Author Topic: New Zeus server  (Read 203044 times)

0 Members and 2 Guests are viewing this topic.

December 04, 2011, 04:06:38 pm
Reply #705

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location:  United States - SOFTLAYER
IP 173.192.30.114
[173.193.5.38-static.reverse.softlayer.com]
AS36351
Name Server: ns1.jagoanhosting.com  | ns2.jagoanhosting.com  | ns3.jagoanhosting.com
Registrant/Email Registrant: muhammad safiudin/vb.vrodin@yahoo.co.id
Code: [Select]
hxxp://vrologicstore.com/zeusnew/config.bin      md5sum ===> 28f74bf09074c10f163c36384c41d0c9
hxxp://vrologicstore.com/zeusnew/bot.exe         md5sum ===> c468c22eb4e0f921e88543c02749f185
hxxp://vrologicstore.com/zeusnew/gate.php
http://www.virustotal.com/file-scan/report.html?id=7917d62b1a37541c4fa44f91f756ae23db1beb981c79f660757d7bca34aa11ef-1322995449
VT 35/43 (81.4%)

IP Location:  Germany - Strato Ag
IP 85.214.215.15
[h1969030.stratoserver.net]
AS6724
Name Server: ns1.mlxvacanthomes.net  | ns1.popu-media.net
Code: [Select]
hxxp://litfox.ru/mychristmax.php

December 05, 2011, 07:55:09 am
Reply #706

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location:  Russian Federation - ELight-AS
IP 46.180.70.139
AS39927
Name Server: ns1.earstickporte.ru | ns1.wutchusay.net
Registrant/Email Registrant: Giorgio Barese/nab@mail13.com
Code: [Select]
hxxp://variuhetarala.com/ves/hej.ls         md5sum ===> 83d0e087e7d4eb964887fcb5aabb1805
hxxp://variuhetarala.com/ves/zlu.exe        md5sum ===> 0804dacecda7dbdf94095870b0a72cef
http://www.virustotal.com/file-scan/report.html?id=1f3ce6e167cfaf8b5f2f16a9c3247891c2a6defa066345958b2ac50d435dcb17-1323070112
VT 24/43 (55.8%)
dropzone:
IP Location:  Albania - ALBTELECOM-AS
IP 217.24.246.7
[mx1.atnet.com.al]
AS42313
Name Server: ns1.earstickporte.ru | ns1.wutchusay.net
Code: [Select]
hxxp://phoneajoystick.ru/pla/folsk.php

December 07, 2011, 12:06:48 pm
Reply #707

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
IP Location:  Russian Federation - ELTEL-AS
IP 81.222.215.236
[mailgermes.beget.ru]
AS20597
Name Server: ns1.beget.ru | ns2.beget.ru
Code: [Select]
hxxp://ytopii.bget.ru/eretic/allbruck/boxforall/olelukoye.bin      md5sum ===> 7eb440fd0aba6167eebee38b16deaa16

December 08, 2011, 08:48:34 pm
Reply #708

jackberri

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1508
Code: [Select]
smartcheat.ru       61.139.151.25
smartcheat.ru       65.87.178.173
smartcheat.ru       85.214.215.15
smartcheat.ru       118.125.223.237
smartcheat.ru       60.19.30.131
smartcheat.ru       12.133.182.141

Name Server: ns1.mlxvacanthomes.net | ns1.theroad2.net
Code: [Select]
hxxp://smartcheat.ru/hiya777.phprelated md5sum ==> 8ceb1673e5877c50272dc29f5a3b7bac

IP Location:  Lithuania  - DC-AS UAB Duomenu Centras
IP 77.79.11.65
[hst-11-65.duomenucentras.lt]
AS16125
Name Server: ns1.dns-diy.net | ns2.dns-diy.net
Registrant/Email Registrant: Kto To/admin@waercomendsrar2pas.com
Code: [Select]
hxxp://waercomendsrar2pas.com/postaz/proms.php
hxxp://waercomendsrar2pas.com/waba/indexxx.php
hxxp://waercomendsrar2pas.com/waba/newa.php

IP Location:  Ukraine - Infium Ltd
IP 188.190.98.112
[ip-188-190-98-112.hosted-in.infiumhost.com]
AS197145
Name Server: NS73.DOMAINCONTROL.COM | NS74.DOMAINCONTROL.COM
Registrant/Email Registrant: Linda Irvin/quyyyaziz@yahoo.com
Code: [Select]
hxxp://openrealtydmn.info/A7D823F7EDC0B8CD3/ippool.php
IP Location:  Ukraine - ITLAS ITL Company
IP 91.217.91.43
AS15626
Name Server: ns1.comeandgivethatparte4.net | ns2.comeandgivethatparte4.net
Registrant/Email Registrant: Sergej Gmyzov/pin@free-id.ru
Code: [Select]
hxxp://comeandgivethatparte4.net/zero7/by.php