NEW POTENTIALLY RISKWARE DETECTED: not-a-virus:PSWTool.Win32.Agent.wi from securityxploded.com (SX Password Remover Suite - PASSWORDSTEALER)

NEW POTENTIALLY RISKWARE DETECTED:
SX Password Remover Suite - PASSWORDSTEALER

not-a-virus:PSWTool.Win32.Agent.wi

http://securityxploded.com/download-file.php?id=1175

• https://www.virustotal.com/de/url/e16f4432398839be81b26f99bd1383feb414f05f5a2a87c7a44b76ac835b72b1/analysis/1397489175/

http://securityxploded.com/getfile_plus.php?id=1175

• https://www.virustotal.com/de/url/208ae819b9936e31aebe61a1f8109006c352819503e642d4dd7af3e28a554ca6/analysis/1397489192/

(SXPasswordRemoverSuite.zip) not-a-virus:PSWTool.Win32.Agent.wi

• https://www.virustotal.com/de/file/39122c76f0ed46174644d507eb28d40050d2954f49a0cb4cdceeb3b4be7aec10/analysis/1397488622/

(Setup_SXPasswordRemoverSuite.exe) not-a-virus:PSWTool.Win32.Agent.wi

• https://www.virustotal.com/de/file/b24cbff70b29b2da22dfb510fd446abcb302db15fdd373823d7aca59b58cabef/analysis/1397488631/

WEPAWET: SUSPICIOUS

• http://wepawet.iseclab.org/view.php?hash=7e7933fe50b94cc98b071cd4f3cf0c3d&t=1397488890&type=js

• http://zulu.zscaler.com/submission/show/e15f2d9e3452820d3e013e126d29424d-1397488901

IP:

http://64.150.191.172/

• https://www.virustotal.com/de/url/774ec0fe019369938cf734a511ae4334b74f31e5c0202710934e0997df8a6e7f/analysis/

BESIDES THAT, FOLLOWING SUSPICIOUS/MALICIOUS LINK HAS BEEN FOUND (HIDDEN IFRAMES):

http://securityphresh.com/index.html

• https://www.virustotal.com/de/url/560aa2ab68e0ab1713b590a4df8096afe6b7efcb072defb901c7d02446a75cd9/analysis/1397489696/

HIDDEN LINKS

HIDDEN IFRAMES TO:

http://2014.confidence.org.pl/

https://www.virustotal.com/de/url/c121b7f7adb198511ce3ff8be6daf221595296fa01e03a8d76fc0cf8f1894b97/analysis/1397491597/

NEW POTENTIALLY RISKWARE DETECTED: Not-a-virus:PSWTool.Win32.PasswordCracker.wa from securityxploded.com (GooglePasswordKracker - PASSWORDSTEALER)

NEW POTENTIALLY RISKWARE DETECTED:
Google Password Kracker - PASSWORDSTEALER

not-a-virus:PSWTool.Win32.PasswordCracker.wa

http://securityxploded.com/download-file.php?id=1111

• https://www.virustotal.com/de/url/d864fcc6532516ad11184ef1da7b9b213d425f73e2dc491cdc867d8f81a4cdd2/analysis/1397222761/

http://securityxploded.com/getfile_plus.php?id=1111

• https://www.virustotal.com/de/url/fb11af6a71cfc251ce28311cb2ce4a9cd1b9d250466b43d8b69b40a6ec98f300/analysis/1397223150/

(GooglePasswordKracker.zip) PSWTool.Win32.PasswordCracker.wa

• https://www.virustotal.com/de/file/ebdd3d63628348b6f1ff0dfcb48370197ce00fcbb085f1eb5741bb8ff9052be9/analysis/1397125092/

(Setup_GooglePasswordKracker.exe) PSWTool.Win32.PasswordCracker.wa

• https://www.virustotal.com/de/file/64ecac6ab2468141e09c9c9be4eec68d4f7ed2ea0dd659ecc6d386846d82c5fa/analysis/1397222739/

WEPAWET: SUSPICIOUS

• http://wepawet.iseclab.org/view.php?hash=38ed429cd0bfe567ae411d465eed1a1d&t=1397222866&type=js

• http://zulu.zscaler.com/submission/show/b1d8169ade268f06de667c0595f507e6-1397223014

IP:

http://64.150.191.172/

• https://www.virustotal.com/de/url/774ec0fe019369938cf734a511ae4334b74f31e5c0202710934e0997df8a6e7f/analysis/

NEW POTENTIALLY RISKWARE DETECTED: Not-a-virus:PSWTool.Win32.PasswordCracker.ah from securityxploded.com (RouterPasswordKracker - PASSWORDSTEALER)

NEW POTENTIALLY RISKWARE DETECTED:
Router Password Kracker - PASSWORDSTEALER

not-a-virus:PSWTool.Win32.PasswordCracker.ah

http://securityxploded.com/download-file.php?id=1051

• https://www.virustotal.com/de/url/50de12846436464e15f375b94cd40a4ada8548175ad0c62b3e8c60e3a45ae088/analysis/1397221413/

http://securityxploded.com/getfile_plus.php?id=1051

• https://www.virustotal.com/de/url/ba45120dcf7b88f21e1d5a7033d71ead3434b682a0094a78f622590f6fee352d/analysis/1397221456/

(RouterPasswordKracker.zip) PSWTool.Win32.PasswordCracker.ah

• https://www.virustotal.com/de/file/ba3437b5a48fd5427fb2275af78617a2ef90f6279d11dfc89959f5dd63ef09a9/analysis/

(Setup_RouterPasswordKracker.exe) PSWTool.Win32.PasswordCracker.an

• https://www.virustotal.com/de/file/7471baaaa951f9539b6099e9a41025a30ae3004da3b2374187796fec236afa2c/analysis/1397221327/

WEPAWET: SUSPICIOUS

• http://wepawet.iseclab.org/view.php?hash=ba09ba2dabd6b8d643c96c39377be0ce&t=1397221623&type=js

• http://zulu.zscaler.com/submission/show/649a46f0bc29a0e9a0b0200883870201-1397221649

IP:

http://64.150.191.172/

• https://www.virustotal.com/de/url/774ec0fe019369938cf734a511ae4334b74f31e5c0202710934e0997df8a6e7f/analysis/

NEW POTENTIALLY RISKWARE DETECTED: Not-a-virus:PSWTool.Win32.PasswordCracker.an from securityxploded.com (WindowsPasswordKracker - PASSWORDSTEALER)

NEW POTENTIALLY RISKWARE DETECTED:
Windows Password Kracker - PASSWORDSTEALER

not-a-virus:PSWTool.Win32.PasswordCracker.an

http://securityxploded.com/download-file.php?id=1021

• https://www.virustotal.com/de/url/cc5a4c406543221d1d71c5d0df18550fd5e09f8fef9800b7c28af880590a8d47/analysis/1397141402/

http://securityxploded.com/getfile_plus.php?id=1021

• https://www.virustotal.com/de/url/426ea5d9ff85f30ab9d48664ab0e90b477d24bb39fc8fda483879057f3380fa1/analysis/1397141585/

(WindowsPasswordKracker.zip) PSWTool.Win32.PasswordCracker.an

• https://www.virustotal.com/de/file/9dec4dc449b7f4fbc1d77419d202b22bc21c388d55d70a049af58f7938527b49/analysis/1397141499/

(Setup_WindowsPasswordKracker.exe) PSWTool.Win32.PasswordCracker.an

• https://www.virustotal.com/de/file/6ca5b0c04a96caf1df32be15a26401773d6573f377c84efce1e16e23e13ee0e7/analysis/1397141534/

WEPAWET: SUSPICIOUS

• http://wepawet.iseclab.org/view.php?hash=b951e8893d7019d984a89ab57e9300dc&t=1397141634&type=js

• http://zulu.zscaler.com/submission/show/fa35f7d3fc94d4dd91cbee227bced416-1397141683

IP:

http://64.150.191.172/

• https://www.virustotal.com/de/url/774ec0fe019369938cf734a511ae4334b74f31e5c0202710934e0997df8a6e7f/analysis/

NEW POTENTIALLY RISKWARE & PHISHING DETECTED: Not-a-virus:PSWTool.Win32.Agent.vx from securityxploded.com (WindowsDriveHider - Passwordstealer)

NEW POTENTIALLY RISKWARE DETECTED:
Windows Drive Hider - Passwordstealer

not-a-virus:PSWTool.Win32.Agent.vx

http://securityxploded.com/download-file.php?id=1011

• https://www.virustotal.com/de/url/f20fbbaa6dc5d1c58e9824b445cf35f506512dc5e1ed7ebbe8eea41ed498780c/analysis/1397069288/

http://securityxploded.com/getfile_plus.php?id=1011

• https://www.virustotal.com/de/url/dca829bc0b33249a056eb8b6489e84e90e1b5fb8a40f608992141254658f2f6b/analysis/1397069330/

(WindowsDriveHider.zip) PSWTool.Win32.Agent.vx

• https://www.virustotal.com/de/file/0ca33d4ebaef889b5b35e1f55dd4bb245930b4846bb125fd2755fb65369269ba/analysis/1397069354/

(SetupWindowsDriveHider.exe) PSWTool.Win32.Agent.vx

• https://www.virustotal.com/de/file/ca65cde81006fda4c3f90ca0f2b8fbe0c5f8d5f06052f652ff33e68d07f06a07/analysis/1397069576/

(WindowsDriveHider.exe) PSWTool.Win32.Agent.vx

• https://www.virustotal.com/de/file/df7d22e0a4bc4f2674c8be7ba8b7b9c415851dc120dd421508d8a3191f473177/analysis/1397069541/

WEPAWET: Suspicious

• http://wepawet.iseclab.org/view.php?hash=75ae03c5152f116b12977a062e146979&t=1397069846&type=js

• http://zulu.zscaler.com/submission/show/22a63c3e6ed00b1be52a58ba2d0a8d70-1397069633

IP:

http://64.150.191.172/

• https://www.virustotal.com/de/url/774ec0fe019369938cf734a511ae4334b74f31e5c0202710934e0997df8a6e7f/analysis/

SUPPLEMENTARY OTHER LINK FOUND ON PAGE (PUA.PHISHING.BANK):

http://nagareshwar.securityxploded.com/2013/09/16/seh-exploitation-to-get-shell-access/index.html

• https://www.virustotal.com/de/url/b8e3193f581b32f9c3ef4af6c58ae4a94d0783162f8cf49774d3111d3e1581a7/analysis/1397070689/

HTML-PUA.PHISHING.BANK

• https://www.virustotal.com/de/file/c8e6a6d9ef6c9178db84fc7614f2d168856d36e44c78f5b68284f5874e8b7176/analysis/1397070794/

• http://virusscan.jotti.org/de/scanresult/d50831e4520e9bd7863cd71fabe24462a193fe6e

NEW POTENTIALLY RISKWARE DETECTED: Not-a-virus:PSWTool.Win32.Agent.vs from securityxploded.com (SecurePasswordGenerator.exe - Passwordstealer)

NEW POTENTIALLY RISKWARE DETECTED:
Secure Password Generator.exe - Passwordstealer

not-a-virus:PSWTool.Win32.Agent.vs

http://securityxploded.com/download-file.php?id=1001

• https://www.virustotal.com/de/url/7324056a65a45256f21a3a2ee7f726744fd633a16f5652cedf1207bcf247cf20/analysis/

http://securityxploded.com/getfile_plus.php?id=1001

• https://www.virustotal.com/de/url/1856e6f51ffc018dc74e5dc7a79a945c6d2309eecedd4ebe49dae7fec42ad735/analysis/

(ZIP) PSWTool.Win32.Agent.vs

• https://www.virustotal.com/de/file/0d18d235271859bff3dff8356b4570dcbb9933b94d6c6dd57715b8602675f4aa/analysis/1396777216/

(EXE SETUP) PSWTool.Win32.Agent.vs

• https://www.virustotal.com/de/file/b9224e67ff7c69df803e132298174fdec88e0bd44f6c758fc6e3aef985f91002/analysis/1396777476/

(EXE FILE) PSWTool.Win32.Agent.vs

• https://www.virustotal.com/de/file/db2f38542a5c0526cbf4906974aadfd2c20d658ea031d19031b17e14a31ed03b/analysis/1396777454/

WEPAWET: SUSPICIOUS

• http://wepawet.iseclab.org/view.php?hash=c8b48449e807664acd6562d5c9d92b6f&t=1397066560&type=js 

IP:

http://64.150.191.172/

• https://www.virustotal.com/de/url/774ec0fe019369938cf734a511ae4334b74f31e5c0202710934e0997df8a6e7f/analysis/

NEW POTENTIALLY RISKWARE DETECTED: Not-a-virus:RiskTool.Win32.Agent.dbq from securityxploded.com (SetupPasswordSnifferConsole.exe)

NEW POTENTIALLY RISKWARE DETECTED: Setup Password Sniffer Console

not-a-virus:RiskTool.Win32.Agent.dbq

http://securityxploded.com/getfile_plus.php?id=1155

• https://www.virustotal.com/de/url/ca5cce1c0eadc8893c81f1fcacee8938dc0734cfb89485ade0bba02597848795/analysis/1397053044/

(ZIP) RiskTool.Win32.Agent.dbq

• https://www.virustotal.com/de/file/7694d475fbca9d827bdbe8e5075e6fb5258c07cf82b07ec8b16c9f13fd91029b/analysis/1397052774/

(EXE) RiskTool.Win32.Agent.dbq

• https://www.virustotal.com/de/file/4806ab9294ff991d07156374a85c1153ce319c9c7312f649213ecd685c4f571b/analysis/1397052734/

IP:

http://64.150.191.172/

• https://www.virustotal.com/de/url/774ec0fe019369938cf734a511ae4334b74f31e5c0202710934e0997df8a6e7f/analysis/1397059586/