SHARE
TWEET

#MalwareMustDie - #PseudoRandom DGA Case Infector

MalwareMustDie Nov 19th, 2012 137 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #MalwareMustDie, PoC of stolen domain mynumber.org, used as infector by EK.
  2. Base: UrlQuerry: http://urlquery.net/search.php?q=mynumber.org&type=string&start=2011-06-25&end=2012-11-20&max=50
  3. ------------------------------------------------------------------------------------------------------------------------------------
  4. Date (CET)      Alerts/IDS URL  IP     
  5. ------------------------------------------------------------------------------------------------------------------------------------
  6. 2012-11-20 00:32:56 1 / 1  http://xpornstarbul.mynumber.org/latest/amateur_dog_sex_01.avi.exe   94.199.53.203   [Hungary]
  7. 2012-11-17 22:26:06 2 / 0  http://mwwczodfrhwzmetq.mynumber.org/in.cgi?14                       37.72.188.88    [Estonia]
  8. 2012-11-17 15:26:52 1 / 0  http://babalol.mynumber.org/                                         37.72.188.87    [Estonia]
  9. 2012-11-17 14:31:54 1 / 0  http://babalol.mynumber.org/                                         37.72.188.87    [Estonia]
  10. 2012-11-15 15:56:55 2 / 0  http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8         212.7.194.234   [Netherlands]
  11. 2012-11-15 15:03:46 2 / 0  http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8         212.7.194.234   [Netherlands]
  12. 2012-11-15 05:55:18 2 / 0  http://xflonjilx.mynumber.org/geographicallyconquering.cgi?8         212.7.194.235   [Netherlands]
  13. 2012-11-14 21:24:40 0 / 0  http://mynumber.org                                                  204.16.173.30   [United States]
  14. 2012-11-14 20:12:15 1 / 0  http://yvcqmkhd.mynumber.org/leh.jar                                 91.220.35.52    [Ukraine]
  15. 2012-11-13 09:18:00 3 / 6  http://gkdjxp.mynumber.org/?a=YWZmaWQ9MDUxODg=                       78.140.135.206  [Netherlands]
  16. -------------------------------------------------------------------------------------------------------------------------------------
  17.  
  18. #MalwareMustDie - #PseudoRandom DGA Case Infector
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top