Monday, March 29, 2010

Malware links March 2010

If you are looking for links to download samples, look here Links and resources for malware samples



  • hxxp://66.232.142.167/funny.php    JS/Exploit.ADODB.Stream.NAP trojan   
  •  hxxp://googlecounter.cn/web/gla.php contains PDF/Exploit.Gen trojan.
  • hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/SmileyCentralInitialSetup1.0.1.1.cab contains a variant of Win32/AdInstaller 
  • hxxp://google.analytics.com.aptwhzoqc.info/kav/KAV5.exe/oHbcb9bc6cV0100f070006R8b2e329c102Tf70a1fc2201l0409K6cb1af37317 contains JS/Exploit.Pdfka.BXK trojan.
  • hxxp://google.analytics.com.aptwhzoqc.info/kav/KAV5.exe/eHbcb9bc6cV0100f070006R8b2e329c102Tf70a1fde201l0409K6cb1af37318J0f0006010 contains Win32/Adware.SpywareProtect2009 application.
  • hxxp://google.analytics.com.aptwhzoqc.info/kav/KAV5 .asp/oHbcb9bc6cV0100f070006Rbab08f6d102Tf70a1fd7201l0409K5c3a3a34317 contains JS/Exploit.Pdfka.BXK trojan. 
  • hxxp://google.analytics.com.aptwhzoqc.info/kav/KAV5 .asp/eHbcb9bc6cV0100f070006Rbab08f6d102Tf70a1fd2201l0409K5c3a3a34318J0f0006010 contains Win32/Adware.SpywareProtect2009 application.
  • http://www.paramountcommunication.com/heritage/index.php?utm_source=Newsletter&utm_medium=Email&utm_campaign=Insider+Online&email=...   JS/TrojanDownloader.Pegel.AA  
  • hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab    a variant of Win32/AdInstaller       
  • hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-5/myWebFaceInitialSetup1.0.1.3.cab    a variant of Win32/AdInstaller 
  •  hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-6/1.2.0.1/MyFunCards.exe    a variant of Win32/AdInstaller             
  • hxxp://blogger-com.custhelp.com.lauxanh-us.readystockonline.ru:8080/mop.com/mop.com/google.com/woot.com/zol.com.cn.php    JS/TrojanDownloader.Iframe.NHK trojan          
  • hxxp://capitalone-com.victoriassecret.com.rutube-ru.newsuperway.ru:808/qidian.com/qidian.com/kioskea.net/google.com/howstuffworks.com.php    JS/TrojanDownloader.Iframe.NHK trojan   
  • hxxp://consuladodamulher.org.br/Itau/cont_artigos.php?s=TQQeTma9&id=6    multiple threats      
  • hxxp://golddeery.info/show-banner.php?kod=629081&site=ff.ca    HTML/Iframe.B.Gen virus  
  • hxxp://google.analytics.com.hzlyaejcvmat.info/nte/AVORP1KAV6 .asp/oU230d9c2eHbcb9bc6cV0100f070006R8c1977ae102Tf7326dcc201l0409K7959373b317    JS/Exploit.Pdfka.NTY trojan                      
  • hxxp://google.analytics.com.mdmnegsxcytq.info/kav/kav5.html/oHbcb9bc6cV0100f070006R24c1e2fe102Tf7114d86201l0409Kede2a3a5317    JS/Exploit.Pdfka.NUI trojan          
  • hxxp://google.analytics.com.mdmnegsxcytq.info/kav/kav5.py/oHbcb9bc6cV03002f36002R22c9ccec102Tf7139f4fQ000002f3901801F002a000aJ11000601l0409K41010ef5317    JS/Exploit.Pdfka.NUI trojan          
  •  hxxp://google.analytics.com.molbquhwebp.info/kav/kav5.py/eHbcb9bc6cV0100f070006Ra7e4cffb102Tf7151520201l0409Kd9bdaac13240    a variant of Win32/Kryptik.DHM trojan   
  • hxxp://google.analytics.com.molbquhwebp.info/kav/kav5.py/oHbcb9bc6cV0100f070006Ra7e4cffb102Tf7151527201l0409Kd9bdaac1317    JS/Exploit.Pdfka.NUI trojan              
  • hxxp://google.analytics.com.vvpwiceojasw.info/kavs/KAV6.exe/oHbcb9bc6cV0100f070006R695b81f8102Tf71ecc4c201l0409Ked0fd1fa317    JS/Exploit.Pdfka.NUI trojan      
  • hxxp://media.stu.edu.cn/ckjournalists/wp-content/plugins/test/fragus/pdf.php    PDF/Exploit.Pidief.OJS.Gen trojan     
  •  hxxp://origin-ics.seekmo.com/IC/GPLSeekmo7Zip02/770/-2_td_g-m_tsu_o9_oh_g44_tm8_g-l_tzg9xhg_g-t_tzdzpgcd_g4kl_tl_g-e_tul-m8_gk8_tp_oz/7zipsetup.exe    a variant of Win32/Adware.HotBar.E application 
  • hxxp://reeufgcwdaa.com/kavs/KAV6.exe/oHbcb9bc6cV03f01830002Ra6b096a2102Tf71a35a1Q000002f3901801F002a000aJ11000601l0409K4c7ff6ef317    JS/Exploit.Pdfka.NUI trojan      
  •  hxxp://rytsedwtov.in/new/sdfg.jar    multiple threats   
  •  hxxp://traffictravelling.com/cgi-bin/001?sourceid=3&domain=d3.zedo.com/q002106201317r0409R96b62002Xf72fe433Ybcb9bc6cZ0100f070    JS/Exploit.Pdfka.BQP trojan          
  • hxxp://www.car-parking.eu/city/geneva.html    JS/TrojanDownloader.Agent.NTN trojan    
  • hxxp://www.samplegraduateschoolessay.com/wp-content/plugins/wp-email/email-js-packed.js?ver=2.31    JS/TrojanDownloader.Agent.NRN trojan        
  • hxxp://www.sciences-po.org/    HTML/ScrInject.B.Gen virus                       
    hxxp://www1.hatin-the-safe-atpc.in/build6_290.php?cmd=sendFile&counter=2&p=p52dcWptaF/Cj8bYbnOCdVik12qYVp/Zatrau4FdlJ/JnsWYeHpfqKygdW2SY5jKZ2NmamJpiqDWkaTboKCViaJ0WKrO1c+eb1qfnaSZdV/XlsndblaWpG9rnFuTYGCUXpmSlGprWKjKx6Chpqipbmdjr7DYW8vVoJeZmWCb05qRo5XHn8bM    a variant of Win32/Kryptik.DFC trojan         
  • hxxp://ylwgheakrozn.com/nte/AVORP1TATRA9.py    JS/Exploit.Agent.NBA trojan              
           

No comments:

Post a Comment