Author Topic: PhishTank Malware  (Read 5349 times)

0 Members and 1 Guest are viewing this topic.

March 02, 2012, 06:51:50 am
Read 5349 times

hhhobbit

  • Special Access
  • Full Member

  • Offline
  • *

  • 54

http://www.securemecca.com/Analysis/PhishTankMalware.txt

I just keep adding them as I find them.  Here are some get you up to date:

211.162.209.150:82/down/543yyqf.zip
ns3.ishosting.net/rio-de-janeiro/noticia/2012/01/video-inedito-do-desabamento-no-centro-do-rio-AVI.exe
atualizacaodados.com/DELEGACIAELETRONICA/
photo-album-cz83hed.osa.pl/album.exe
184.72.195.255/Notas_Fiscais.zip
defaultcache.com.br/ie
www.volontarisanmartino.org/components/com_usere/reativar.exe
www.lookoculos.com.br/img/produtos/produto_645/1.pac
photo-album-b37sv.bee.pl/album.exe

Some are those new Trojan Banker Phish.  They don't have all of it because you also need something to put the registry entries in place for the Internet Settings.  I have some exe files that look like they may be used for that but all you really need is a reg file.  If you search for MDSUM c65f7dbbc1fa6ec29037e15038522204 you will find one that worked yesterday.  Let me see if I can download it but the 1.pac file looks like it works well as well.  But the instructions for testing them using Firefox are there with the one that has that MD5SUM.  The altered the ie, but the 1.pac file is working and PhishTank will have a copy for you.