Malware Related > Malicious Domains

New files for Zeus servers

<< < (64/65) > >>

jackberri:

--- Code: ---IP Location: Russian Federation  - ANDERS-AS
IP 87.251.154.13
[t41.e61.su]
AS39792
Name Server: DNS01.GPN.REGISTER.COM | DNS02.GPN.REGISTER.COM | DNS03.GPN.REGISTER.COM | DNS04.GPN.REGISTER.COM | DNS05.GPN.REGISTER.COM
Registrant/Email Registrant: alva gregory /livemeee@gmail.com
hxxp://torscandpower.com/salvador1conf/settings.bin             md5sum ===> 6c8b645a1ef7440f7d0de508e2431e71
hxxp://torscandpower.com/memo1conf/settings.bin                 md5sum ===> 70fe2b44f369e736db3636f3358d9ca8
hxxp://torscandpower.com/salvador1conf/redir.php
hxxp://torscandpower.com/memo1conf/redir.php
hxxp://torscandpower.com/salvador1conf/config.php
hxxp://torscandpower.com/memo1conf/config.php
--- End code ---

jackberri:
New md5sum


--- Code: ---hxxp://softmarket-drom.ru/adminochka/serv/forum/incom/winxpsp_ver209221.msi           md5sum ===> a487d677e9a24bdbcd0a392695593060
hxxp://softmarket-drom.ru/adminochka/serv/forum/incom/winxpsp_ver209221.exe           md5sum ===> a63a197f3b3e3133a3405fdf48f49851
--- End code ---
http://www.virustotal.com/file-scan/report.html?id=cadba6d9f9375a5cfe939497b70f760c96254a10e661a858f0eb5889635fa85c-1320862350
VT 14/42 (33.3%)

jackberri:

--- Code: ---hxxp://softmarkets.ru/adminochka/adm2/forum/incom/winxpsp_KB2313165.msi         md5sum ===> a0c1b56d13218b77d53ef89b80f2dd6c
hxxp://softmarkets.ru/adminochka/adm2/forum/incom/winxpsp_KB2313165.exe         md5sum ===> bfa4f706bff49e6c3c04e714106bcdb0
hxxp://softmarkets.ru/adminochka/adm2/message.php
--- End code ---
http://www.virustotal.com/file-scan/report.html?id=1c3048ce4f9b1030fdfd3a1a5d9bae4c96164bc5cf38dbe497689b9aaa74e416-1321372357
VT 19/41 (46.3%)



--- Code: ---hxxp://87.251.154.13/spring1conf/redir.php
--- End code ---

jackberri:
IP Location: Ukraine - Infium Ltd
[ip-188-190-98-111.hosted-in.infiumhost.com]
IP 188.190.98.111
AS197145
Name Server: NS73.DOMAINCONTROL.COM | NS74.DOMAINCONTROL.COM
Registrant/Email Registrant: Mark Levi/yeseniaeri8889@yahoo.com
Registrant/Email Registrant: Iren Lostwin/quyyyaziz@yahoo.com

--- Code: ---hxxp://kdjs982fjkdsfk.info/1515/a/ex         md5sum ===> cb1cd659e77d3b21b26cca0b12056922
hxxp://askds98ifdsfsd.info/1515/a/ex         md5sum ===> cb1cd659e77d3b21b26cca0b12056922
hxxp://188.190.98.111/1515/a/ex              md5sum ===> cb1cd659e77d3b21b26cca0b12056922
hxxp://188.190.98.112/1515/a/ex              md5sum ===> cb1cd659e77d3b21b26cca0b12056922
hxxp://kdjs982fjkdsfk.info/1515/a/rock.php
hxxp://askds98ifdsfsd.info/1515/a/rock.php
hxxp://188.190.98.111/1515/a/rock.php
hxxp://188.190.98.112/1515/a/rock.php
--- End code ---
http://www.virustotal.com/file-scan/report.html?id=5154fad05fd65221d61106f205ada7ce985443506b945fb42d899344420eb1af-1321628218
VT 21/41 (51.2%)

--- Code: ---hxxp://188.190.98.112/index.php
--- End code ---

jackberri:

--- Code: ---hxxp://adslayer.net/basket/cart.php
--- End code ---

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version