Malware Related > Eurohost LLC

91.212.65.148

(1/1)

SysAdMini:
pdf exploit

--- Code: ---wollance.com/image/pfgt.php
--- End code ---
http://wepawet.cs.ucsb.edu/view.php?hash=1bddf10d6f2d7ea6af9d15d897312f34&type=js

downloads fake AV

--- Code: ---wollance.com/image/qaze.php
--- End code ---
http://www.virustotal.com/analisis/929c06c8b1bc2b355a09a6198bd4ab6e 7/39

CkreM:
Exploit/trojan:

--- Code: ---http://nuotoll.com/image/pfgt.php
--- End code ---
wepawet gives error on this one but the PDF analyze work:
http://wepawet.iseclab.org/view.php?hash=7263485859f869eac110cf4178deea3c&type=js
leads to

--- Code: ---http://nuotoll.com/image/qaze.php
--- End code ---
which downloads in the end

--- Code: ---http://nuotoll.com/image/install.exe
--- End code ---
http://www.virustotal.com/analisis/12e04038d5392ff73ff8be1c78bba444f85ea3d2ec07ea3497629e93c8102d9e-1243327556

should start on
--- Code: ---nuotoll.com/image/
--- End code ---

Navigation

[0] Message Index