FRENCH MALWARE DOMAIN(s):
LINKS TO INFECTED DOMAINS (HEUR:Trojan.Script.Generic / ANGLER EXPLOIT KIT)
SITE:
http://black-salope.photos-films-x.com/
- https://www.virustotal.com/de/url/afd7b2909fd81c0403dcd2d7751966ce255d6011b4217b857f102f0bd02b1d7d/analysis/1399550506/
http://black-salope.photos-films-x.com/black-salopes.html
- https://www.virustotal.com/de/url/dd6f70d37f067050a8e9e7c9a902ed98e18697b125206252d2f9ab8ee4e44e80/analysis/1399550918/
- http://quttera.com/detailed_report/www.photosx-videosx.com
1)
http://www.photosx-videosx.com/
- https://www.virustotal.com/de/url/304eacef10ded96e02de6a8c7377facaf6fe00fa0f7abfb4916e509406caa0b0/analysis/1399551145/
- https://www.virustotal.com/de/file/8eb3907b32e45e38453b56a05aed6b0132f31e7db511e14da383c2e0821b55ea/analysis/1399551334/
- Malicious iframe injection
- Angler exploit kit URL pattern
- https://urlquery.net/report.php?id=1399551228285
http://promo.vador.com/js/tc_loader.js
- https://www.virustotal.com/de/url/8cc9be1632fafa63070ba909501c2c1253363913f508c68ca851e53d3e997082/analysis/1399553305/
- https://www.virustotal.com/de/file/017051c711d3cd4e1dfdfba7976237e86bcbf1841b8c4e96627c929403ea9a20/analysis/1397006857/
DOMAIN:
http://consciousnesszone.com/
- https://www.virustotal.com/de/url/ac7d259785dcda43ec1ec46b60d5be4f6850e7f516a35007fff1a3c34df8daee/analysis/1399553019/
- http://sitecheck.sucuri.net/results/consciousnesszone.com
http://consciousnesszone.com/wp-content/plugins/InstaBuilder/zE1ZWXxV.php?id=1707269
- https://www.virustotal.com/de/url/e389ae2a547adde57bd8665fd45aa84307e994f550e08c11e2b3b125cdef3ee4/analysis/1399552408/
http://socialmediahelpforbusinesses.com/
- https://www.virustotal.com/de/url/bb5f27c3c682dcde39769b673429d69f6ba7bb293824ffa555807aaafa16ee25/analysis/1399552046/
http://socialmediahelpforbusinesses.com/o5a8oheam8
- https://www.virustotal.com/de/url/98ba770ce401bfc84286efaed8dd08e614c1c8f74198fb2f429bb91ebf6fed55/analysis/1399552020/
- https://www.virustotal.com/de/file/59831c7074ce6fb3cad1c442da9d8f943340909375e156ce988d3b6a5cbf86ee/analysis/1399551862/
2) SAME FOR
http://belles-noires.photosx-videosx.com/
- https://www.virustotal.com/de/url/356c31acbf7f736f50a26783583632d2754b8a0094339ed70d4c1703d941f164/analysis/1399553987/
- https://www.virustotal.com/de/file/37ccdabc9e5d4dc17f00af44f311417577ab1dfe884634e663ae15184e37de0e/analysis/1399554228/
- http://urlquery.net/report.php?id=1399554055463
IPs:
1)
http://194.150.236.81/
- https://www.virustotal.com/de/url/090783f03563157938a2c276a895517863727923085fe8723335e188fbe0efd3/analysis/1399554601/
- https://www.virustotal.com/de/ip-address/194.150.236.81/information/
http://23.239.17.30/
- https://www.virustotal.com/de/url/698f78c8e171958c4fe2e9090202804a5ec63d5b1a03bb31abae5094a7bef84c/analysis/1399554712/
Keine Kommentare:
Kommentar veröffentlichen