Good day everyone.
SAMPLE TYPE: JS.DownLoader.443
Here are the results:
VirusTotal: https://www.virustotal.com/it/file/...3ec66cacdcc2704e1fe59342/analysis/1437996454/
Download: hXXp://www53.zippyshare.com/v/JYZdj4OQ/file.html (password: infected)
SAMPLE TYPE: JS.DownLoader.443
Here are the results:
- DOMAINS CONTACTED:
Code:
kheybarco.com
europe.pool.ntp.org
update.microsoft.com
bestbrightday.ru
connect-support-server.ru
connect-s3892.ru
109.120.180.29
- IPs CONTACTED:
Code:
176.9.8.205
176.9.102.215
134.170.58.222
109.120.180.29
- HOSTS CONTACTED:
Code:
176.9.8.205
88.149.128.123
8.8.4.4
65.55.50.158
109.120.180.29
VirusTotal: https://www.virustotal.com/it/file/...3ec66cacdcc2704e1fe59342/analysis/1437996454/
Download: hXXp://www53.zippyshare.com/v/JYZdj4OQ/file.html (password: infected)
Last edited: