Malware Related > Malicious Domains
New Zeus server
jackberri:
IP Location: China - China-Network-Communications-Group
IP 60.19.30.135
AS4837
Name Server: ns1.stosports.com | ns2.stosports.com
--- Code: ---hxxp://witlion.ru/inbox876.php
--- End code ---
IP Location: United States - ASRELINK
IP 31.41.45.42
AS56577
Name Server: NS-CANADA.TOPDNS.COM | NS-UK.TOPDNS.COM | NS-USA.TOPDNS.COM
Registrant/Email Registrant: Private Whois Service/m69swo74ec7928bb20c0@oqjij874d9300d54bd95.privatewhois.net
--- Code: ---hxxp://berlinonlinestar.net/date/time.php
--- End code ---
jackberri:
IP Location: Korea - KT-NET
IP 61.74.61.46
AS4766
Name Server: ns2.dns.com.cn | ns1.dns.com.cn
Registrant/Email Registrant: liu wei/liuwei1000@gmail.com
--- Code: ---hxxp://abc.googlezuju.com/logo.jpg md5sum ===> 3caa0d4c0f893e68570083c757930647
--- End code ---
jackberri:
IP Location: United States - ONEANDONE-AS
IP 50.21.181.124
[s15447727.onlinehome-server.com]
AS8560
Name Server: NS51.1AND1.COM | NS52.1AND1.COM
Registrant/Email Registrant: Jan Lambert/j.lamber@aol.com
--- Code: ---hxxp://trustbilling.net/config.php
--- End code ---
IP Location: Germany - HETZNER-AS
IP 178.63.38.187
[static.187.38.63.178.clients.your-server.de]
AS24940
Name Server: ns1.dns-diy.net | ns2.dns-diy.net
Registrant/Email Registrant: Sasha Matveeva/admin@howareudoing56.com
--- Code: ---hxxp://howareudoing56.com/c.bin md5sum ===> 528ecc8c827be62545406442f31d2f1f
hxxp://howareudoing56.com/in.php
--- End code ---
IP Location: Russian Federation - ANDERS-AS
IP 87.251.154.44
[t42.e61.su]
AS39792
Name Server: dns01.gpn.register.com | dns02.gpn.register.com | dns03.gpn.register.com | dns04.gpn.register.com | dns05.gpn.register.com
Registrant/Email Registrant: ENZO DE FEO/enzodefeo61@yahoo.com
--- Code: ---hxxp://lobsterliveverromez.com/rome2ceasar/redir.php
--- End code ---
jackberri:
IP Location: United States - NTTC-GIN-AS
IP 209.238.142.176
AS2914
Name Server: NS55.WORLDNIC.COM | NS56.WORLDNIC.COM
Registrant/Email Registrant: Max Coupling and Hose Corp./rr2gm2et62b@networksolutionsprivateregistration.com
--- Code: ---hxxp://maxcoupling.com/wp-content/plugins/js/inv.exe md5sum ===> aaae17c8fe31009163825e76355ac9d9
--- End code ---
http://www.virustotal.com/file-scan/report.html?id=69cb6bc8fc8fce89cf4311f2609fd64f31f473fb10f7295df0cec014b974184d-1322241181
VT 24/43 (55.8%)
related:
IP Location: Russian Federation - Anders Telecom Ltd
AS39792
--- Code: ---hxxp://87.251.154.158/phpbb/logo.jpg md5sum ===> 8518871d2ac3a64e0a8734f2eaf2e469
hxxp://87.251.154.158/phpbb/login.php
--- End code ---
jackberri:
IP Location: Australia - Connect Infobahn Australia
IP 116.0.23.220
[morrigan.instanthosting.com.au]
AS9280
Name Server: ns1.webcity.com.au | ns2.webcity.com.au | ns3.webcity.com.au
Registrant/Email Registrant: Russell Dwyer/russelld@trafficsafety.com.au
--- Code: ---hxxp://barriersales.com.au/i28.png md5sum ===> 31a7d5124c289701c30a42a2d335674a
--- End code ---
IP Location: China - China-Network-Communications-Group
IP 60.19.30.135
AS4837
Name Server: ns1.grapecomputers.com. | ns2.grapecomputers.com.
--- Code: ---hxxp://cakerecipes.ru/xx.bin md5sum ===> c32aac1354c078004c82026a29c647ed
--- End code ---
IP Location: Romania - ATOM-HOSTING
AS13209
--- Code: ---hxxp://91.217.82.156/config.bin md5sum ===> e2582b56f697fe49343b8e52d3799b5c
hxxp://91.217.82.156/bot.exe md5sum ===> 85a1551e6a6dec3b5e707c3de40678b6
hxxp://91.217.82.156/gate.php
--- End code ---
http://www.virustotal.com/file-scan/report.html?id=6f03fd3252573589d70ab701aa39bf27d2e2dfe8cedac200e529360c69c3641a-1322336134
VT 37/43 (86.0%)
IP Location: United States - HURRICANE Electric
IP 64.62.236.148
[intel-proto46.fox-den.com]
AS6939
Name Server: ns1.acbmemphis.net | ns1.cuba-maxtel.com
Registrant/Email Registrant: PrivacyProtect.org/contact@privacyprotect.org
--- Code: ---hxxp://audiocdfz.com/document.doc md5sum ===> 2ba30771c6571a938677ec039da4fe29
--- End code ---
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version