API tools faq
paste
Advertisement
DhiaLite

#DhiaLite- Suspicious domains Sep 4th, 2013

DhiaLite
Sep 4th, 2013
169
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.61 KB | None | 0 0
raw download clone embed print report
  1. Wed, Sep 4th 2013
  2. #DhiaLite - Suspicious subdomains started resolving today to same IP 66.199.231.164 that hosted www2.d-93mv3zwkzkt.co7.us which dropped Simda through Styx Exploit kit. Attack described on malware.dontneedcoffee.com in http://bit.ly/14zrpYt
  3.  
  4. vqtel.net registered on 2013-05-13
  5.  
  6. Watch for these.
  7.  
  8. #subdomains
  9. www2.u9ac72z63.vqtel.net
  10. www2.yte8si61hg5v2yxq8.vqtel.net
  11. www2.g4xnun5iwsf3acqmt.vqtel.net
  12. www2.ksadpr1d0em2l6ck-1.vqtel.net
  13. www2.c6r3jx3y4uvqeump.vqtel.net
  14. www2.ru64jxktmqvcgua9.vqtel.net
  15. www2.ympq3jmqpojtep27.vqtel.net
  16. www2.y2ifn46d5.vqtel.net
  17. www2.lojk6ubgu6rz7pq46.vqtel.net
  18.  
  19. END
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!