Malware Domain List

Malware Related => Malicious Domains => Topic started by: Sicqas on March 04, 2016, 01:38:50 pm

Title: C&C Server and .exe with it
Post by: Sicqas on March 04, 2016, 01:38:50 pm
I recently got a Direct Link of a EXE containing Malware. (C&C)

Here's the Link to the Deepviz Analysis:

Currently Scanning.

And the Link to Virustotal:

https://www.virustotal.com/en/file/e543e7e5fca52d68be705badecbab53b03ad9be6785a451066d4b5637efcbc20/analysis/1456258716/

The Domain is:

hxxp://oaspodpaskdjnghzatrffgcasetfrd.cf/
And some more.

Malwr Analysis: (currently Scanning)

https://malwr.com/analysis/MDM0YjZhYWJhMjc1NDc3NmFkOWEzMDc3ODRiYTU4MzA/

Download Link:

hxxp://nevergreen.net/6ob

Hope you will block all the Domains!

Thanks.
Title: Re: C&C Server and .exe with it
Post by: SysAdMini on March 04, 2016, 01:55:15 pm
Thanks for submission and welcome to MDL!

Please make sure to post malicious urls in a way they can't be clicked accidentally, for example by replacing http by hxxp.
Title: Re: C&C Server and .exe with it
Post by: Sicqas on March 04, 2016, 02:42:44 pm
Okay, sorry didn't known it.
Oh just realised i'm in the wrong Forum, can someone move this?

Another Analyis: https://www.hybrid-analysis.com/sample/e543e7e5fca52d68be705badecbab53b03ad9be6785a451066d4b5637efcbc20?environmentId=1

+ Domain: kioioqrieuj7t451453fcgasdvgb.cf
Title: Re: C&C Server and .exe with it
Post by: SysAdMini on March 04, 2016, 03:52:58 pm
Wrong forum?

It fits perfectly here.
Title: Re: C&C Server and .exe with it
Post by: Sicqas on March 04, 2016, 03:54:11 pm
Ah okay, tought because of the Malware it would fit it another better.

How can i report these Domains that they get locked?
Title: Re: C&C Server and .exe with it
Post by: SysAdMini on March 04, 2016, 04:26:56 pm
In this particular case you can report abuse at http://nevergreen.net/report_file.html

For C&C domains you can contact domain registrars. Abuse contact can usually be found in whois details.

http://whois.domaintools.com/oaspodpaskdjnghzatrffgcasetfrd.cf