi?4
hxxp://paylayos.cn/nuc/index.php
Only for the "fun" of it...rs-232 aka sowhat-x aka younameit ;-)
http://www.youtube.com/watch?v=fADjY97_KTw

April 16, 2009, 02:43:26 pm
Reply #326

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Code: [Select]
http://www.webpresence4u.co.uk/forms/use/email/POSTALESAMORPORSIEMPRE.phphttp://www.virustotal.com/analisis/a57dbbe538cbe01a060e27c60e0ff2a0
http://www.threatexpert.com/report.aspx?md5=ba19812a5c24c50bb7480d55e2e081ca

corresponding irc c&c
Code: [Select]
cnz0k3r.cdmon.org:6667
Ruining the bad guy's day

April 17, 2009, 03:13:47 am
Reply #327

CkreM

  • Special Access
  • Hero Member

  • Offline
  • *

  • 567
Exploit which lead to pinch trojan:
Code: [Select]
counnter.cn/z/count.php?o=1http://wepawet.iseclab.org/view.php?hash=d62dc864116e5643e88dc14b2b3b4a8e&t=1239864253&type=js
The pinch trojan:
Code: [Select]
counnter.cn/z/getexe.exe?o=1&t=1239892251&i=2057619350&e=1http://www.virustotal.com/analisis/da79eef38206c2e643777c17191ea4a8

Exploit/trojan:
Code: [Select]
teenagersporn.net/project2/index.phphttp://wepawet.cs.ucsb.edu/view.php?hash=bad316b7e10f1195eda2adf0c3da0a49&t=1239918254&type=js
Exploit/trojan:
Code: [Select]
google-advisior.cn/project2/index.phphttp://wepawet.iseclab.org/view.php?hash=535c6efb84e00f72ff3f5ecf9aca3df5&t=1239870763&type=js
Exploit/trojan:
Code: [Select]
hackzona.info/s/index.phphttp://wepawet.iseclab.org/view.php?hash=dcac90e453678bee26d187e37474d291&t=1239872153&type=js
Pdf exploit/trojan:
Code: [Select]
http://liteautogreatest.cn/cache/readme.pdfhttp://wepawet.iseclab.org/view.php?hash=2030ec9e4312994722b9a2037911d8dc&t=1239819716&type=js

Domain listed on MDL but on different directory
Code: [Select]
d0lphin.biz/mix/pdf.phphttp://wepawet.iseclab.org/view.php?hash=5e69487565b54590dc4521945162dbe7&t=1239873022&type=js

Redirects to rogue:
Code: [Select]
sotoviy.info/0/go.php?sid=2
uouo.info/0/go.php?sid=2
leshik.info/0/go.php?sid=2
wazo.info/0/go.php?sid=2
lavo.info/0/go.php?sid=2
reliable-anti-virus.info/0/go.php?sid=2
webportal-sms.info/0/go.php?sid=2
spyware-guard.info/0/go.php?sid=2
spyware-soft.info/0/go.php?sid=2
spyware-security.info//0/go.php?sid=2
all redirect to online scan:
Code: [Select]
loyal-porno.com/scan/?id=260
Mal-Aware


April 18, 2009, 10:27:35 am
Reply #329

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Exploit:
Code: [Select]
hxxp://beebest.cn/dlutrl23dnwfas/index.php
Wepawet

PDF:
Code: [Select]
hxxp://beebest.cn/dlutrl23dnwfas/spl/pdf.pdf
Wepawet
VirusTotal - 10/40 (25%)

Exe:
Code: [Select]
hxxp://beebest.cn/dlutrl23dnwfas/exe.php
VirusTotal - 7/40 (17.5%)