SHARE
TWEET

Badness in *.keyipin.com in PRC/China

MalwareMustDie Dec 12th, 2015 (edited) 98 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # 47 lines PoC you need to block keyipin.com
  2. # MalwareMustDie!!
  3.  
  4. 20150923  appdown/keyipin.com/6004_zip:   ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  5. 20150923  appdown/keyipin.com/kehu_zip:   ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  6. 20150925  appdown/keyipin.com/china_zip:  ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  7. 20150929  appdown/keyipin.com/Chinaz_zip: ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  8. 20150929  appdown/keyipin.com/win24_zip:  ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  9. 20150929  appdown/keyipin.com/winsyn_zip: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  10. 20150929  appdown/keyipin.com/china_zip:  ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  11. 20150929  appdown/keyipin.com/Mini_zip:   ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, for GNU/Linux 2.6.14, stripped
  12. 20151013  appdown/keyipin.com/chinae_rar: ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  13. 20151013  appdown/keyipin.com/cesi1_rar:  ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  14. 20151013  appdown/keyipin.com/cesi2_rar:  ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  15. 20151013  appdown/keyipin.com/cesixp_rar: ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, for GNU/Linux 2.6.14, stripped
  16. 20151013  appdown/keyipin.com/win24_zip:  ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  17. 20151013  appdown/keyipin.com/winsyn_zip: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  18. 20151014  appdown/keyipin.com/chinae_rar: ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  19. 20151014  appdown/keyipin.com/cesi2_rar:  ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  20. 20151014  appdown/keyipin.com/win24_zip:  ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  21. 20151014  appdown/keyipin.com/winsyn_zip: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  22. 20151014  appdown/keyipin.com/chinae_rar: ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  23. 20151014  appdown/keyipin.com/cesi2_rar:  ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  24. 20151014  appdown/keyipin.com/win24_zip:  ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  25. 20151014  appdown/keyipin.com/winsyn_zip: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  26. 20151014  appdown/keyipin.com/chinae_rar: ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  27. 20151014  appdown/keyipin.com/cesi2_rar:  ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  28. 20151014  appdown/keyipin.com/win24_zip:  ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  29. 20151014  appdown/keyipin.com/winsyn_zip: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  30. 20151014  appdown/keyipin.com/chinae_rar: ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  31. 20151014  appdown/keyipin.com/cesi2_rar:  ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  32. 20151014  appdown/keyipin.com/win24_zip:  ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  33. 20151014  appdown/keyipin.com/winsyn_zip: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  34. 20151014  appdown/keyipin.com/chinae_rar: ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  35. 20151014  appdown/keyipin.com/cesi2_rar:  ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  36. 20151014  appdown/keyipin.com/win24_zip:  ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  37. 20151014  appdown/keyipin.com/winsyn_zip: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  38. 20151015  appdown/keyipin.com/chinae_rar: ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  39. 20151015  appdown/keyipin.com/cesi2_rar:  ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  40. 20151015  appdown/keyipin.com/win24_zip:  ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  41. 20151015  appdown/keyipin.com/winsyn_zip: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  42. 20151104  appdown/keyipin.com/ScanB_zip:  ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  43. 20151104  appdown/keyipin.com/win24_zip:  ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped
  44. 20151106  appdown/keyipin.com/ScanB_zip:  ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  45. 20151106  appdown/keyipin.com/Scan1_zip:  ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  46. 20151106  appdown/keyipin.com/ScanA_rar:  ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  47. 20151106  appdown/keyipin.com/Scan1_zip:  ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  48. 20151106  appdown/keyipin.com/ScanA_rar:  ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  49. 20151107  appdown/keyipin.com/ScanB_zip:  ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped
  50. 20151206  wwjj/keyipin.com/cf_rar:        ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped
  51.  
  52. # compiled by @unixfreaxjp | #MalwareMustDie!, NPO
  53. # date: Sun Dec 13 02:26:21 JST 2015
RAW Paste Data
Top