MALICIOUS URL(s):
(Trojan-Downloader.JS.Agent.gtu)
MAL. Iframe Injection
(RBN 275)
Likely leading to EXPLOIT KIT
DOMAIN:
bretthersley.com
- https://www.virustotal.com/de/url/385d06231a7226fa3998b97e62c5c10195485b57556cd52f3d3a0f4874e602d5/analysis/1391776537/
SPECIFIC LINK:
bretthersley.com/wp-content/themes/01_Super_Slick_VCard_-_Wordpress_Version/images/loader.gif
- https://www.virustotal.com/de/url/225a220dd922c4e73a01ec0f40f5d9686c4d5960f28295dd720abce0cbffce41/analysis/1391775974/
FORMERLY:
Trojan-Downloader.JS.Agent.gtu
- https://www.virustotal.com/de/file/3851fd1f908ad8e7a2c8f3b8fd7a5e73182fa8d99761903a743c12db24d90028/analysis/1375177800/
NOW:
Trojan-Downloader.JS.Agent.gtu
- https://www.virustotal.com/de/file/7fb2f58d2fcc4d48f596e23c122441e8bc0f62cfda923868f1fe1731fe06d8dc/analysis/1391776994/
ALSO: HEUR:Trojan.Script.Generic
- https://www.virustotal.com/de/file/828d91af1ebe3f81d909b1e836629bd73d759f72804b3094ecf8a4a690888b00/analysis/1391777096/
REFERENCE:
- http://jsunpack.jeek.org/?report=21aee5b48f214c4f99c87831e7d0ef38bcf6a694
Detected a Dynamic DNS URL
Detected malicious iframe injection
Detected a TDS URL pattern
- https://urlquery.net/report.php?id=9276908
---> REMOTE
pvhetiozstg.findhere.org/vc.php?go=2
- https://www.virustotal.com/de/url/026e9c1d6e32a50a62b715d7f58a057a1e3c68e3df6af13882c745ce2944a6d3/analysis/1391777504/
- https://www.virustotal.com/de/file/214c3b683099a23da1e8ea88093f2c0ce6234f55f36943f810e031628cb7c93e/analysis/1369498120/
Detected a Dynamic DNS URL
Detected a TDS URL pattern
- https://urlquery.net/report.php?id=9277385
ALSO:
WORDPRESS VERSION OUTDATED: RISK BEING VULNERABLE
Keine Kommentare:
Kommentar veröffentlichen