Malware Related > Zlkon.lv

hs.2-123.zlkon.lv (94.247.2.123)

(1/1)

sowhat-x:

--- Quote ---hxxp://94.247.2.123/ ---> fake av scan crap
hxxp://avscanonline.com//install/ ---> spawns the .exe...
--- End quote ---
Result: 0/40 (0%)...time to change that,and blacklist the scumbags' ip as well...
http://www.virustotal.com/analisis/2ca2556d4482792f7b99c979f20d4697

SysAdMini:

--- Code: ---94.247.2.123/Install.exe
--- End code ---
http://virscan.org/report/de26f0b2fb5e9f06a71a9dab5d51989c.html 22/37

Malware-Web-Threats:
Fake scanner page:

--- Code: ---hxxp://avscanonline.com/promo/?tid=fin&aid=run1

--- End code ---

Fake AV:

--- Code: ---hxxp://avscanonline.com/inst.php?tid=fin&aid=run1

--- End code ---


--- Quote ---File name: AV2009Setup.exe
File size: 162304 bytes
MD5: 7509d6f880ef598f969e8f2908a78eef

--- End quote ---

VirusTotal - 4/40 (10%)
Anubis Report


--- Quote ---94.247.2.123:80 - [avscanonline.com] 
Request: GET /src.php 
Response: 200 "OK" 
Request: GET /install/zip.zip 
Response: 200 "OK" 

--- End quote ---


--- Quote ---File name: zip.zip
File size: 162304 bytes
MD5: 7509d6f880ef598f969e8f2908a78eef

--- End quote ---

VirusTotal - 0/39 (0.00%)

decompressed:

AV2009.exe
VirusTotal - 0/40 (0%)

AV2009_Update.exe
VirusTotal - 0/40 (0%)
Anubis Report

sysdata.sys
VirusTotal - 0/40 (0%)

SysShield.exe
VirusTotal - 0/40 (0%)
Anubis Report

Uninstall.exe
VirusTotal - 0/40 (0%)
Anubis Report

Support (Internet shortcut) - 94.247.2.191

--- Code: ---hxxp://www.antivirus-protection.us/support

--- End code ---

Navigation

[0] Message Index