Malware Related > Malicious Domains

New files for Zeus servers

<< < (3/65) > >>

jackberri:

--- Code: ---hxxp://94.75.228.245
--- End code ---
[hosted-by.leaseweb.com]
AS16265

zeus trojan:

--- Code: ---hxxp://94.75.228.245/l2/1.php
--- End code ---
==> us12.exe 2e3a89eef66c632778365ef08b79a9ed
http://www.virustotal.com/analisis/6d53c57069a7e307b97bcc8fbaf5b1dc98e1b9222b1492157f1859e3449a5413-1265817198


--- Code: ---hxxp://94.75.228.245/l2/stat.php
--- End code ---
redirects to
--- Code: ---hxxp://www.panel911.com/traffic/in.cgi?google3
--- End code ---

config url:

--- Code: ---hxxp://94.75.228.245/us4/base
--- End code ---
md5sum ===> 59c74d0e15c2c9d9b03ee4340f719922

trojan

--- Code: ---hxxp://94.75.228.245/l2/2.php
--- End code ---
==> x.exe 8b4bd8d9cec03e627865f6a03b495634
http://www.virustotal.com/analisis/94d02bfdab79f1d852b49eb8acd0fb4099d03010e1e9403c396ece8da2234dd6-1265817006

jackberri:

--- Quote from: jackberri on February 10, 2010, 04:05:14 pm ---
trojan

--- Code: ---hxxp://94.75.228.245/l2/2.php
--- End code ---
==> x.exe 8b4bd8d9cec03e627865f6a03b495634
http://www.virustotal.com/analisis/94d02bfdab79f1d852b49eb8acd0fb4099d03010e1e9403c396ece8da2234dd6-1265817006

--- End quote ---

[...]
Open file: fWezuS.GPE
                       ^ ^^^

jackberri:

--- Code: ---hxxp://115.100.250.119/us/proview.exe
--- End code ---
md5sum ===> 6e1db6cf6832f592adf0be5fd065060d
http://www.virustotal.com/analisis/32e2fab7e52e1f8f1a829a9196fee50b2fe61a93a67f98ba69147ffecb4050e1-1266177710

--- Code: ---hxxp://115.100.250.119/us/pv.xls
--- End code ---
md5sum ===> 59dec669a761eb0fc8ace722757c7e63

--- Code: ---hxxp://115.100.250.119/7tImbTH8HY.php
--- End code ---

jackberri:

--- Code: ---hxxp://115.100.250.81/uk/price.xls
--- End code ---

md5sum ===> 89be72d5ec6063d2cc760720af17085b

jackberri:
zeus trojans (and other related malmare):


--- Code: ---hxxp://bhostonline.com/loaderadv562.exe
--- End code ---
md5sum ===> afe0c42bd76163762ac798938046743a

for:

--- Code: ---hxxp://96.9.183.149/app21.bin
hxxp://174.36.237.84/app21s.bin    incoming?
--- End code ---




--- Code: ---hxxp://bhostonline.com/loaderadv563.exe
--- End code ---
md5sum ===> 5b12cf0e2439517af6af8c8ba6b0f7b4

for

--- Code: ---hxxp://174.36.237.84/app21s.bin
--- End code ---

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version