Translate

2/06/2014

aromavietnam.com
Malicious Domain Infected with:
HEUR:Trojan.Script.Generic & Trojan.JS.Iframe.aeq
(EXPLOIT from VIETNAM)


MALWARE: EXPLOIT


DOMAIN:
aromavietnam.com
  • https://www.virustotal.com/de/url/ec13cdcd880da204742fbbb17ebb754f78fa9e9916c5d900393e779c09d017bf/analysis/1391695139/

Infected with: HEUR:Trojan.Script.Generic
  • https://www.virustotal.com/de/file/000ab3f5794c646ded51dd9b66d10749834dce17193ee9da1c28520fd23c52c1/analysis/1391697040/

EXPLOIT-KIT embedded iframe redirection - possible exploit kit indicator
  • https://urlquery.net/report.php?id=9256862
  • https://urlquery.net/report.php?id=9258051
  • https://urlquery.net/report.php?id=9258064

--->
173.237.187.203/post.php?id=704732
  • https://www.virustotal.com/de/url/aa23c1e60447fa417c7bf7cd25fdf3257e0b354fb1a37a143b8334b7bd96c1f5/analysis/1391698495/
  • https://urlquery.net/report.php?id=9258108

OTHER MALICIOUS LINK(s):
aromavietnam.com/stmenu.js
  • https://www.virustotal.com/de/url/e30a7f2e0271567938041e58cbccb2b2273e217c83110083ec79c4b747bef41c/analysis/1391694780/

Infected with: Trojan.JS.Iframe.aeq
  • https://www.virustotal.com/de/file/864d33b798d3c718263cb7ed78bea4a007133af53c704f45a54f0ca5e832aaa0/analysis/1391695003/

--->
37.59.120.98/704732.js
  • https://www.virustotal.com/de/url/eef9a6a86ae865da21b27b35623e5756f3569ceacb11a0a0fc444de13c413c0c/analysis/1391696634/
REF.: http://jsunpack.jeek.org/?report=05a453d8b0c4094c355d0f93ec02fe7f9619f4a2


Keine Kommentare:

Kommentar veröffentlichen