Malware Domain List

Malware Related => Malicious Domains => Topic started by: SysAdMini on February 27, 2009, 08:54:39 pm

Title: Bank of America video malware
Post by: SysAdMini on February 27, 2009, 08:54:39 pm
You have probably seen this article about the Gozi trojan at a fake Bank of America site

http://garwarner.blogspot.com/2009/02/another-password-stealer-hides-as-bank.html

This is the site url

Code: [Select]
hxxp://sitekey.bankofamerica.reload.signonscreen-bhe9i94o8.content.viewvideopatch.com/control.htm?/emberUIWeb/LOGIN=tipc8oud4wsscu1
which starts a download of

Code: [Select]
hxxp://sitekey.bankofamerica.reload.signonscreen-bhe9i94o8.content.viewvideopatch.com/BofAsetup.exe

This is the VT result

http://www.virustotal.com/analisis/dbbb666c43a660855db135304b964287