SHARE
TWEET

BHEK + ZeroAccess 2013-02-07 #1

MalwareMustDie Feb 7th, 2013 144 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #MalwareMustDie!
  2. New Blackhole serving ZeroAccess
  3. IP: 178.63.214.21
  4.  
  5. landing page: http://5jijefijdjw.mywww.biz/closest/209tuj2dsljdglsgjwrigslgkjskga.php
  6. PDF:
  7. http://178.63.214.21/closest/black_dragon.php?ezgvhu=30:1n:1i:1i:33&dbixp=3g:36:3i&qwrpdz=1n:32:1i:2w:1m:1g:33:31:1h:31&ncr=1k:1d:1f:1d:1g:1d:1f
  8. http://178.63.214.21/closest/black_dragon.php?oaf=30:1n:1i:1i:33&ldfq=31&znxdfom=1n:32:1i:2w:1m:1g:33:31:1h:31&ulmquqp=1k:1d:1f:1d:1g:1d:1f
  9.  
  10. Payload:
  11. http://5jijefijdjw.mywww.biz/closest/209tuj2dsljdglsgjwrigslgkjskga.php?swgvl=30%20:1n:1i:1i:33&fsc=30:33:1n:1m:1h:33:30:1o:30:1h&jvlli=1i&jqnawl=pre&obihxani=scbpntas%20
  12.  
  13. Samples:
  14.  
  15. https://www.virustotal.com/file/23583e02f73f58f82cbfa5ca087afce340017e5cbf302b977b24ef69f9710034/analysis/1360236324/
  16. https://www.virustotal.com/file/bc5b0a39e4f396f545ce15e82f844af3ba13575a630a361034049ce30a499513/analysis/1360236341/
  17. https://www.virustotal.com/file/a20c73e16b95664185af45cce9dca896b4074931b90053256190d3fbd6d174f5/analysis/1360236897/
  18. https://www.virustotal.com/file/c21b638a1415a2f265be1fedc7cd9537681aeab4d1686b64e3423e8cfc586ec1/analysis/1360236915/
  19. https://www.virustotal.com/file/d61c8ae2bb43d90ef857692895630c67981b41f5bfb2e3b14973e2180068593e/analysis/1360236062/
  20.  
  21. #MalwareMustDie!
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top