Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #MalwareMustDie, PoC of stolen domain mynumber.org, used as infector by EK.
- Base: UrlQuerry: http://urlquery.net/search.php?q=mynumber.org&type=string&start=2011-06-25&end=2012-11-20&max=50
- ------------------------------------------------------------------------------------------------------------------------------------
- Date (CET) Alerts/IDS URL IP
- ------------------------------------------------------------------------------------------------------------------------------------
- 2012-11-20 00:32:56 1 / 1 http://xpornstarbul.mynumber.org/latest/amateur_dog_sex_01.avi.exe 94.199.53.203 [Hungary]
- 2012-11-17 22:26:06 2 / 0 http://mwwczodfrhwzmetq.mynumber.org/in.cgi?14 37.72.188.88 [Estonia]
- 2012-11-17 15:26:52 1 / 0 http://babalol.mynumber.org/ 37.72.188.87 [Estonia]
- 2012-11-17 14:31:54 1 / 0 http://babalol.mynumber.org/ 37.72.188.87 [Estonia]
- 2012-11-15 15:56:55 2 / 0 http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 212.7.194.234 [Netherlands]
- 2012-11-15 15:03:46 2 / 0 http://slhzpllrp.mynumber.org/geographicallyconquering.cgi?8 212.7.194.234 [Netherlands]
- 2012-11-15 05:55:18 2 / 0 http://xflonjilx.mynumber.org/geographicallyconquering.cgi?8 212.7.194.235 [Netherlands]
- 2012-11-14 21:24:40 0 / 0 http://mynumber.org 204.16.173.30 [United States]
- 2012-11-14 20:12:15 1 / 0 http://yvcqmkhd.mynumber.org/leh.jar 91.220.35.52 [Ukraine]
- 2012-11-13 09:18:00 3 / 6 http://gkdjxp.mynumber.org/?a=YWZmaWQ9MDUxODg= 78.140.135.206 [Netherlands]
- -------------------------------------------------------------------------------------------------------------------------------------
- #MalwareMustDie - #PseudoRandom DGA Case Infector
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
