Malware Domain List

Malware Related => Malicious Domains => Topic started by: GaryDee on April 17, 2012, 08:51:35 pm

Title: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 17, 2012, 08:51:35 pm
Code: [Select]
www.funinprague.eu
http://www.UnmaskParasites.com/security-report/?page=www.funinprague.eu
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 18, 2012, 08:11:37 am
Code: [Select]
http://flamenkoshihtzu.puslapiai.lt/
http://www.UnmaskParasites.com/security-report/?page=flamenkoshihtzu.puslapiai.lt
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 18, 2012, 08:21:42 am
10 suspicious inline scripts found

Code: [Select]
http://trance.projektas.lt/
http://www.UnmaskParasites.com/security-report/?page=trance.projektas.lt
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 18, 2012, 08:24:39 am
Code: [Select]
http://valetudo.projektas.lt/
http://yura.projektas.lt/

http://www.UnmaskParasites.com/security-report/?page=valetudo.projektas.lt
http://www.UnmaskParasites.com/security-report/?page=yura.projektas.lt
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 18, 2012, 09:14:22 am
9 hidden external links found.

Code: [Select]
http://devkapil.com/
To:
Code: [Select]
http://www.pradashoessale.com/
http://www.airmaxshoestore.com/
http://www.chibuy.org/
http://www.fleecefootwear.org/
http://www.louboutinshoelike.com/

http://www.UnmaskParasites.com/security-report/?page=devkapil.com/home.html
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 18, 2012, 10:01:43 am
1 suspicious inline script found
1 hidden external link found


Code: [Select]
http://maplefinancial.co.uk/
http://www.UnmaskParasites.com/security-report/?page=maplefinancial.co.uk
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 19, 2012, 07:51:26 am
1 suspicious inline script found

Code: [Select]
lottomeca.com/v2/sub00/index.php?pid=webmain&key=
http://www.UnmaskParasites.com/security-report/?page=lottomeca.com/v2/sub00/index.php%3Fpid%3Dwebmain%26key%3D
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 20, 2012, 07:41:37 am
3 suspicious inline scripts found

Code: [Select]
http://loin.bigday.kr/main/home.php
http://www.UnmaskParasites.com/security-report/?page=loin.bigday.kr/main/home.php
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 20, 2012, 09:45:47 am
10 hidden external links found

Code: [Select]
http://www.e-v-r.com/
http://www.UnmaskParasites.com/security-report/?page=www.e-v-r.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 21, 2012, 09:34:21 am
Code: [Select]
http://wp.me/1NUuLhttp://128.111.48.236/domain.php?hash=d5297777d1ddcc93441879436b1133b2&type=js
Code: [Select]
---> http://www.helpmegetrich.org/
...???
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 22, 2012, 10:42:06 am
Code: [Select]
http://www.regnow.com/softsell/visitor.cgi?affiliate=13326&action=site&vendor=4174&ref=http://www.axysoft.com/moneymania/MoneyMania.exe
Suspicious

http://128.111.48.236/view.php?hash=17c45523e15a7d114097bb2cd2ed318f&t=1335090249&type=js
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 22, 2012, 11:38:23 am
1 suspicious inline script found
2 hidden external links found

Code: [Select]
http://www.amanda-seyfried.ru/
http://www.unmaskparasites.com/security-report/?page=http%3A//www.amanda-seyfried.ru/
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 22, 2012, 12:39:31 pm
Code: [Select]
http://www.afkpc.com/AFKUzakMasaUstu.exe
Suspicious unknown Malware

http://anubis.iseclab.org/?action=result&task_id=13d8faf0941fb13441dea3f60e57a32ae&format=html
http://128.111.48.236/view.php?hash=1ffcebb4c2b018bb26c441a22b0480b8&t=1335095476&type=js
https://www.virustotal.com/url/348f497ce71d320161b4586c5c4f45f549f325c6e6397f2c216a7f9963c49374/analysis/1335095465/

Code: [Select]
www.afkpc.com/AFKYardim.exe
not-a-virus:RemoteAdmin.Win32.Ammyy.h

http://128.111.48.236/view.php?hash=83e96eca1cd9a681c3b45c26d6a22e56&t=1335098154&type=js
https://www.virustotal.com/url/1eacd3059a6ef2cd75935a41b7dbf6ca53d26c1049f4f7ae458b4eb469d40faf/analysis/1335098181/
https://www.virustotal.com/file/86579d0506559c2438667a6dd20afc27f0b32e690d7903fc21809ce88678dcc3/analysis/1335098187/
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 22, 2012, 12:55:46 pm
References to 1 suspicious domain found

Code: [Select]
http://derrickbateman.net/
http://www.UnmaskParasites.com/security-report/?page=derrickbateman.net
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 22, 2012, 01:31:10 pm
Reference to 1 suspicious domain found

Code: [Select]
http://emmastonecentral.com/
http://www.UnmaskParasites.com/security-report/?page=emmastonecentral.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 22, 2012, 02:46:50 pm
2 hidden external links found

Code: [Select]
http://mileycyrus.bz/
http://www.UnmaskParasites.com/security-report/?page=mileycyrus.bz

Additional (potential) malware:

Code: [Select]
http://imagesrv.adition.com/banners/268/00/0f/c1/99/
http://imagesrv.adition.com/banners/268/00/0f/cc/c3/

http://128.111.48.236/view.php?hash=53ea3e17a569c9f98ec5e578c31c53e6&t=1335102788&type=js
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 23, 2012, 05:05:32 am
1 suspicious inline script found

Code: [Select]
http://ozdemirreduktor.com/
http://www.UnmaskParasites.com/security-report/?page=www.ozdemirreduktor.com.tr
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 23, 2012, 07:55:39 am
44 hidden external links found.

Code: [Select]
star.mt.co.kr/view/stview.php?no=2012042311263752735&outlink=2&SVEC
http://www.UnmaskParasites.com/security-report/?page=star.mt.co.kr/view/stview.php%3Fno%3D2012042311263752735%26outlink%3D2%26SVEC
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 23, 2012, 09:37:07 am
1 suspicious inline script found

Code: [Select]
http://ares.com.es/
http://www.UnmaskParasites.com/security-report/?page=www.ares.com.es
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 24, 2012, 10:42:09 am
2 hidden external links found

Code: [Select]
http://www.semjingjia.com
http://www.UnmaskParasites.com/security-report/?page=www.semjingjia.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 25, 2012, 04:44:14 am
1 suspicious inline script found

Code: [Select]
http://consert.com/
http://www.UnmaskParasites.com/security-report/?page=consert.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 25, 2012, 05:27:23 am
1 suspicious inline script found.

Code: [Select]
http://www.aion-scan.com/
http://www.UnmaskParasites.com/security-report/?page=www.aion-scan.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 25, 2012, 08:21:25 am
1 suspicious inline script found.

Code: [Select]
http://vertigo-records.com/
http://www.UnmaskParasites.com/security-report/?page=www.vertigo-records.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 25, 2012, 01:13:32 pm
http://128.111.48.236/domain.php?hash=792b183d405a7ac9059742fb9b799a30&type=js

Code: [Select]
http://www.bullzip.com/download/a2m/msa2mys_4_0_0_192.zip
http://anubis.iseclab.org/?action=result&task_id=11a3079248f795bc4ad0983a6c117d215&format=html
https://www.virustotal.com/url/202399794a7527b8106984cd3c80ed0af068ff48b5a75737ad95f54d0bd92de3/analysis/1335357606/
https://www.virustotal.com/file/dfffac776d8a5c363b5fc8c118b556286dc43fa4240fab920b87db3b905573d5/analysis/1335357611/
https://www.virustotal.com/file/d95ed49ed2fbc488e0a23824259f49ab0571aa241e10e65bb5960b57ec49f2b6/analysis/1335357691/
http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-0550-99

Code: [Select]
http://www.bullzip.com/download/a2p/msa2pgs_3_0_0_148.zip
http://anubis.iseclab.org/?action=result&task_id=113d95ba682b8df7499056242e5293709&format=html
https://www.virustotal.com/url/f90e9df3770a5512331892de6d3788f432396f2262a2ea44696a53f7c62896e8/analysis/1335358227/
https://www.virustotal.com/file/0eed206d6e94b6555bc6d3a105cc91e6ce2259e2ce30b44df3a2bd3c59fc73ff/analysis/1335358404/
http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-0550-99

Code: [Select]
http://www.bullzip.com/download/a2s/msa2sql_3_0_0_148.zip
https://www.virustotal.com/file/3aaea03a6f5bea698ffbfb0558d756937c8836ab8c5ef6eaf61946dc3d21874a/analysis/1335359046/
http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-0550-99
http://anubis.iseclab.org/?action=result&task_id=1d331d3e2a986ef2435b4f1b9c84fe6ed&format=html
http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-0550-99
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: dlipman on April 25, 2012, 01:23:05 pm
http://www.bullzip.com/download/...

These appear to be all False Positives.
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 26, 2012, 01:46:53 pm
References to 1 suspicious domain found.

Code: [Select]
http://intl.earnparttimejobs.com/index.php
http://www.unmaskparasites.com/security-report/?page=http%3A//intl.earnparttimejobs.com/index.php
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 26, 2012, 09:17:11 pm
1 suspicious Obfuscated IFrame-Script found

Code: [Select]
http://kerrcountyfcu.com/
http://www.UnmaskParasites.com/security-report/?page=kerrcountyfcu.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 27, 2012, 04:51:19 am
3 suspicious inline scripts found.

Code: [Select]
http://www.bangaloreonlineflorists.com/
http://www.UnmaskParasites.com/security-report/?page=www.bangaloreonlineflorists.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 27, 2012, 11:32:07 am
5 suspicious inline scripts found

Code: [Select]
http://manandvankingston.com/
http://manandvanputney.com/
http://manandvanweybridge.com/
http://removalsintwickenham.co.uk/
http://surreyremovals.org/

http://www.UnmaskParasites.com/security-report/?page=manandvankingston.com
http://www.UnmaskParasites.com/security-report/?page=manandvanputney.com
http://www.UnmaskParasites.com/security-report/?page=manandvanweybridge.com
http://www.UnmaskParasites.com/security-report/?page=removalsintwickenham.co.uk
http://www.UnmaskParasites.com/security-report/?page=surreyremovals.org
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 27, 2012, 11:58:59 am
2 suspicious inline scripts found

Code: [Select]
http://www.commonwealmagazine.org/
http://www.UnmaskParasites.com/security-report/?page=www.commonwealmagazine.org
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 27, 2012, 03:17:54 pm
1 suspicious inline script found.

Code: [Select]
http://peoplesbanksc.com/
http://www.unmaskparasites.com/security-report/?page=http%3A//peoplesbanksc.com/#inline
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 27, 2012, 04:13:34 pm
2 hidden external links found.

Code: [Select]
http://andrebercelli.com/
http://www.UnmaskParasites.com/security-report/?page=andrebercelli.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 27, 2012, 04:39:12 pm
1 suspicious inline script found.
1 hidden external link found.


Code: [Select]
http://www.cantinhocute.com/
http://www.UnmaskParasites.com/security-report/?page=www.cantinhocute.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 28, 2012, 04:52:18 am
1 suspicious inline script found

Code: [Select]
http://www.tagged.com/ladypareethe1andonly
http://www.UnmaskParasites.com/security-report/?page=www.tagged.com/ladypareethe1andonly
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 28, 2012, 08:31:59 am
2 suspicious inline scripts found

Code: [Select]
http://blacknews.com/
http://www.unmaskparasites.com/security-report/?page=http%3A//blacknews.com/#inline
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 28, 2012, 09:02:25 am
1 suspicious inline script found

Code: [Select]
http://mckinley-advisors.com/
http://www.UnmaskParasites.com/security-report/?page=www.mckinley-advisors.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 30, 2012, 09:28:43 am
1 suspicious inline script found.

Code: [Select]
www.allpest.com
http://www.unmaskparasites.com/security-report/?page=http%3A//www.allpest.com/#inline
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 30, 2012, 10:55:44 am
1 suspicious inline script found.

Code: [Select]
http://kuroiban.net/
http://www.unmaskparasites.com/security-report/?page=http%3A//kuroiban.net/#inline
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on April 30, 2012, 11:14:57 am
1 suspicious inline script found.

Code: [Select]
http://www.allergiewelt.ch/shop/product_info.php?products_id=140
http://www.unmaskparasites.com/security-report/?page=http%3A//www.allergiewelt.ch/shop/product_info.php%3Fproducts_id%3D140#inline
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 03, 2012, 11:08:06 am
1 suspicious inline script found

Code: [Select]
http://ncssolution.nc.ohost.de/
http://www.UnmaskParasites.com/security-report/?page=ncssolution.nc.ohost.de
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 03, 2012, 04:23:48 pm
1 suspicious inline script found

Code: [Select]
http://duanamoveis.com.br/
http://www.UnmaskParasites.com/security-report/?page=duanamoveis.com.br
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 03, 2012, 05:37:26 pm
References to 1 suspicious domain found.

Code: [Select]
http://itexpert.net/
http://www.UnmaskParasites.com/security-report/?page=www.itexpert.net

Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 05, 2012, 05:20:22 pm
Code: [Select]
http://photographic-art.biz/
SSL ERROR
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 05, 2012, 08:20:07 pm
Reference to 1 suspicious domain found.

Code: [Select]
http://hd4you.org/
http://www.UnmaskParasites.com/security-report/?page=hd4you.org
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 06, 2012, 05:38:13 am
2 suspicious inline scripts found.
1 hidden external link found.


Code: [Select]
http://mi.fondos5.com/wallpaper.htm
http://www.UnmaskParasites.com/security-report/?page=mi.fondos5.com/wallpaper.htm
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 09, 2012, 03:50:18 pm
References to 2 suspicious domains found

Code: [Select]
http://trpyhech.livejournal.com/
http://www.UnmaskParasites.com/security-report/?page=trpyhech.livejournal.com
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 12, 2012, 08:38:10 pm
52130 hidden external links found

Code: [Select]
vozka.blog132.fc2.com/blog-date-201009.html
http://www.UnmaskParasites.com/security-report/?page=vozka.blog132.fc2.com/blog-date-201009.html

Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 17, 2012, 03:03:09 pm
20 hidden external links found

Code: [Select]
http://whippleworld.com/page/96/?s
http://www.UnmaskParasites.com/security-report/?page=whippleworld.com/page/96/%3Fs
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: dlipman on May 17, 2012, 04:19:24 pm
Pharma crap suspicious - big deal.

How are they malicious.

Again - Quality not Quantity
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 19, 2012, 10:23:55 pm
Pharma crap suspicious - big deal.

How are they malicious.

Again - Quality not Quantity

http://garyc.me/files/upload/Thanks.txt (http://garyc.me/files/upload/Thanks.txt)
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 19, 2012, 10:37:00 pm
Sorry, I forgot. The thread is called SUSPicious, NOT MALicious. ;) ;)

(And ment for AMATEURS, not for PROS like you)  ;)
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 25, 2012, 01:55:45 pm
Code: [Select]
http://clips.portalkachka.ru/engine/dude/index/leech_out.php?a%3Ahttp%3A%2F%2Fletitbit.net%2Fskymonk1661283.exe
Suspicious Download Manager
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on May 26, 2012, 11:37:21 am
35 Processes
Code: [Select]
http://app7.poolstat.com/Setup.exe

IP:208.184.157.102
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on June 13, 2012, 03:33:26 pm
1 suspicious inline script found.

Code: [Select]
www.trialanet.ru
http://www.UnmaskParasites.com/security-report/?page=www.trialanet.ru
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: EP_X0FF on June 13, 2012, 03:58:23 pm
1 suspicious inline script found.

Code: [Select]
www.trialanet.ru
http://www.UnmaskParasites.com/security-report/?page=www.trialanet.ru

Yeah. Incredible suspicious.

Quote
<!--LiveInternet counter--><script type="text/javascript">document.write("<a href='http://www.liveinternet.ru/click' target=_blank><img src='//counter.yadro.ru/hit?t15.6;r" + escape(document.referrer) + ((typeof(screen)=="undefined")?"":";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth?screen.colorDepth:screen.pixelDepth)) + ";u" + escape(document.URL) + ";" + Math.random() + "' border=0 width=88 height=31 alt='' title='LiveInternet: показано число просмотров за 24 часа, посетителей за 24 часа и за сегодня'><\/a>")</script><!--/LiveInternet-->

Quote
LiveInternet: number of views for 24 hours, visitors for 24 hours and for today'

facepalm
Title: Re: (S)-uspicious ? QUEST for AMATEURS
Post by: GaryDee on June 20, 2012, 02:22:18 pm
4 suspicious inline scripts found

Code: [Select]
www.allthingsnow.com/week/site:fbi.gov/34
http://www.UnmaskParasites.com/security-report/?page=www.allthingsnow.com/week/site%3Afbi.gov/34