Translate

3/06/2014

Trojan-Dropper.VBS.Agent.bp nisted @
atif.netne.net & www.miralicricketclub.tk & ali.net23.net
Yahoo Messenger ActiveX Control Command Execution
United States


MALWARE: Trojan-Dropper.VBS.Agent.bp

DOMAIN:
http://atif.netne.net/
  • https://www.virustotal.com/de/url/d3aa38c2fffee9d9ceb0117ccd4728d30b77c54bf22e8d5d0fac9305c1bcd1bf/analysis/1394103005/
Trojan-Dropper.VBS.Agent.bp (DropFileName = "svchost.exe")
  • https://www.virustotal.com/de/file/98685d45e4b540ec5c5df8a7dcafc59809e418cf8f3244d925b8076774a9ef55/analysis/1394103282/
Query to a .tk domain - Likely Hostile
  • https://urlquery.net/report.php?id=9798971
--->
http://www.miralicricketclub.tk/
  • https://www.virustotal.com/de/url/7efe09ae9e4db8fafe4810bb6095c6b655a33b3cd16f289ba1ba40ac5dd9c7c5/analysis/1394103680/
HTML
  • https://www.virustotal.com/de/file/077fc2c2faba2abc889dc77cb5d4267cde586b72efbed598a805f1b4e37f189d/analysis/1394103796/
Yahoo Messenger ActiveX Control Command Execution
  • https://urlquery.net/report.php?id=9799113
---->
http://ali.net23.net/Atif
  • https://www.virustotal.com/de/url/1ca9e209e3e19505786b734292127a194bb0949883f3bcf8ba5ba21104180b81/analysis/1394104494/
Trojan-Dropper.VBS.Agent.bp
  • https://www.virustotal.com/de/file/209aa8f782a195fe73c71d7fa69f61fde231417c961c0bfaec3be08db8beef6b/analysis/1394104303/
---->
http://ali.net23.net/Atif/
  • https://www.virustotal.com/de/url/ed5cb3bfc46d8b34a1c797e9f750bcfc26d39fc28a2aa3c9908d748121b5c4a1/analysis/1394104574/
Trojan-Dropper.VBS.Agent.bp
  • https://www.virustotal.com/de/file/209aa8f782a195fe73c71d7fa69f61fde231417c961c0bfaec3be08db8beef6b/analysis/1394104303/

Yahoo Messenger ActiveX Control Command Execution
  • https://urlquery.net/report.php?id=9799230
------------------------------------------

DOMAIN ITSELF:
http://ali.net23.net/
  • https://www.virustotal.com/de/url/e905f8eef5b0c8944653fa6a70a9375346e30b03bf53e68cd2f8439485594350/analysis/1394104082/
HTML
  • https://www.virustotal.com/de/file/2a9fcb18459f6f232b4fbb892298a755b986fcc6acaf54c95398a6e0afb7e211/analysis/1394104917/

Keine Kommentare:

Kommentar veröffentlichen