Malware Related > BIGNESS - AS49093
195.88.191.46
Serg:
Under Packed.Win32.Krap.x kaspersky means Email-Worm.Win32.Joleee
SysAdMini:
--- Quote from: Serg on September 07, 2009, 10:09:19 am ---Under Packed.Win32.Krap.x kaspersky means Email-Worm.Win32.Joleee
--- End quote ---
I always use the identifier "Tedroo" for this spamming trojan. Many av vendors like Microsoft, Sophos, Bitdefender or Ikarus use this identifier.
Malware-Web-Threats:
trojan:
--- Code: ---mcanavib.cn/update.exe
pbigupaz.cn/update.exe
tbegicoz.cn/update.exe
wpupadop.cn/update.exe
--- End code ---
redirects to exploits:
--- Code: ---mcanavib.cn/s/in.cgi?3&ab_iframe=0&ab_badtraffic=0&ab_trash=1&antibot_hash=bot
pbigupaz.cn/s/in.cgi?3&ab_iframe=0&ab_badtraffic=0&ab_trash=1&antibot_hash=bot
tbegicoz.cn/s/in.cgi?3&ab_iframe=0&ab_badtraffic=0&ab_trash=1&antibot_hash=bot
wpupadop.cn/s/in.cgi?3&ab_iframe=0&ab_badtraffic=0&ab_trash=1&antibot_hash=bot
--- End code ---
Malware-Web-Threats:
Redirects to exploits:
--- Code: ---sexygallets.com/s/in.cgi?3&ab_iframe=0&ab_badtraffic=0&antibot_hash=2990857606&ur=1&HTTP_REFERER=
--- End code ---
Malware-Web-Threats:
Exploits:
--- Code: ---nfovidab.cn/a1/
nfovidab.cn/a1/index_files/x1079.js
nfovidab.cn/stat1/index.php
nfovidab.cn/stat1/overEverIsnt.pdf
nfovidab.cn/stat1/anComes.swf
--- End code ---
Wepawet
Trojan Tedroo / Packed Krap:
--- Code: ---nfovidab.cn/update.exe
--- End code ---
VirusTotal - 31/41 (75.61%)
ThreatExpert
Trojan Dropper:
--- Code: ---nfovidab.cn/stat1/update.php
nfovidab.cn/stat1/update.exe
--- End code ---
VirusTotal - 5/41 (12.2%)
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version