CHINESE MALWARE:
DOMAIN:
http://zychina.mobi/
- https://www.virustotal.com/de/url/b212fd8098e178418e113cb823368b43f133aaac51838ae708dba4a923c41a7b/analysis/1396354754/
Trojan.JS.Iframe.fz
- https://www.virustotal.com/de/file/49f2b6bf7563ea06b69ee3684c93570a430d18c97faaae60254a60459b798e1d/analysis/1396354981/
http://zychina.mobi/seller/offerdetail/12-97-0-176.html
- https://www.virustotal.com/de/url/7ebc5b4cbf1444fad375a685d687bdf33da5f77b4822b647f335faccd98770e4/analysis/
Trojan.JS.Iframe.fz
- https://www.virustotal.com/de/file/3a0a92fc03235935b8403f6ebec3aeb1bc8dedce42b4531f6837856c276f8ab4/analysis/1396355327/
mm.aa88567.cn (Parked Domain) |
DOMAIN:
http://mm.aa88567.cn/
- https://www.virustotal.com/de/url/1e45da7aac14b36d7d105ce784a495150344dfd34da1978ac05606a30ddbc3ae/analysis/1396355633/
REMOTE URL:
http://mm.aa88567.cn/index/mm.js
- https://www.virustotal.com/de/url/9301134079c20e75b649ea30d29daa465a2e81ead033a5312b394585b7cfd9ef/analysis/1396355646/
IP(s):
1) http://218.104.136.146/
- https://www.virustotal.com/de/url/b33d2e7b96317081cb01eb03e844dbbc41485ba9eb8a40209d23e36cd060c789/analysis/1396356099/
- https://www.virustotal.com/de/ip-address/218.104.136.146/information/
- https://www.projecthoneypot.org/ip_218.104.136.146
2) http://50.117.120.253/ (Personal 2nd Appearance)
- https://www.virustotal.com/de/url/e619b1d78286c0b9cadfbb81b7ad400b5c94c97ada584689925d2ba3805ec165/analysis/1396356347/
- https://www.virustotal.com/de/ip-address/50.117.120.253/information/
Keine Kommentare:
Kommentar veröffentlichen