« previous next »
Pages: 1 ... 17 18 [19]   Go Down

Author Topic: Trojan Ransom  (Read 420477 times)

0 Members and 1 Guest are viewing this topic.

February 11, 2013, 01:06:22 pm
Reply #270

EP_X0FF

  • Guest
Re: Trojan Ransom
hxxp://capitfoska.ru/

payload located at hxxp://mudoman.ru/codfullhdxavi.exe

use
Code: [Select]
http://capitfoska.ru as referer to access download.

Code: [Select]
GET /codfullhdxavi.exe HTTP/1.1
Host: mudoman.ru
Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.57 Safari/537.17
Referer: http://capitfoska.ru/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: windows-1251,utf-8;q=0.7,*;q=0.3

HTTP/1.1 200 OK
Server: nginx/1.2.6
Date: Mon, 11 Feb 2013 13:03:18 GMT
Content-Type: application/x-msdos-program
Content-Length: 1742695
Connection: keep-alive
Last-Modified: Mon, 11 Feb 2013 07:10:04 GMT
ETag: "38c0fe3-1a9767-4d56d991feb00"
Accept-Ranges: bytes
Logged
April 30, 2013, 12:10:50 pm
Reply #271

EP_X0FF

  • Guest
Re: Trojan Ransom
Code: [Select]
hxxp://df.pizdafyqib.ru/administrator/weather.php?browse=151
Sweet Orange EK, payload trojan ransom.

http://wepawet.iseclab.org/view.php?hash=81bf0f995a58bb166945671fc638681a&t=1367323769&type=js
Logged
May 02, 2013, 05:51:32 pm
Reply #272

EP_X0FF

  • Guest
Re: Trojan Ransom
Sweet Orange EK, serving trojan ransom as payload.
Quote
hxxp://wsd.nuwazy.ru/sites/oplata/codestariff/themes.php?strategy=154

http://wepawet.iseclab.org/view.php?hash=ac261ed869a63d3224d021f64ce04757&t=1367516936&type=js
Logged
May 03, 2013, 05:52:05 pm
Reply #273

EP_X0FF

  • Guest
Re: Trojan Ransom
Sweet Orange EK, payload trojan ransom.
Code: [Select]
hxxp://za.omovigminet.ru/bugs/books/partner/themes.php?strategy=156
http://wepawet.iseclab.org/view.php?hash=59e133adcb8a8d34197cbc4f789e5549&t=1367603453&type=js
Logged
April 04, 2016, 12:39:03 pm
Reply #274

Gnomo

  • Newbie
  • Offline
  • *
  • 1
Re: Trojan Ransom
www.moorelegacygroup.com/ZNru8f.exe

Ransom Locky loaded by email malware.

Site owner has  been contacted on 3/29/16 no answer yet, link is active.

Regards
Logged
August 26, 2016, 07:07:49 am
Reply #275

Joukahainen

  • Newbie
  • Offline
  • *
  • 2
Re: Trojan Ransom
Locky distribution site.

hxxp://www.halloweenparty.go.ro/4GBrdf6 Ransomware

Ditributed by email (word macro downloader)
Logged
August 26, 2016, 01:27:36 pm
Reply #276

dlipman

  • Special Access
  • Full Member
  • Offline
  • *
  • 61
Re: Trojan Ransom
Logged
August 27, 2016, 07:54:06 pm
Reply #277

Joukahainen

  • Newbie
  • Offline
  • *
  • 2
Re: Trojan Ransom
Another mail based ransomware distribution.

http://www.saumi.jazztel.es/jkGYYU03gd Ransomware
Logged
Pages: 1 ... 17 18 [19]   Go Up
« previous next »