Malware Domain List

Malware Related => Malicious Domains => Topic started by: jackberri on February 22, 2011, 01:42:27 pm

Title: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on February 22, 2011, 01:42:27 pm
Code: [Select]
http://madereiraxopoto.sites.uol.com.br/upa.jpg                    md5sum ===> 09af2ddeac6aaac82b0e49a9f42c1cedhttp://www.virustotal.com/file-scan/report.html?id=5018b72c9b04d9f72f1c485c48cd5294c15815958c382b6e06f8637b79e492c1-1298381740 (http://www.virustotal.com/file-scan/report.html?id=5018b72c9b04d9f72f1c485c48cd5294c15815958c382b6e06f8637b79e492c1-1298381740)
VT 12/40 (30.0%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on February 23, 2011, 07:53:24 pm
Code: [Select]
http://mcmpessa.sites.uol.com.br/loader.html                    md5sum ===> 14bd659a386fd32e6f375109396b01a3http://www.virustotal.com/file-scan/report.html?id=3ce0fb6b8cff0e5aff2eba1ec8fbfbe6e7da1acbf2919c528f6aea44594a4626-1298454983 (http://www.virustotal.com/file-scan/report.html?id=3ce0fb6b8cff0e5aff2eba1ec8fbfbe6e7da1acbf2919c528f6aea44594a4626-1298454983)
VT 31/43 (72.1%)
Code: [Select]
http://mcmpessa.sites.uol.com.br/modulo.html                    md5sum ===> d1fee280234345f574e82d23f28c9de6http://www.virustotal.com/file-scan/report.html?id=30e420b4b4405e8c68e1b6fd40f403c0ce8a42df2ec6382469fe76bb54593892-1298466336 (http://www.virustotal.com/file-scan/report.html?id=30e420b4b4405e8c68e1b6fd40f403c0ce8a42df2ec6382469fe76bb54593892-1298466336)
VT 20/43 (46.5%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on February 23, 2011, 08:53:03 pm
Code: [Select]
http://madereiraxopoto.sites.uol.com.br/upa.jpg                    md5sum ===> 09af2ddeac6aaac82b0e49a9f42c1ced

Code: [Select]
http://http://madereiraxopoto.sites.uol.com.br/upa.jpg                    md5sum ===> ee086621be393038d2e7b2303119bc73http://www.virustotal.com/file-scan/report.html?id=defe7b06380486e1d366139776915b17229d59ae86fd1ed71a6fb1d8136cd738-1298494037 (http://www.virustotal.com/file-scan/report.html?id=defe7b06380486e1d366139776915b17229d59ae86fd1ed71a6fb1d8136cd738-1298494037)
VT 13/43 (30.2%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on February 27, 2011, 03:17:28 pm
Code: [Select]
http://transtel.sites.uol.com.br/iesplore.htm        md5sum ===> 129ddf46346d3306cbc0ea3cd3a7f542http://www.virustotal.com/file-scan/report.html?id=6bc3fb0cf365b894c6ba012dbe97341e49d7fd9215d81ebbfcf5a6162cd65623-1298819357 (http://www.virustotal.com/file-scan/report.html?id=6bc3fb0cf365b894c6ba012dbe97341e49d7fd9215d81ebbfcf5a6162cd65623-1298819357)
VT 10/41 (24.4%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on February 28, 2011, 09:44:58 pm
Code: [Select]
http://araujofernao.sites.uol.com.br/modulo.html                    md5sum ===> 88ab348828f1934d5023a838c8183165http://www.virustotal.com/file-scan/report.html?id=8b69685066e17186c656039d303d2cad860256247439b462ca87d1ee0be869d3-1298929016 (http://www.virustotal.com/file-scan/report.html?id=8b69685066e17186c656039d303d2cad860256247439b462ca87d1ee0be869d3-1298929016)
VT 15/43 (34.9%)
Code: [Select]
http://araujofernao.sites.uol.com.br/puxador.html                   md5sum ===> b60b9ee9f145ff8acdf2fead110c88f9http://www.virustotal.com/file-scan/report.html?id=89523e3afef3a79e43d96b69791c4049f9fbc90577c6c140cc2ca1049d96c6ed-1298928742 (http://www.virustotal.com/file-scan/report.html?id=89523e3afef3a79e43d96b69791c4049f9fbc90577c6c140cc2ca1049d96c6ed-1298928742)
VT 29/43 (67.4%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on March 01, 2011, 11:27:38 am
Code: [Select]
http://doiop.com/i90k7m                                  md5sum ===> 71706bd22f1408d1c895c522e9c889a5
http://transtel.sites.uol.com.br/iesplore.htm            md5sum ===> 71706bd22f1408d1c895c522e9c889a5
http://www.virustotal.com/file-scan/report.html?id=db0224c57fd1f656c8349f334ce83acf965d9d97c1b6cf0dd03b43d7f297034b-1298977506 (http://www.virustotal.com/file-scan/report.html?id=db0224c57fd1f656c8349f334ce83acf965d9d97c1b6cf0dd03b43d7f297034b-1298977506)
VT 14/43 (32.6%)

Code: [Select]
http://fontesbueno.sites.uol.com.br/moduloa.swf          md5sum ===> 5527c6b3033bb5189a5f474f156cacc9http://www.virustotal.com/file-scan/report.html?id=3e77caaa7ec9546ad793c3cbeb94af286e097f413e4837c51f48978a89472174-1298978119 (http://www.virustotal.com/file-scan/report.html?id=3e77caaa7ec9546ad793c3cbeb94af286e097f413e4837c51f48978a89472174-1298978119)
VT 26/43 (60.5%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on March 05, 2011, 01:22:55 pm
Code: [Select]
http://asassis.sites.uol.com.br/moduloa.jpg                    md5sum ===> 3008a30f7dee38e139957b21a84d027chttp://www.virustotal.com/file-scan/report.html?id=8eb9126c73ceb45dfa787bafafe4b4b6d9a48e416e15dfcae5f710a56b854ede-1299331029 (http://www.virustotal.com/file-scan/report.html?id=8eb9126c73ceb45dfa787bafafe4b4b6d9a48e416e15dfcae5f710a56b854ede-1299331029)
VT 20/43 (46.5%)

Code: [Select]
http://mcmpessa.sites.uol.com.br/loader.html                    md5sum ===> 4b3f6c198c6899b7328994146fde0f03http://www.virustotal.com/file-scan/report.html?id=2c572d9608f445f21c5910e3652fb753978301b89cab786460bc89cc6bcf9ffa-1299330917 (http://www.virustotal.com/file-scan/report.html?id=2c572d9608f445f21c5910e3652fb753978301b89cab786460bc89cc6bcf9ffa-1299330917)
VT 13/43 (30.2%)
Code: [Select]
http://mcmpessa.sites.uol.com.br/modulo.html                    md5sum ===> e70c4fd2dac645a8072dfadbd51e626fhttp://www.virustotal.com/file-scan/report.html?id=010d9146b7502aea8aa783dfaf4f02911fdf4ea1667df8a0bfcc21511c739b1b-1299330962 (http://www.virustotal.com/file-scan/report.html?id=010d9146b7502aea8aa783dfaf4f02911fdf4ea1667df8a0bfcc21511c739b1b-1299330962)
VT 17/42 (40.5%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on March 07, 2011, 11:09:58 am
Code: [Select]
http://cmbpupin.sites.uol.com.br/upa.jpg                    md5sum ===> ef46856bd377664a97b00fd6a0edda3chttp://www.virustotal.com/file-scan/report.html?id=54a42956a3909fac6336060cf05a495a717aa509aacac69bda73f63f29197cba-1299494296 (http://www.virustotal.com/file-scan/report.html?id=54a42956a3909fac6336060cf05a495a717aa509aacac69bda73f63f29197cba-1299494296)
VT 22/43 (51.2%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on March 12, 2011, 08:19:00 pm
Code: [Select]
http://asassis.sites.uol.com.br/moduloa.jpg         md5sum ===> 6bd1c9e191b22be295d131976b6585bfhttp://www.virustotal.com/file-scan/report.html?id=f66fcbd8e1e634a071a4a2d18034e306c7c42d738a345e1681583e48aed82037-1299960888 (http://www.virustotal.com/file-scan/report.html?id=f66fcbd8e1e634a071a4a2d18034e306c7c42d738a345e1681583e48aed82037-1299960888)
VT 25/42 (59.5%)

Code: [Select]
http://mcmpessa.sites.uol.com.br/loader.html         md5sum ===> 21e65d4d71d871bdf27442beb957ad1fhttp://www.virustotal.com/file-scan/report.html?id=e9c1f582501aab6307d3dc8da40a4c256070ecb839057aaa2c99d35b16a51237-1299960967 (http://www.virustotal.com/file-scan/report.html?id=e9c1f582501aab6307d3dc8da40a4c256070ecb839057aaa2c99d35b16a51237-1299960967)
VT 24/43 (55.8%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on March 22, 2011, 07:38:53 pm
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Registrant/Email Registrant: Contato Administrativo - UOL/l-registrobr-uol@corp.uol.com.br
Code: [Select]
http://mcmpessa.sites.uol.com.br/loader.html         md5sum ===> 57685fcac8a1e02b9aa81fe8531bcac3http://www.virustotal.com/file-scan/report.html?id=79881d0b9fd9a07ae7a2a29722353f172371e25422feec552ec02237e4ad081b-1300822322 (http://www.virustotal.com/file-scan/report.html?id=79881d0b9fd9a07ae7a2a29722353f172371e25422feec552ec02237e4ad081b-1300822322)
VT 22/41 (53.7%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on March 26, 2011, 08:16:12 am
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Registrant/Email Registrant: Contato Administrativo - UOL/l-registrobr-uol@corp.uol.com.br
Code: [Select]
http://meggadistribuidora.sites.uol.com.br/lindas.htm         md5sum ===> 517ba6064320754cdcb8dfbf4a634da4http://www.virustotal.com/file-scan/report.html?id=080202ba233392e9c2b74593dd43c89025062d2b4dc5f73c28824d4bb7c696bb-1301126878 (http://www.virustotal.com/file-scan/report.html?id=080202ba233392e9c2b74593dd43c89025062d2b4dc5f73c28824d4bb7c696bb-1301126878)
VT 17/41 (41.5%)
Code: [Select]
http://meggadistribuidora.sites.uol.com.br/meninas.htm        md5sum ===> 3c00107360b9b3fe8832ca0f7faa6bedhttp://www.virustotal.com/file-scan/report.html?id=2a643ce296ad24bb11a9a533047d094828178aba5e08623d310db7d8d7a0067e-1301127204 (http://www.virustotal.com/file-scan/report.html?id=2a643ce296ad24bb11a9a533047d094828178aba5e08623d310db7d8d7a0067e-1301127204)
VT 10/43 (23.3%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on March 26, 2011, 05:38:05 pm
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Registrant/Email Registrant: Contato Administrativo - UOL/l-registrobr-uol@corp.uol.com.br
Code: [Select]
http://mcmpessa.sites.uol.com.br/modulo.html         md5sum ===> a2abfc9257c3c6a3f9b6ba98bfd5e669http://www.virustotal.com/file-scan/report.html?id=f11c2819dc58d78018f66bee89f5292306ff0774a24d2f7e28dce2e0df8ef1d4-1301160572 (http://www.virustotal.com/file-scan/report.html?id=f11c2819dc58d78018f66bee89f5292306ff0774a24d2f7e28dce2e0df8ef1d4-1301160572)
VT 15/41 (36.6%)
Code: [Select]
http://mcmpessa.sites.uol.com.br/loader.html         md5sum ===> 26cdb46b5d73a97233f3f3b4581e136fhttp://www.virustotal.com/file-scan/report.html?id=a3024245fdd6ee0d7e34946ce410f88ac5d689d12ba11b0ce34faaf83b3837b4-1301160926 (http://www.virustotal.com/file-scan/report.html?id=a3024245fdd6ee0d7e34946ce410f88ac5d689d12ba11b0ce34faaf83b3837b4-1301160926)
VT 24/43 (55.8%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on March 29, 2011, 07:48:33 am
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Code: [Select]
http://mcmpessa.sites.uol.com.br/modulo.html         md5sum ===> 261673acc4891543ea2db7f6725990echttp://www.virustotal.com/file-scan/report.html?id=985c79d5dd9f59ebbe48ee2c9c52c43cb776bf916d2ad820fc84e2b51335ad58-1301168912 (http://www.virustotal.com/file-scan/report.html?id=985c79d5dd9f59ebbe48ee2c9c52c43cb776bf916d2ad820fc84e2b51335ad58-1301168912)
VT 7/43 (16.3%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on March 29, 2011, 11:42:52 am
Code: [Select]
http://rbmatt.sites.uol.com.br/ger.jpg         md5sum ===> 33e894dd709c9fd66944449373944e7fhttp://www.virustotal.com/file-scan/report.html?id=55e8383b32153930d7d19cacfbad78befadcf0913646df454eb17c52c4b5850a-1301398447 (http://www.virustotal.com/file-scan/report.html?id=55e8383b32153930d7d19cacfbad78befadcf0913646df454eb17c52c4b5850a-1301398447)
VT 8/42 (19.0%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on March 31, 2011, 06:54:57 pm
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Code: [Select]
http://lucasnaif.sites.uol.com.br/upa.jpg         md5sum ===> 799740731532d185e066adfc974c7239http://www.virustotal.com/file-scan/report.html?id=8cbf62bcb4af4bb1d5d3f9cbd282b5f982f69d30da4dda73e51f4b8d921e6143-1301589008 (http://www.virustotal.com/file-scan/report.html?id=8cbf62bcb4af4bb1d5d3f9cbd282b5f982f69d30da4dda73e51f4b8d921e6143-1301589008)
VT 10/41 (24.4%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on April 02, 2011, 04:12:28 pm
Code: [Select]
http://artemisaalves.sites.uol.com.br/mod1.png         md5sum ===> b87662413be64b66b2943d9cb86e780ahttp://www.virustotal.com/file-scan/report.html?id=149f4cbc015d6e955a70182ea94f727ce17f9be01a2f28e4b61174a455f91b4b-1301760468 (http://www.virustotal.com/file-scan/report.html?id=149f4cbc015d6e955a70182ea94f727ce17f9be01a2f28e4b61174a455f91b4b-1301760468)
VT 27/42 (64.3%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on May 05, 2011, 10:46:34 am
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.17
[200-147-33-17.static.uol.com.br]
AS7162
Code: [Select]
http://araujofernao.sites.uol.com.br/News.jpg         md5sum ===> 34a4e687425362e2913ec31d484f23b5http://www.virustotal.com/file-scan/report.html?id=3cbc860d9e8bb74e01394d5825a14bd8a706dd4bdb00baba72e0ba8c9121ed2c-1304592151 (http://www.virustotal.com/file-scan/report.html?id=3cbc860d9e8bb74e01394d5825a14bd8a706dd4bdb00baba72e0ba8c9121ed2c-1304592151)
VT 27/42 (64.3%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on May 06, 2011, 03:52:32 pm
Code: [Select]
http://araujofernao.sites.uol.com.br/News.jpg         md5sum ===> 5a67b5ad6a757251ed5d3ba1a344c3f2https://www.virustotal.com/file-scan/report.html?id=8e9087433fb56470690f46936a806c2e66bd088e171866d54a3aa56da554a2bd-1304696563 (https://www.virustotal.com/file-scan/report.html?id=8e9087433fb56470690f46936a806c2e66bd088e171866d54a3aa56da554a2bd-1304696563)
VT 20/42 (47.6%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on May 08, 2011, 02:07:40 pm
Code: [Select]
http://araujofernao.sites.uol.com.br/News.jpg         md5sum ===> 054f5f93379c0eb8abd1c7fb62b474ddhttp://www.virustotal.com/file-scan/report.html?id=0f34f6ef059713df4cd3e4da58fbf737ba1dfd38abcf04288ee3e1fc4aa81607-1304863481 (http://www.virustotal.com/file-scan/report.html?id=0f34f6ef059713df4cd3e4da58fbf737ba1dfd38abcf04288ee3e1fc4aa81607-1304863481)
VT 23/41 (56.1%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on May 09, 2011, 06:49:49 am
Code: [Select]
http://freitasromulo.sites.uol.com.br/larinha.htm         md5sum ===> 34becadc7a01bf50d91f4169d9898ac7http://www.virustotal.com/file-scan/report.html?id=cb0d8131436f3a94713c77dc3b573d49d8726e845b3caf071fc78bee002ea74c-1304923413 (http://www.virustotal.com/file-scan/report.html?id=cb0d8131436f3a94713c77dc3b573d49d8726e845b3caf071fc78bee002ea74c-1304923413)
VT 16/42 (38.1%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on May 09, 2011, 04:39:25 pm
IP Location: Brazil  - ZIPNET BR AS
IP  200.147.33.19
[200-147-33-19.static.uol.com.br]
AS7162
Code: [Select]
http://araujofernao.sites.uol.com.br/News.jpg         md5sum ===> b998497a0a3c50c643dd6ee4e2fe6c03http://www.virustotal.com/file-scan/report.html?id=8d1937a283d01fa7c151557f65fd626726a0a5fe3b786cd018b08c41a2ea7d70-1304958916 (http://www.virustotal.com/file-scan/report.html?id=8d1937a283d01fa7c151557f65fd626726a0a5fe3b786cd018b08c41a2ea7d70-1304958916)
VT 22/42 (52.4%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on May 09, 2011, 06:22:09 pm
Code: [Select]
http://r5eletrica.sites.uol.com.br/ger.jpg         md5sum ===> 2e09e559d91b28c38690af89d61cfb0chttp://www.virustotal.com/file-scan/report.html?id=1d736e6c06d6dcd30423633f2883dccfb160f3cac93c057d24a274b32fd9ec09-1304964651 (http://www.virustotal.com/file-scan/report.html?id=1d736e6c06d6dcd30423633f2883dccfb160f3cac93c057d24a274b32fd9ec09-1304964651)
VT 31/42 (73.8%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on May 10, 2011, 06:27:08 am
Code: [Select]
http://simone.skill.sites.uol.com.br/bicudo.txt         md5sum ===> e5001d002d1776cb42e471b6d5f96e4dhttp://www.virustotal.com/file-scan/report.html?id=44ff91596ec749bfdb94b58d438d9794c952df599c759269bb920e15dec6206e-1305008153 (http://www.virustotal.com/file-scan/report.html?id=44ff91596ec749bfdb94b58d438d9794c952df599c759269bb920e15dec6206e-1305008153)
VT 15/43 (34.9%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on May 14, 2011, 07:14:30 pm
Code: [Select]
http://gucosilva.sites.uol.com.br/downloada.jpg         md5sum ===> 5d1cdf7ff4c57503c2352f1d6bf3a149http://www.virustotal.com/file-scan/report.html?id=129591853d1490deb52c274eb967a39a84d68e75fc3f9e86558acdacce8565ed-1305399681 (http://www.virustotal.com/file-scan/report.html?id=129591853d1490deb52c274eb967a39a84d68e75fc3f9e86558acdacce8565ed-1305399681)
VT 13/42 (31.0%)
Code: [Select]
http://gucosilva.sites.uol.com.br/downloadb.jpg         md5sum ===> 2d3c7fd7cc6468a33108432431fe4096http://www.virustotal.com/file-scan/report.html?id=a3f15db92c7b0f7e5d3d2515a5d36b52524978a08b84976bf533443a65006f6b-1305399825 (http://www.virustotal.com/file-scan/report.html?id=a3f15db92c7b0f7e5d3d2515a5d36b52524978a08b84976bf533443a65006f6b-1305399825)
VT 7/42 (16.7%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on October 25, 2011, 12:17:33 pm
Code: [Select]
amazzamboni.sites.uol.com.br/moduloa.ico           md5sum ===> 2f3073082f7d51e3e5f8f9cfa00f541bhttp://www.virustotal.com/file-scan/report.html?id=53206709a0fd2c0103b6fbfea0e2b486f59a07394ebd7b2fa0490d9d96bb8f42-1319544083 (http://www.virustotal.com/file-scan/report.html?id=53206709a0fd2c0103b6fbfea0e2b486f59a07394ebd7b2fa0490d9d96bb8f42-1319544083)
VT 20/39 (51.3%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on November 18, 2011, 09:58:25 am
Code: [Select]
hxxp://robertovmachado.sites.uol.com.br/4itabb.txt               md5sum ===> d71292fca2fc26887a813d09b49b3c1d
hxxp://robertovmachado.sites.uol.com.br/3natela.txt              md5sum ===> e8effc3d83b36ff7ad7e353c7bca3819
hxxp://robertovmachado.sites.uol.com.br/2ne3x.txt                md5sum ===> 12b0a9e0158302057acecdfc31da8e0e
hxxp://robertovmachado.sites.uol.com.br/1bandeira.txt            md5sum ===> 21ce32b3f4e182cc5e454841fe8c809a
http://www.virustotal.com/file-scan/report.html?id=36daa746fd66162bf617304e9d933214233a030e5bac16e579c3d87609529bd7-1321609266 (http://www.virustotal.com/file-scan/report.html?id=36daa746fd66162bf617304e9d933214233a030e5bac16e579c3d87609529bd7-1321609266)
VT 34/42 (81.0%)
http://www.virustotal.com/file-scan/report.html?id=021141c28f6a8c96d0f84d774ab018a9689977d3dfd241f3495e1cae308ca72c-1321609191 (http://www.virustotal.com/file-scan/report.html?id=021141c28f6a8c96d0f84d774ab018a9689977d3dfd241f3495e1cae308ca72c-1321609191)
VT 32/42 (76.2%)
http://www.virustotal.com/file-scan/report.html?id=395999ef81385b2913d4dd934b72de73a0a5bed7d0f2d4a190b4ae729d52f917-1321609654 (http://www.virustotal.com/file-scan/report.html?id=395999ef81385b2913d4dd934b72de73a0a5bed7d0f2d4a190b4ae729d52f917-1321609654)
VT 37/42 (88.1%)
http://www.virustotal.com/file-scan/report.html?id=3174d82b648cdd96c0946664c7732e0624543648aa141e3c747d263882ea10d8-1321609392 (http://www.virustotal.com/file-scan/report.html?id=3174d82b648cdd96c0946664c7732e0624543648aa141e3c747d263882ea10d8-1321609392)
VT 33/42 (78.6%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on November 21, 2011, 06:45:03 pm
Code: [Select]
hxxp://adv.orestes.sites.uol.com.br/yrieryriueyriewyrieyr.tmp         md5sum ===> 188c02a240c10b296c299ebb99ed0c57
hxxp://adv.orestes.sites.uol.com.br/PLGPROJETO.tmp                    md5sum ===> 60d5baca395a38472e6d86d390fc7abd
hxxp://adv.orestes.sites.uol.com.br/SKDFLKSAJFLASJFLF.tmp             md5sum ===> 9c0ef407476647bdc902270474f23f92
hxxp://adv.orestes.sites.uol.com.br/Key_SuperKill.tmp                 md5sum ===> 4b652e7822f32302087eea5ed2b89aba
http://www.virustotal.com/file-scan/report.html?id=b9763064918e626242d7bcd77d29b3044d207f519661d7814baf0005343b5685-1321813629 (http://www.virustotal.com/file-scan/report.html?id=b9763064918e626242d7bcd77d29b3044d207f519661d7814baf0005343b5685-1321813629)
VT 26/41 (63.4%)
http://www.virustotal.com/file-scan/report.html?id=070e0c27f04f98c6a2a6ea61f3810a51a714752cfcc23a31878e9e07f22552c4-1321846808 (http://www.virustotal.com/file-scan/report.html?id=070e0c27f04f98c6a2a6ea61f3810a51a714752cfcc23a31878e9e07f22552c4-1321846808)
VT 29/42 (69.0%)
http://www.virustotal.com/file-scan/report.html?id=cf78d6ec7596175fdc7c49f06541cf0943056b4a176cfe6d2f8600cff17733bd-1321814643 (http://www.virustotal.com/file-scan/report.html?id=cf78d6ec7596175fdc7c49f06541cf0943056b4a176cfe6d2f8600cff17733bd-1321814643)
VT 29/42 (69.0%)
http://www.virustotal.com/file-scan/report.html?id=29a2b45e0b7c1776e7fdadee5d7759e2c8d8d11eee850b04550fd6f56b982d5f-1321815174 (http://www.virustotal.com/file-scan/report.html?id=29a2b45e0b7c1776e7fdadee5d7759e2c8d8d11eee850b04550fd6f56b982d5f-1321815174)
VT 20/42 (47.6%)
Title: Re: Updated trojans banker from *.sites.uol.com.br
Post by: jackberri on December 05, 2011, 06:49:16 pm
Code: [Select]
hxxp://robertovmachado.sites.uol.com.br/2ne3x.txt       md5sum ===> ee4ef99ad007f113841273c36fcb7481
hxxp://robertovmachado.sites.uol.com.br/1bandeira.txt   md5sum ===> e6c38f13712fc3ee3c06fc9ee1752dcb
hxxp://robertovmachado.sites.uol.com.br/3natela.txt     md5sum ===> 4466f5f68d62340e9ee53cd17fa4586a
hxxp://robertovmachado.sites.uol.com.br/4itabb.txt      md5sum ===> f0565be19b190b97e6b6dba7d65cffef
hxxp://robertovmachado.sites.uol.com.br/7protecao.txt   md5sum ===> 34930b34e404862ba6a189158b60ff2a
hxxp://robertovmachado.sites.uol.com.br/5derubavs.txt   md5sum ===> f6ea61f648fe6283c4231fb259485a4b
http://www.virustotal.com/file-scan/report.html?id=9f6a36488dbafcc35b5092d6de754e75da844c288f322b55b25e2c8461ee0622-1323109183 (http://www.virustotal.com/file-scan/report.html?id=9f6a36488dbafcc35b5092d6de754e75da844c288f322b55b25e2c8461ee0622-1323109183)
VT 32/43 (74.4%)
http://www.virustotal.com/file-scan/report.html?id=72d22c914a1ea8b8813e129746b1add40bf3ea6f5810cf00d9752b68d85396ed-1323109816 (http://www.virustotal.com/file-scan/report.html?id=72d22c914a1ea8b8813e129746b1add40bf3ea6f5810cf00d9752b68d85396ed-1323109816)
VT 30/43 (69.8%)
http://www.virustotal.com/file-scan/report.html?id=9b6cde9ba9016cd85b30b9071150dc866c9968df268c976ea7cfd5e26aa11980-1323109769 (http://www.virustotal.com/file-scan/report.html?id=9b6cde9ba9016cd85b30b9071150dc866c9968df268c976ea7cfd5e26aa11980-1323109769)
VT 27/43 (62.8%)
http://www.virustotal.com/file-scan/report.html?id=2d756c1b7c6cd3f5cb1e245e710f2ded595efe9a571cf4f104a935f089aed035-1323110043 (http://www.virustotal.com/file-scan/report.html?id=2d756c1b7c6cd3f5cb1e245e710f2ded595efe9a571cf4f104a935f089aed035-1323110043)
VT 28/43 (65.1%)
http://www.virustotal.com/file-scan/report.html?id=70ae3c823c787ee9b01cb037a060f0cc1d6483b95501f3480d70ec6ee0e6faaf-1323110170 (http://www.virustotal.com/file-scan/report.html?id=70ae3c823c787ee9b01cb037a060f0cc1d6483b95501f3480d70ec6ee0e6faaf-1323110170)
VT 8/42 (19.0%)
http://www.virustotal.com/file-scan/report.html?id=ad8f5b59a9ce16902ed06845d36144b4455017bfc8fb6e1b37c2eacb7bd7bfc2-1323110362 (http://www.virustotal.com/file-scan/report.html?id=ad8f5b59a9ce16902ed06845d36144b4455017bfc8fb6e1b37c2eacb7bd7bfc2-1323110362)
VT 20/43 (46.5%)