Malware Domain List

Malware Related => Malicious Domains => Topic started by: MysteryFCM on June 18, 2009, 02:13:59 am

Title: PDF exploit + Koobface
Post by: MysteryFCM on June 18, 2009, 02:13:59 am: Ref: http://forum.hosts-file.net/viewtopic.php?p=11777#p11777

Bog standard PDF exploit;

updatedb87.cn/out/index.php
-> updatedb87.cn/out/pdf.php
--> updatedb87.cn/out/load.php <--Koobface

Domain resolves to: 83.133.123.139 - t492.1paket.com

Code: [Select]
inetnum: 83.133.96.0 - 83.133.127.255 netname: LNCDE-GREATNET-NEWMEDIA descr: Greatnet New Media. country: DE admin-c: FL1331-RIPE tech-c: FL1331-RIPE status: ASSIGNED PA mnt-by: LNC-MNT mnt-lower: LNC-MNT source: RIPE # Filtered person: Frazzetta Lindner address: Greatnet New Media address: Brentenstrasse 4a address: D-83734 Hausham address: Germany phone: +49 1805 47328638 fax-no: +49 1805 444894696 nic-hdl: FL1331-RIPE abuse-mailbox: abuse@greatnet.de mnt-by: LNC-MNT source: RIPE # Filtered :: Information related to '83.133.0.0/16AS13237' route: 83.133.0.0/16 descr: Lambdanet Operations - German region origin: AS13237 mnt-by: LNC-MNT source: RIPE # Filtered
Relations:
http://hosts-file.net/?s=83.133.123.139&view=matches

SMF 2.0.18 | SMF © 2021, Simple Machines