Web Security And Awareness towards Cybercriminals: Trojan Smartasses try to fool with underscore: www.doymus.net infected by Trojan-Downloader.JS.Iframe.cba (Sanayi, TURKEY)

2/20/2014

Trojan Smartasses try to fool with underscore:
www.doymus.net infected by Trojan-Downloader.JS.Iframe.cba
(Sanayi, TURKEY)

MALWARE: Trojan-Downloader (RBN 368)

http://www.doymus.net/Domains/domainname.jpg_/

https://www.virustotal.com/de/url/bcf3c8d06a94352143e87576c1e33f2d96704165d5eea0a65e44c9294c042b7f/analysis/1392890782/

Trojan-Downloader.JS.Iframe.cba

https://www.virustotal.com/de/file/e735971a24c6c3cfc59ccbdd455f353734fe3c11484f3461071628b4e7728b94/analysis/1392891118/

EITHER

http://afonya123.com/r/g.php

https://www.virustotal.com/de/url/9a529a399ed40360a792e5bb92b09d68fe6c3b54beb7152108ce279910160b69/analysis/1392892392/

JS:ScriptIP-inf [Trj]

https://www.virustotal.com/de/file/5a9b0eab6c9ea56986c8530f9cec3286ca339738b370f3e99285178470c0cac6/analysis/1392891103/

https://www.virustotal.com/de/file/9d8ab0819fbc70b5b813b5494ea7b2d265ba9d17539be6d0f5e9687843bd04ea/analysis/1392892609/

https://www.virustotal.com/de/file/ed6cf4753e2ead2289eb857df21df42d6ef61e120013552d36e04a036e46a98c/analysis/1392892669/

OR

http://sandiiegoexpo.ru/expocity.html

https://www.virustotal.com/de/url/e10e79b4164439018d53e5e5c2292249139f22847952d6a698f579c2ce1dcc18/analysis/1392892505/

------------

http://jsunpack.jeek.org/?report=8e80d2752b1684ccb8932f9fcacd6aba48781b73
http://jsunpack.jeek.org/?report=54d2ad555e3ffbfe355275443ee1dcd9ecc779b9

Keine Kommentare:

Kommentar veröffentlichen

Abonnieren Kommentare zum Post (Atom)