Malicious/Suspicious Shellcode (Length 367/362): Domains da-tom.de & www.x-7.de Involved in Malicious Activities (GERMANY)

MALICIOUS DOMAIN (da-tom.de)
WITH MALICIOUS SHELLCODE

http://www.x-7.de/

• https://www.virustotal.com/de/url/8f45318803da1480fb37c429f4867128639f02b652c8081725b5094b1ba63faf/analysis/

THIS LINK HAS (HAD) 2 HIDDEN IFRAMES:

http://www.x-7.de/zirbel/archiv/01-okt/01-10-18.htm

1) http://sm7.sitemeter.com/js/counter.asp@site=sm7burschi

• https://www.virustotal.com/de/url/3eb5ca2543a97a6f328224628b0cdbe44c5c0b483cd5c5f039708cc6b6abf3d4/analysis/

• https://www.virustotal.com/de/file/d5b10953ba949844a4ce4501f3f2cb079daa5f5eb8323b9580aef1f7eac899aa/analysis/1394858312/

2) http://da-tom.de/index.html

• https://www.virustotal.com/de/url/724c6bf4ee6b5d900b4e9cc2885992b7339cdd0a6422e42e1d5973ab97e6b8fa/analysis/1394897761/

Heuristic.LooksLike.HTML.Suspicious-URL.H

• https://www.virustotal.com/de/file/e24b03b63d7c7bd98e9d033c5f33d03d21240bfff1ca6e48cc691954e205ff69/analysis/1394897389/

Malicious: Shellcode URL= https:/www.tumblr.com/login
Suspicious: Shellcode of length 367/362

• http://jsunpack.jeek.org/?report=c01b80ad328fd7e709a043e7992f87d98ea41d4b

• https://urlquery.net/report.php?id=9912306

• https://urlquery.net/report.php?id=9912311

IP =

http://66.6.44.4/ (NEW YORK, United States)

• https://www.virustotal.com/de/url/86cb910a3b1312fb45f4e4f4f00e29f4837e887226027d22717dffade9916097/analysis/1394902018/

• https://www.virustotal.com/de/ip-address/66.6.44.4/information/

HTML:
WHICH SAYS:  

Whatever you were looking for doesn't currently exist at this address. Unless you were looking for this error page, in which case: Congrats! You totally found it.

• https://www.virustotal.com/de/file/8dff95da15fc0496a51c88006fefcc4fc1d7f84eae5243d9a6c1f88dddf3bbf3/analysis/

5 Bad Host Appearences

• https://www.projecthoneypot.org/ip_66.6.44.4

FOR FULL REPORT SEE .txt ICON (MINORITY REPORT):