API tools faq
paste
Advertisement
DhiaLite

#DhiaLite- Malware domains Sep 1st, 2013

DhiaLite
Sep 1st, 2013
306
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.72 KB | None | 0 0
raw download clone embed print report
  1. Thu, Sep 1st 2013
  2. #DhiaLite - Suspicious domains started resolving today to same IP 103.31.186.29 as in http://urlquery.net/report.php?id=4858199
  3.  
  4. xxxnuvidqzz.dnset.com
  5. xxxnuvidufs.ddns.name
  6. xxxnuvidhdl.ddns.name
  7. xxxnuvidsom.dnset.com
  8. xxxnuvidarp.ddns.name
  9. xxxnuvidwov.ddns.name
  10. xxxnuvidrbb.ddns.name
  11. xxxnuvidoas.ddns.name
  12.  
  13. Live payloads on all domains under
  14.  
  15. /2013/hardcore-animal-sex-video.avi.exe
  16. /2013/girl-fucked-by-dog.avi.exe
  17.  
  18. e.g.
  19. http://xxxnuvidqzz.dnset.com/2013/hardcore-animal-sex-video.avi.exe
  20.  
  21. Example VT report
  22. https://www.virustotal.com/en/file/cb4e9c8077f122bdfe6141b9ba69201de4c0ca3956a5ab5ec2a22576524b2d9c/analysis/1378054887/
  23.  
  24. Should just block the IP. It has only been hosting junk so far.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!