Malware Related > Malicious Domains

daily something......

<< < (2/259) > >>

sowhat-x:

--- Quote ---hxxp://xpsecuritycenter.com/XPSecurityCenter/latest/Installer.exe
hxxp://scan.antispyware-free-scanner.com
hxxp://files.as-pro-xp-download.com/load/setup_1_2_.exe
hxxp://virusremover2008.com/VRM_Free.exe?a=site&l=pay
hxxp://download.virusremover2008.com/VRM_Free.exe
hxxp://www.av-xp2008.com
hxxp://stat.av-xp2008.com/download/16/AntivirusXP2008Installer.exe
--- End quote ---

And what a surprize,lol...more crap hosted in the same ip obviously...

--- Quote ---hxxp://antivirusxp-2008.net (EstDomains)
hxxp://stat.antivirusxp-2008.net/download/16/AntivirusXP2008Installer.exe (EstDomains)
--- End quote ---

lanvin:

--- Code: ---http://user9.78-10.net/list/sk01.exe
http://user9.78-10.net/list/sk02.exe
http://user9.78-10.net/list/sk03.exe
http://user9.78-10.net/list/sk04.exe
http://user9.78-10.net/list/sk05.exe
http://user9.78-10.net/list/sk06.exe
http://user9.78-10.net/list/sk07.exe
http://user9.78-10.net/list/sk08.exe
http://user9.78-10.net/list/sk09.exe
http://user9.78-10.net/list/sk10.exe
http://user9.78-10.net/list/sk11.exe
http://user9.78-10.net/list/sk12.exe
http://user9.78-10.net/list/sk13.exe
http://user9.78-10.net/list/sk14.exe
http://user9.78-10.net/list/sk15.exe
http://user9.78-10.net/list/sk16.exe
http://user9.78-10.net/list/sk17.exe
http://user9.78-10.net/list/sk18.exe
http://user9.78-10.net/list/sk19.exe
http://user9.78-10.net/list/sk20.exe
http://user9.78-10.net/list/sk21.exe
http://user9.78-10.net/list/sk22.exe
http://user9.78-10.net/list/sk23.exe
http://user9.78-10.net/list/sk24.exe
http://user9.78-10.net/list/sk25.exe
http://user9.78-10.net/list/sk26.exe
http://user9.78-10.net/list/sk27.exe
http://user9.78-10.net/list/sk28.exe
http://user9.78-10.net/list/sk29.exe
http://user9.78-10.net/list/sk30.exe
--- End code ---

SysAdMini:
Read this blog article
http://s3cwatch.wordpress.com/2008/09/11/wwwok2bstr8comindex_13html/

There  is a lot more of such crap.

http://www.google.com/search?q=%22ActiveX+Object+to+play+this+video+file%22+%22HARDCORE+VIDEO+ONLINE%22&site=intl&filter=0

Example from google links :


--- Code: ---www.hot9.ru/index.php?p_id=138

--- End code ---

links to


--- Code: ---http://softload2009q.com/download/502/1410/0/
--- End code ---

downloads MediaTubeCodec_ver1.1410.0.exe.

VT Result:

http://www.virustotal.com/de/analisis/e040a14bb3b30e35eaf59a141d5e37b6

lanvin:

--- Code: ---http://www.host1550.com/modulos/gera.jpg
http://loaddds.com/file.exe
http://security-prof.com/2009/download/trial/AV2009Install_77024207.exe
http://m.c5x8.com/mm.exe
--- End code ---

sowhat-x:

--- Quote ---hxxp://www.skigiesing.de/bilder/kashir.exe
hxxp://fotolog.host.sk/foto.php?=
hxxp://on1000000.cn/Get7IT.php
hxxp://ferrychi445677.com/Get7ITU.php -> -> EstDomains
hxxp://bmwx6foreva.ru/loads/engine3.bin
hxxp://my-socks.info/lll.exe -> EstDomains
hxxp://de-my-page.info/img/scan_trCRY.exe -> EstDomains
hxxp://79.132.211.50/alex/1.exe
hxxp://58.65.235.41/ndl/index.php -> control panel,pretty lame ;-)
hxxp://58.65.235.41/ndl/controller.php?action=bot&entity_list=&rnd=982142
hxxp://monsterlink.org/spl/exe.php
hxxp://www.0xfffffffff.net/spl/index.php
hxxp://165.194.30.123/qwerty/traf.php
hxxp://rivatos.net/tds/in.cgi?default -> EstDomains
hxxp://rivatos.net/in.cgi?idb1
hxxp://rivatos.net/tds/in.cgi?3
hxxp://rivatos.net/tds/in.cgi?2
hxxp://myfrooogle.cn/z/index.php
hxxp://onlinececk.com/ -> pdf exploits also in the past there as well / EstDomains
hxxp://www.anti-virus-xp.net/sysscan/132a071e5d1437b80c401c6982d513a0/1/
hxxp://www.anti-virus-xp.net/check/132a071e5d1437b80c401c6982d513a0_16
hxxp://www.anti-virus-xp.net/tools/virusremover.dll
hxxp://guidetosuccess.name/images/index.php -> EstDomains
hxxp://guidetosuccess.name/images/ff.jar
hxxp://guidetosuccess.name/images/ff2.jar
hxxp://guidetosuccess.name/images/lv.jar
hxxp://guidetosuccess.name/images/ff4.jar
hxxp://guidetosuccess.name/images/ff3.jar
hxxp://guidetosuccess.name/images/ff5.jar
hxxp://guidetosuccess.name/images/ff7.jar
hxxp://guidetosuccess.name/images/ff12.jar
hxxp://guidetosuccess.name/images/ff6.jar
hxxp://guidetosuccess.name/images/ff8.jar
hxxp://guidetosuccess.name/images/ff9.jar
hxxp://guidetosuccess.name/images/ff13.jar
hxxp://guidetosuccess.name/images/ff14.jar
hxxp://guidetosuccess.name/images/ff10.jar
hxxp://guidetosuccess.name/images/ff15.jar
hxxp://guidetosuccess.name/images/ff11.jar
hxxp://guidetosuccess.name/images/loade.php
--- End quote ---

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version