Translate

1/19/2014

NEW MALWARE: Exploit.JS.Agent.bnu
found on
www.cretosocostruzioni.it (BLACKHOLE ITALY)



NEW MALWARE found on:
www.cretosocostruzioni.it
  • https://www.virustotal.com/de/url/56d645fd54a3131e943fffc38c7d8d2b08708d7fea96a0359b706e41c10b40ed/analysis/
INFECTED: Exploit.JS.Agent.bnu
  • https://www.virustotal.com/de/file/7fdbf0bce169b0e2ab441fda2d63ac7d7b114b85ec0dff12e509f074150d9f2d/analysis/1390128259/
www.cretosocostruzioni.it/online
  • https://www.virustotal.com/de/url/f2c0777c24805a398d42e4b2fcee5ff98fbd375a42482aac2c019334536fc97b/analysis/1390129080/
INFECTED: Exploit.JS.Agent.bnu
  • https://www.virustotal.com/de/file/742113b12396661ca1c2d2796834169e5543624111f75308b5ef1796d80634d1/analysis/1390128250/
81a338 (BLACKHOLE)
  • https://urlquery.net/report.php?id=8882516
---> REMOTE(s)

DOMAIN:
lanotfo.com
  • https://www.virustotal.com/de/url/6ff7f2d41dd24b4613f5c7f2ddf8045fb0cf966e530535a171dc971168a03bdb/analysis/1390129287/
lanotfo.com/exit.php
  • https://www.virustotal.com/de/url/418aefb901fd9cef797a1419bd4c3b82f15eab2e5fac9688998f3ce1cee83775/analysis/1390129281/
DOMAIN:
gylaqim.com
  • https://www.virustotal.com/de/url/fc04abfc736f83c76d968a82259c71d4382cbb895c2f50e15d345948c08541a9/analysis/1390128973/
gylaqim.com/exit.php
  • https://www.virustotal.com/de/url/fa57933bb759bbb97a034a0ff3ecf1563a51474ad5795f06949b746e58bc6986/analysis/1390128981/
----------------------------------------------------------------------------------------------------------------------------------------------
OTHER RESULTS:
  • http://app.webinspector.com/public/reports/19564893
  • http://wepawet.iseclab.org/view.php?hash=334dfbfddf5c8dd2e23083b3665eb265&t=1390127730&type=js
  • http://zulu.zscaler.com/submission/show/11e7b4c701fdd5cc9d49ceff4e6c058d-1390127849



Eingestellt von um
Labels: , , , , , , ,

Keine Kommentare:

Kommentar veröffentlichen

Abonnieren Kommentare zum Post (Atom)