OpenBlackList

1. OpenBlackList (twitter: @OpenBlackList) . A project by ElCatapan (twitter: @ElCatapan).
2.  
3. This paste contain information about attacks collected from my honeypot systems.
4.  
5.  
6.  
7. Date: 2015-09-30
8.  
9. Source of the attack: 190.50.31.127 (190-50-31-127.speedy.com.ar),located in Argentina
10.  
11. Service attacked: SMB
12.  
13. Action: Malware propagation
14.  
15. MD5 sample: 786ab616239814616642ba4438df78a9
16.  
17. Downloads number: 3
18.  
19. Download URL:
20. smb://::ffff:190.50.31.127
21.  
22. Offer URL:
23. smb://::ffff:190.50.31.127/winnt\lsass.exe
24.  
25.  
26.  
27. VirusTotal Analisys:
28.  
29. Antivirus total: 55
30. Antivirus positives: 17
31.  
32.  
33. Antivirus: MicroWorld-eScan
34. Antivirus version: 12.0.250.0
35. Antivirus update: 20150930
36. Malware: Trojan.Spy.XXP
37.  
38. Antivirus: nProtect
39. Antivirus version: 2015-09-30.01
40. Antivirus update: 20150930
41. Malware: Trojan.Spy.XXP
42.  
43. Antivirus: Zillya
44. Antivirus version: 2.0.0.2423
45. Antivirus update: 20150930
46. Malware: Downloader.OpenConnection.JS.97660
47.  
48. Antivirus: BitDefender
49. Antivirus version: 7.2
50. Antivirus update: 20150930
51. Malware: Trojan.Spy.XXP
52.  
53. Antivirus: NANO-Antivirus
54. Antivirus version: 0.30.26.3725
55. Antivirus update: 20150930
56. Malware: Trojan.Win32.Agent.devlns
57.  
58. Antivirus: F-Prot
59. Antivirus version: 4.7.1.166
60. Antivirus update: 20150929
61. Malware: W32/SuspPack.CY.gen!Eldorado
62.  
63. Antivirus: ClamAV
64. Antivirus version: 0.98.5.0
65. Antivirus update: 20150930
66. Malware: Win.Trojan.Spy-87
67.  
68. Antivirus: Ad-Aware
69. Antivirus version: 12.0.163.0
70. Antivirus update: 20150930
71. Malware: Trojan.Spy.XXP
72.  
73. Antivirus: Emsisoft
74. Antivirus version: 3.5.0.642
75. Antivirus update: 20150930
76. Malware: Trojan.Spy.XXP (B)
77.  
78. Antivirus: F-Secure
79. Antivirus version: 11.0.19100.45
80. Antivirus update: 20150930
81. Malware: Trojan.Spy.XXP
82.  
83. Antivirus: DrWeb
84. Antivirus version: 7.0.15.8310
85. Antivirus update: 20150930
86. Malware: Trojan.MulDrop.40222
87.  
88. Antivirus: Sophos
89. Antivirus version: 4.98.0
90. Antivirus update: 20150930
91. Malware: Troj/Agent-AMRO
92.  
93. Antivirus: Cyren
94. Antivirus version: 5.4.16.7
95. Antivirus update: 20150930
96. Malware: W32/SuspPack.CY.gen!Eldorado
97.  
98. Antivirus: Arcabit
99. Antivirus version: 1.0.0.568
100. Antivirus update: 20150930
101. Malware: Trojan.Spy.XXP
102.  
103. Antivirus: Ikarus
104. Antivirus version: T3.1.9.5.0
105. Antivirus update: 20150930
106. Malware: Trojan.Spy
107.  
108. Antivirus: GData
109. Antivirus version: 25
110. Antivirus update: 20150930
111. Malware: Trojan.Spy.XXP
112.  
113. Antivirus: Qihoo-360
114. Antivirus version: 1.0.0.1015
115. Antivirus update: 20150930
116. Malware: Trojan.Generic