Translate

3/12/2014

BAYER 04 LEVERKUSEN TRACKING FANS:
www.bayer04.de & Obfuscated PUA
(Leverkusen, GERMANY)


MALICIOUS BACKGROUND INTENT:
OBFUSCATED JS (PUA, TRACKER, SPYING) OUTSIDE THE HTMLSRC-HEADER

http://www.bayer04.de/
  • https://www.virustotal.com/de/url/b7d931cbc1a767be418ce46c6a010fc0c55d8cf7efd19ea827c0efc7ba8b6f46/analysis/1394658933/
Obfuscated PUA Link:
http://www.bayer04.de/webtrekk/webtrekk.js
  • https://www.virustotal.com/de/url/8a7ee2b1aed1dbbf6ee9e775ad9e098523120650cbf3248df0b8d5b118a6151b/analysis/1394659517/
PUA.JS.Obfus-2
  • https://www.virustotal.com/de/file/e004c9f7e78fa72379e72f04b2b897ec3f57f74675d25966c9cd1b6b5ad1ba84/analysis/1394659379/
  • http://virusscan.jotti.org/de/scanresult/725ffacc8f21b11ad85a21ba3b1c435d501aba89
IP =
http://184.25.102.88/
  • https://www.virustotal.com/de/url/55b77a9dbfd0212684dd8e10f930ab2db452cb09099358806dc2f5ac05bf1dc0/analysis/1394661164/
  • https://www.virustotal.com/de/ip-address/184.25.102.88/information/

Keine Kommentare:

Kommentar veröffentlichen