Author Topic: Collection of malicious domains online  (Read 17511 times)

0 Members and 1 Guest are viewing this topic.

April 06, 2010, 10:35:42 pm
Read 17511 times

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
INFECTED URLs:

1.
#http://neetbankingg.com/dpto/comprovante/Comprovante-deposito.php redirects to
#http://neetbankingg.com/dpto/comprovante/Comprovante-deposito.exe
VT 20/39 - http://www.virustotal.com/analisis/e6a04e4a6f31114437ff9565809ed5510c9887628f3b458be162df93c8a61708-1270585936

2.
#http://axf5n.cjb.net/?Modulo-de-Seguranca-Banco-Bradesco-2010 redirects to
#http://modulo-seguranca.110mb.com/bra.php?587852465nf83fh4984t7459825 redirects to
#http://modulo-bradesco.110mb.com/Interne_Banking.com
VT 12/39 - http://www.virustotal.com/analisis/c6bdeec8c252f625fa33c780b2e031a1bd435d62595dda83ce4f8b52dbf48c40-1270585611

3.
#http://filmcommissionpiacenza.it/itokenv3.8.2.php
#http://www.azymutczarter.com.pl/libraries/Itoken-3.8.2.exe
OR
#http://www.vvwheist.be/itokenv3.8.2.php redirects to
#http://www.hamsi.be/plugins/Itoken-3.8.2.exe
OR
#http://www.2pstudio.pl/img/Itoken-3.8.2.exe
VT 10/39 - http://www.virustotal.com/analisis/561225432df7c9aec5642ce1245967f15f6bf87da81786ffdca6c3106f81c33a-1270585754

4.
#http://cli.gs/https.wwwss.bradesco.com.br.scripts.ib4k1.dll.Plugin-Bradesco redirects to
#http://www.yeonjin.com/bbs/ezset/maker_data/yeonjin/Plugin-Bradesco.scr
VT 7/39 - http://www.virustotal.com/analisis/756726cfae4e9548c74d35a09882cfedbcddb07d67f334d35fb4e5ebb7b4ae47-1270586640

5.
#http://125.133.6.5/download/Regulamento.php redirects to
#http://www.musik.schmirn.at/guestbook/gallery/Regulamento.exe
VT 18/39 - http://www.virustotal.com/analisis/e1ce33c37d7fc0d23c8a4fe0be377f9768238c15ae4e77559ace862f589b0945-1270564786

6.
#http://din4you.0lx.net/www.bb.com.br/ModuloSeguro.php redirects to
#http://66.228.121.136/~sistemag/ModuloSeguranca.exe
VT 7/39 - http://www.virustotal.com/analisis/8aad6a093446a93ca2d8dfb8ee2aa51a0ad2c6d1d0eef2604a0e9eb127c5af23-1270585940

7.
TROJAN DOWNLOADER CONNECTIONS:
http://www.threatexpert.com/report.aspx?md5=200905516c7226fe45ca891765c7208f
#http://neetbankingg.com/imagens/fisbdn.jpg
VT 6/38 - http://www.virustotal.com/analisis/bc9ea163322765d3aaad79e29f5ff93cd67e1c0c10a21b7eeb780b14176978a6-1270591476
#http://neetbankingg.com/imagens/jurbdn.jpg
VT 4/39 - http://www.virustotal.com/analisis/aed6d5c7d98d0c35b31d4ac24804061a2d3a6ae1a42eeb3d5d3ab765374b6ac4-1270591534
#http://neetbankingg.com/imagens/olebdn.jpg
VT 13/38 - http://www.virustotal.com/analisis/801c35fc90f0303f7b5e83dde17da7d8214b747c90c53060e199db1920f3cb23-1270591667
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com

April 07, 2010, 11:11:03 pm
Reply #1

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
INFECTED URLs:

1.
#http://www.bankline-itau.com/GRIPNET/download.php?=itokennv-3.8.2 redirects to
#http://www.bankline-itau.com/GRIPNET/Itoken-3.8.2.exe
VT 15/39 - http://www.virustotal.com/analisis/561225432df7c9aec5642ce1245967f15f6bf87da81786ffdca6c3106f81c33a-1270663423

2.
#http://220.191.224.3/globo.html?INC=http://www.globo.com/videos05/video.com?0.068489064143?0.239306513241670  redirects to
#http://220.191.224.3/setup_flash_player.exe
VT 10/39 - http://www.virustotal.com/analisis/b66db68f1fbe620102c015e2c8454f1a91984a07deafaa09d2f9ec62d14f7959-1270678025

3.
#http://mail.pwszzamosc.pl/rcm/.caixa.gov.br/recadastro.php redirects to
#http://mail.pwszzamosc.pl/rcm/.caixa.gov.br/CAIXA.exe
VT 3/37 - http://www.virustotal.com/analisis/6f2a709c615f5ff914892672aecb28155733eaa1acd7b05639dc89c8aa293197-1270670212

4.
#http://www.breeze-media.no/epost/SQL/new/index.php redirects to
#http://www.breeze-media.no/epost/SQL/new/Despacho4820912.exe
VT 16/39 - http://www.virustotal.com/analisis/d52ebc1040b059321b53779ed317942a6553ead232f5ea6ad6ecc8b069d2e06f-1270653010

5.
#http://www.ahhnwsj.gov.cn/www.itau.com.br/atualizar_itoken026.exe
VT 15/39 - http://www.virustotal.com/analisis/72ade3d9c9ed01064fda89bae248a98769230cd7bb179691d14a43a51c940f99-1270662994

6.
#http://www.labroderiedemouna.com/images/imag1.gif
VT 3/39 - http://www.virustotal.com/analisis/be5d38b4cbc127e149bcad336f1c480762f9b4e282619b010a761b173723581f-1270659228

7.
#http://www.labroderiedemouna.com/images/imag2.gif
VT 19/39 - http://www.virustotal.com/analisis/4cd8b5fdef638d113570bb60f29783f3eb15e0298afd0bb75224b6171f039888-1270651960

8. TROJAN DOWNLOADER CONNECTIONS
#http://222.219.29.81/icons/qpkill.gif
#http://200.87.100.6/conteco/readme.txt
#http://202.38.97.217/manual/readme.txt
VT 1/39 - http://www.virustotal.com/analisis/72d5a4828d7ac8bf6ef9de73e343093ba8e39632e8098d03d616a6f5f6aa801d-1270678735
#http://200.87.100.6/fatorbs.gif
VT 3/39 - http://www.virustotal.com/analisis/480a959220e6f02a2ccfe962e8b81df56fb66d544c02c3499a7d37b3530072d0-1270671279
#http://bargainracks.co.uk/img/common/1x2.gif
VT 9/39 - http://www.virustotal.com/analisis/92b42cc29d0d9981501c572cd15b9efe181a416d757608aad843c1b3642c90a6-1270678523
#http://bargainracks.co.uk/img/common/1x3.gif
VT 3/39 - http://www.virustotal.com/analisis/f2224fda4a7038575c13e6825b6377f0ca9736d8ea92c071003694f7ec514932-1270678532

9. TROJAN DOWNLOADER CONNECTIONS:
#http://algumfamiliareveion2010.xpg.com.br/ppointal.jpg
VT 19/39 - http://www.virustotal.com/analisis/68b02e69e5579b219771f2971467526b5d755cf425da301ded45a3544d7cdf69-1270700194
#http://algumfamiliareveion2010.xpg.com.br/scvhost.jpg
VT 21/39 - http://www.virustotal.com/analisis/431da598a9d0992485ec9243a8cb10d36a19cd9721bfa76941df45718a4d98e7-1270700268
#http://algumfamiliareveion2010.xpg.com.br/spoolvs.jpg
VT 19/39 - http://www.virustotal.com/analisis/6012253441cdc1c0941d295a89d4a8946caa08a635221993cc038aeefbd516a0-1270700292
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com

April 08, 2010, 10:52:19 pm
Reply #2

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
INFECTED URLs:

1.
#http://festinha.serveblog.net/ redirects to
#http://bit.ly/videolouco redirects to
#http://www.rogra.com.br/flash.htm redirects to
VT 6/39 - http://www.virustotal.com/analisis/8195361b05cbbcfa59b20fc00ba7563eea8764dc7b9a34e6e3baf7b58ecbe659-1270642647
#http://bit.ly/installflash01 redirects to
#http://free.7host05.com/flashplayer01/websystem/flashplayer.asp redirects to
#http://install01.100webspace.net/web/Instalar_Flash.php (finally! =D)
VT 19/39 - http://www.virustotal.com/analisis/1cfb90d31c85eac3fdb18973becab4e9e75fedce33414192fb867f19010c3305-1270720152

2.
#http://mobilepara.com/carlamontes/uploads/files/download.php?anexo=DSC002363.jpg redirecs to
#http://destinyacademyonline.com/plugins/editors/PROTOCOLO_98876.doc.exe
VT 12/39 - http://www.virustotal.com/analisis/2819539a4e4c2d24d66ba97f915ee339623cbb193fa0feccf40c4470e4c18990-1270761306

3.
#http://bit.ly/bsQTrO redirects to
#http://www.freewebtown.com/agitos2010/Visualizacao.com
VT 25/39 - http://www.virustotal.com/analisis/12e996b9d4161cd97b652d7c2345bcca4f51e0af9ba4cda51854a7398c9621b2-1270753725


4. TROJAN DOWNLOADER: http://www.threatexpert.com/report.aspx?md5=8c1fb4a1ca939ba45fb4ae529df57306

#http://modulos100.50webs.com/web/parte1.swf
VT 22/39 - http://www.virustotal.com/analisis/1f066588f42350aa1b99414e23696c911bcd708af32bdb02667869bd49608954-1270763140
#http://modulos100.50webs.com/web/parte2.swf
VT 11/38 - http://www.virustotal.com/analisis/eeeeb4e1aaf5e1500fa8d12bee95699d6d78c41124f15c5903d7e001f84bc556-1270733070
#http://modulos100.50webs.com/web/parte3.swf
VT 24/39 - http://www.virustotal.com/analisis/0af1a183d74668863d7f403399e94d5272724d59c847fdafc507c2b13c783876-1270763830
#http://modulos100.50webs.com/web/parte4.swf
VT 14/39 - http://www.virustotal.com/analisis/d09759b25548b4b1cc7a19be70b5193d4e1ee29fe4b7293a4e14ae837eb7ecfd-1270733367
#http://modulos100.50webs.com/web/parte5.swf
VT 11/39 - http://www.virustotal.com/analisis/b1d8e1e562879b804a17d1e45eed706c515f8954b945686f16d6e4f8a1746d25-1270764048

5. TROJAN DOWNLOADER: http://www.threatexpert.com/report.aspx?md5=039569f68261c7fd13c2560caba61ea2

#http://www.noiteflash.com/plugins/system/jwupf/daemon.jpg
VT 1/39 - http://www.virustotal.com/analisis/aadade21d088ace813080852bf199c1d42fde46a8b67ae3d6a0cccea0f762cb4-1270752939
#http://www.noiteflash.com/plugins/system/jwupf/adaemon.jpg
VT 9/39 - http://www.virustotal.com/analisis/34e350d1db0f6adc7fa4d836b04ac36c525ade06d29cc93532817b236490e685-1270764985
#http://www.noiteflash.com/plugins/system/jwupf/NissanModule.dll
VT 8/39 - http://www.virustotal.com/analisis/a24a66eb53aee40762a1105b2a0d79399fa6a71bf7f2da2ebe131b97678e4fb2-1270661354

6. TROJAN DOWNLOADER: http://www.threatexpert.com/report.aspx?md5=a56342f2fe2ea6a5c0024529b6c16b7d

#http://www.coisalindinhalegal.com/b1.jpg
VT 12/39 - http://www.virustotal.com/analisis/4de88a470690c8a873215cfcf0fb86b5eb7c4dccf6a8bf2496489372b6361496-1270765763
#http://www.coisalindinhalegal.com/b2.jpg
VT 15/41 - http://www.virustotal.com/analisis/ac61d9de58d6fb83a006906826544218c9ac9dfc2a6d07202d6b2da11fe8dbc9-1268367496
#http://www.coisalindinhalegal.com/b3.jpg
VT 30/41 - http://www.virustotal.com/analisis/e7c785869131d0241fe615cc141f8d9abb01c0e8e8077cebecc97e287b992760-1268367261
#http://www.coisalindinhalegal.com/b4.jpg
VT 5/41 - http://www.virustotal.com/analisis/114889a8750f63d305aff817e92e2d03eb59ab877edeaeea4527694995ccd394-1263587961
#http://www.coisalindinhalegal.com/b5.jpg
VT 25/42 - http://www.virustotal.com/analisis/5656105aa9843860dd2003df5f66413590d8d39e800c3dedc98fbfffba76433c-1268366931

7.
#http://www.skinpicks.com/?p=198|http://thebeerstube.com/xplay.php?id=45284 redirects to
VT 1/39 - http://www.virustotal.com/analisis/ffda32f0cc7afa3326d0e0f363bd528cc0930f2c57d5889ff945f713001ca644-1270735633
#http://digitalcastleworks.com/video-plugin.45284.exe
VT 7/39 - http://www.virustotal.com/analisis/0d89a5a2664103211da249d166f96c45d7599828f4009c6affd464ccea465726-1270773711

8.
#http://swiftx.co.cc/kt2cs/is2core.exe
VT 8/42 - http://www.virustotal.com/analisis/89cfcb8417085adb99c4b3ebc517abbe65d8360d09ace5ec1246018fa94259c4-1268870190

9.
#http://findernos.org/up3/setup
VT 14/39 - http://www.virustotal.com/analisis/691970de1449157777720c14d223d0ce49d7531eb32a126268f4897340bcaceb-1270766840
#http://findernos.org/up3/install01
VT 14/39 - http://www.virustotal.com/analisis/e5920cb5c2673036983f496cb52830604d930cc0aed9047bdcf0bb2b65193fa0-1270766783

10.
#http://124.195.15.248/Gol.php?Destinos=GOL7196485723BR
VT 34/36 - http://www.virustotal.com/analisis/aeb1450e76653844411b81d08567e76e826b52b58dc5b4d9438612e563b3a0af-1270774267

11.
#http://fotosfeliz.host.sk/
VT 35/39 - http://www.virustotal.com/analisis/559bc3aa801354abb0aa1b4477139eb4f27c677147c290fe0135eba7c584662d-1270773687

12.
#http://210.166.220.240/amor.exe
VT 35/39 -  http://www.virustotal.com/analisis/dc5b70d0da3055daff27eb069aa88a590b3391d0d575f8b1483ff314667f50f6-1270778701

13. TROJAN DOWNLOADER: http://www.threatexpert.com/report.aspx?md5=39031502c01f8150b23cf8e2f87de1cb
#http://202.62.224.16/icons/kl.png
VT 13/39 - http://www.virustotal.com/analisis/e5ede493216e48b2664ae242ebd568790fd1a22cecde0a0cc100ba8541c7dab2-1270734007
#http://202.62.224.16/icons/wm.png
VT 9/39 - http://www.virustotal.com/analisis/150c8fdcd16b29fbbf4f67ac3247cdda39d924f20d0d4e966c418a1bfa3eca5a-1270702967
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com

April 09, 2010, 10:00:23 pm
Reply #3

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com

April 14, 2010, 04:20:37 am
Reply #4

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
INFECTED URLs:

#http://mcd0nalds.com/cp/l/0/360d2893908391b682600ce76b5c06b3/4e12f43bb301c6b90b5a729d035d95f9|http://mcd0nalds.com/cp/r/0/360d2893908391b682600ce76b5c06b3/4e12f43bb301c6b90b5a729d035d95f9
VT 22/40 - http://www.virustotal.com/analisis/7fec92ea8089851eba9da6836f727beaea1cd75890d7b88fe7986293f4b6fb84-1271179563

#http://mcd0nalds.com/cp/l/10/bfab1688f96d674b95835bb25c806911/aa9b771580b5cea8b1aa8edeb0a7ed88|http://mcd0nalds.com/cp/r/10/bfab1688f96d674b95835bb25c806911/aa9b771580b5cea8b1aa8edeb0a7ed88
VT 21/40 - http://www.virustotal.com/analisis/77498946fd1e52dc998d57bb88aba0bb1f30d7bc4ef882cd8e0f2b83f941c4dc-1271179562

#http://mcd0nalds.com/cp/l/2/a2a5a050466953b36d83f16aa33cd514/a1c572e3ae14ecbeefa169cae3774f8f
VT 2/40 - http://www.virustotal.com/analisis/49c887c118df5a4348ffcb555f0a12e6a184b74f38efa1bcf5499a80da378a7b-1271189085

#http://mcd0nalds.com/cp/l/3/845cb2f4e4fb22cf300817120ef528da/bac9ca5d5d01cc4849b7b46834bb5fe8
VT 6/40 - http://www.virustotal.com/analisis/8003e4b009a34f41b0bf8a14b3ad76d4cd948c845550c98f679354fe751cbf71-1271179356

#http://pozemk.com/sv/pm.exe
VT 15/39 - http://www.virustotal.com/analisis/1454794ca132131f63c3851627acc3766868b2ce5ba254cc7ed220e3bc288628-1271214218

#http://commerceclick.co.uk/upl/mic.exe
VT 1/40 - http://www.virustotal.com/analisis/cb58f0f8c72a66e6bab7d027aa0791b481fa12eb35a231a1114b77740da730af-1271183191

#http://pozemk.com/v/vp4.txt?t=0.8062822
VT 14/40 - http://www.virustotal.com/analisis/a112d7dd5f7b5b3cd436b9d758bf29be3238bc793b5fec28ffd2f63375590603-1271206907

#http://pozemk.com/v/vp1.txt?t=3.403723E-03
VT 19/40 - http://www.virustotal.com/analisis/dc470c553bdd236fe5f6d8072de140d6d565d5dd96eaa35ea2f9d2dc8f8c963e-1271200947

#http://pozemk.com/v/vp2.txt?t=8.270878E-02
VT 18/40 - http://www.virustotal.com/analisis/a8c74286e2abc77d69b154c8bc1c5c5d5439595e75972b8f813dbed34035e42b-1271156862

#http://pozemk.com/v/vp3.txt?t=0.5814865
VT 36/40 - http://www.virustotal.com/analisis/cdb58a7a60abd793a0dd234279ca6141cc73421f23c5043a5f897b7109bf491b-1271156559

#http://chughtf.com/3
VT 15/40 - http://www.virustotal.com/analisis/cef32be9334dd284aaa7762035dc84f7de17ffe78e49b35752a41fd40adac000-1271156450
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com

April 14, 2010, 09:58:10 pm
Reply #5

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
INFECTED URLs:

#http://flyingbuffalo.net/update/app.gif
VT 22/40 -http://www.virustotal.com/analisis/6b6802a99472af33361bef5632a824478ba0a1d6d7af3884e7ac2dc5481b84cc-1271274508

#http://www.labroderiedemouna.com/images/imag2.gif
VT 17/20 - http://www.virustotal.com/analisis/31b4e790034e7eef14612f71fed6a4fc969e25f83e9dfa5da9c0aee92fff7ede-1271257941

#http://www.labroderiedemouna.com/images/imag1.gif
VT 14/40 - http://www.virustotal.com/analisis/e6b605bcc556c38f73254b45f153958259274852687d145d9079293b3164bbb2-1271257951
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com

April 16, 2010, 11:48:47 pm
Reply #6

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
INFECTED URLs:

#http://www.01it.com/banner_center/visualizar.php?DOENTES.doc
#http://www.01it.com/banner_center/visualizar.php?JOVENS.doc
#http://www.01it.com/banner_center/visualizar.php?IDOSOS.doc
#http://www.01it.com/banner_center/visualizar.php?ADULTOS.doc
#http://www.01it.com/banner_center/visualizar.php?QUEMNAOPODE.doc
redirects to
#http://www.01it.com/banner_center/arquivo.doc.exe

VT 13/40 - http://www.virustotal.com/analisis/30ffbd7078273fe536c28ae5b149c5fdb156ed1db0fe0408d1922094944eea5c-1271460967
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com

April 19, 2010, 11:23:44 pm
Reply #7

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
INFECTED URLs:


1.
#http://www.22bin.com.pl/plugins/content/bb.com.br/BBSeguro.exe
VT 18/40 - http://www.virustotal.com/analisis/2cf917d814991fb7cacbc4c7fa1cd06fe4eadd4a73c32b207fefe9895f469925-1271717196

2. TROJAN DOWNLOADER: http://www.threatexpert.com/report.aspx?md5=ac97e21c3c346551722f10fefd43d9e5

#http://www.webmasterbloog.com/imagens/eraseplgfi.txt
VT 19/40 - http://www.virustotal.com/analisis/f3b921f737ddd21b27c396fa5777fe3d4a14d8f4c047f27fdc8ec40e599498db-1271705919
#http://www.webmasterbloog.com/imagens/hpdeskjet.txt
VT 13/40 - http://www.virustotal.com/analisis/c521606d5a1ca3abcaffc997b30e096d091d065c97380f199a9be0731f54f364-1271644933]
#http://www.webmasterbloog.com/imagens/wltray.txt
VT 14/41 - http://www.virustotal.com/analisis/568306428afe06edcf7c5a4f7befa291fe706f4a35275b0864f76d237ece6a5c-1271719814
#http://www.webmasterbloog.com/imagens/eraseplg.txt
VT 1/40 - http://www.virustotal.com/analisis/5d3bf1a7bec37e8befbb504a83df20467d9c8525f5687a5d0d0031c90689a3c7-1271629133
#http://www.webmasterbloog.com/imagens/shdocvw.txt
VT 5/41 - http://www.virustotal.com/analisis/a2544b2368165b6072b40daa65238618d2ab29d640b4933d166e58ce1dffdb6d-1271719946
#http://www.webmasterbloog.com/imagens/win32update.txt
VT 8/41 - http://www.virustotal.com/analisis/5ed11b78ab29f16f636a3a14a5fd6b8311d4cd08fca3bc8109034743deee4c6a-1271720065

3. TROJAN DOWNLOADER: http://www.threatexpert.com/report.aspx?md5=655f9e3f7584ac4ebbc1aa17a5446d62
#http://www.pacoprod.fr/ws/xxx/imgdesco.jpg
VT 23/40 - http://www.virustotal.com/analisis/494531522ab1813ef2a54c45510491ade781bf387dee77d02f63b1b76e4f58cb-1271700912
#http://www.pacoprod.fr/ws/xxx/imgempresa.jpg
VT 26/40 - http://www.virustotal.com/analisis/290d46ef7ec4ef0ace75a914124ce33fcf2fdc2ea11653e0147c6edaf036a1b3-1271700396
#http://www.pacoprod.fr/ws/xxx/imgcef.jpg
VT 21/41 - http://www.virustotal.com/analisis/fcf70cf5c745c5f76fc55752125b73ef0a5efb8c6cbbc3fd19bd8d7db7374a2a-1271721674
#http://www.pacoprod.fr/ws/xxx/kxx.jpg
VT 20/40 - http://www.virustotal.com/analisis/7b79589907f001400d3ea688cd550dd55c9c698de91d4f85b4835521c78adccb-1271700617

4.
#http://www.theater-amaryllis.ch/itokenv3.8.2.php redirects to
#http://www.azymutczarter.com.pl/xmlrpc/Itoken-3.8.2.exe
VT 11/40 - http://www.virustotal.com/analisis/dfb4b74a8b28e3309b24ed6a06d177c27e193e61be7b711df949ae10816dfafe-1271725376

5.
#http://www.2pstudio.pl/images/new_f1.jpg
VT 16/40 - http://www.virustotal.com/analisis/fffd2ac9d2801b9323d0546ba79355b51be3e73ce4b955f835cb7be32f765f0c-1271734274
#http://www.2pstudio.pl/images/edit_f2.jpg
vt 12/41 - http://www.virustotal.com/analisis/79b778ba755c5eebb51f737c5173a36f9d9d89c48c9a03be5c25198991b2d348-1271734297

6. TROJAN DOWNLOADER: http://www.threatexpert.com/report.aspx?md5=64e172d88dbb458e713a8b5fb024b797
#http://71.0.121.105/icons/k.png
VT 9/40 - http://www.virustotal.com/analisis/cfef736e9af075fc716cd1a0b8d4c82023e3c3b1f019e911332d184b0c706d35-1271686257
#http://202.96.106.6/kl.png
VT 12/40 - http://www.virustotal.com/analisis/522f5fa968fe994edc47f69ced8e8c7c62b905f1b4690fd0c5e7a84362035c4f-1271697249
#http://202.96.106.6/wm.png
VT 9/40 - http://www.virustotal.com/analisis/4aee9950382eedbe9b76a711cedcdc37f940108729e1faa02c9c99b57aaf5f1b-1271662797

7.
#http://www.freewebtown.com/virtual_2010/virtual_cards.com
VT 18/42 - http://www.virustotal.com/analisis/0310c7fb1e03eed5c53f88947ed17785d1e275d6d350c03503b03ec69b14c67c-1269880873
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com



April 23, 2010, 04:49:27 pm
Reply #10

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com

April 24, 2010, 07:27:14 pm
Reply #11

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
INFECTED URLs:

1.
#http://www.virtualdrive05.net/fc048726/DSC0445209.jpg
VT 4/41 - http://www.virustotal.com/analisis/65af6fc4e06301c66fb22580a48eb1049ada4090385d8c54fabfe8afbed61972-1272133424

2.
#http://www.xhdc.com.cn/149/71O.php?=/documento/orcamento/index.html redirects to
#http://www.hotels-in-hanoi.biz/paging/skin/skin/include/1/documento-doc.scr
VT 20/41 - http://www.virustotal.com/analisis/a254770a00e3975db900b1e0e92c1e9eaa1394c3dfcc2dd797b0a5bc993d0a7f-1272136898

3.
#http://www.astro.pl/libraries/pear/Itoken-3.8.2.exe
VT 15/40 - http://www.virustotal.com/analisis/688745a002a7d76d4e8f132310bf01a5b574c0cd9afc6204d44d4973ad9ac6da-127210460
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com

April 26, 2010, 03:58:49 am
Reply #12

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com


April 27, 2010, 03:26:26 am
Reply #14

ohmniscient

  • Full Member

  • Offline
  • ***

  • 46
    • Report-IT Anti-Malware/Phishing Group
INFECTED URLs:

1.
#http://www.vivo-refloresta.com/Chave/50630.W2WW.L.GH/ redirects to
#http://www.vivo-refloresta.com/SMSVivo_CodigoHdl8pG.exe
VT 13/40 - http://www.virustotal.com/analisis/10804830acb7acf9ac3eed9658abb76de6ec35225f312149464719c6b0b3a845-1272327108

2.
#http://www.hungaro.com.br/noticias2/admin/upload_imagens/Recadastramento_Dia&Noite.php redirects to
#http://www.hungaro.com.br/noticias2/admin/upload_imagens/Modulo_Recadastramento.exe
VT 25/41 - http://www.virustotal.com/analisis/66d616176e228ceb3bb889d87280d6e1e6d05dc9e17e2517475c5fff599b3ae9-1272384458

3.TROJAN DOWNLOADER: http://www.threatexpert.com/report.aspx?md5=b232255f26441c7ad71bf2a0869ca0ea
#http://receitasdk.com/Receita1.avi
VT 18/40 - http://www.virustotal.com/analisis/04aeceaf168ec49f3545554ea86bad42a5f4be32ae30d79e536a10e3d293070a-1272381968
#http://receitasdk.com/Receita2.avi
VT 21/40 - http://www.virustotal.com/analisis/25068103aefb152b9a300e3ef1bad4b9aef756f163e1f876d8e4d40cb5db02e2-1272382045
#http://receitasdk.com/Receita3.avi
VT 9/41 - http://www.virustotal.com/analisis/2a597f88193799866af070cdadf3aab1d9ff58f3236d49abc9ba3b7ac3f1b7a1-1272391453
#http://receitasdk.com/Receita4.avi
VT 17/40 - http://www.virustotal.com/analisis/c34ee0546a6fe4135d7cd1eecd186cf12788036f47c47fc9ea90777eb6b6d8f8-1272381880
#http://receitasdk.com/Receita5.avi
VT 21/40 - http://www.virustotal.com/analisis/b3aac25cbccd24cfff7ae8ec04ee693e304a0744a5c59b4bbd178edaeb088d5a-1272382084

4. TROJAN DOWNLOADER: http://www.threatexpert.com/report.aspx?md5=59f85e99c3b413f51a9227fe8287805b
#http://www.grecocruz.com.br/images/foto1.jpg
VT 14/40 - http://www.virustotal.com/analisis/8b366dfb9bd67d600d6872b1230c9c6e07bbf4b898d6ee64df8452f9a06f5f2d-1272412857
#http://www.grecocruz.com.br/images/foto2.jpg
VT 18/40 - http://www.virustotal.com/analisis/07cb5dca9e088656fc1a515834d401fb2d20bdaa13c881a40894a07b8a37da42-1272412885

5.
#http://dmdcomunicacao.com.br/system/mod2.jpg
VT 16/41 - http://www.virustotal.com/analisis/f8e7ef00a682a34528cac51af4ce1283acbac19f233cd650b8f9d7c5d051aa30-1272418052
#http://dmdcomunicacao.com.br/system/mod4.jpg
VT 17/41 - http://www.virustotal.com/analisis/ff87aa6aadefcf0c8caf90ef2fa611175573732155c5b241640edb65c3ee5afe-1272418089
#http://dmdcomunicacao.com.br/system/mod5.jpg
VT 14/41 - http://www.virustotal.com/analisis/64790808fd7d034942d2254160a7da59289f9bd2ff5784aeba86b7572b5a0ef3-1272418107
#http://dmdcomunicacao.com.br/system/mod1.jpg
VT 20/40 - http://www.virustotal.com/analisis/901cb63df2833f5bfd17424dd4f2b15e3200587695d0faa31312a2fbd50dc776-1272350302
#http://dmdcomunicacao.com.br/system/mod3.jpg
VT 14/41 - http://www.virustotal.com/analisis/bf7a6136b23d3959f68ad7e9b49ba8b8bb64727ba68e62b3b4e4a6ee75e8cced-1272418165

6.
#http://reportes201.com/inhouse/cliente.rm
VT 11/40 - http://www.virustotal.com/analisis/8defc2380c45425a26ba32df6434447f3432d266f4b41fa7e3cd7f8287c5416c-1272217256
#http://reportes201.com/inhouse/software/auto.rm
VT 9/37 - http://www.virustotal.com/analisis/28560e8b49d12c10f49790a4bc09feb7aad708d67d354e25cbc9f267466311b2-1272245258
Report-IT Anti-Malware/Phishing Group: http://report-it.webs.com