#2 Malware Network Analysis 27.07.2015

JM Safe

Level 39
Thread author
Verified
Top Poster
Apr 12, 2015
2,882
Good day everyone.

SAMPLE TYPE: JS.DownLoader.443

Here are the results:

  • DOMAINS CONTACTED:
Code:
kheybarco.com  
europe.pool.ntp.org  
update.microsoft.com  
bestbrightday.ru  
connect-support-server.ru  
connect-s3892.ru
109.120.180.29
  • IPs CONTACTED:
Code:
176.9.8.205
176.9.102.215
134.170.58.222
109.120.180.29
  • HOSTS CONTACTED:
Code:
176.9.8.205
88.149.128.123
8.8.4.4
65.55.50.158
109.120.180.29

VirusTotal: https://www.virustotal.com/it/file/...3ec66cacdcc2704e1fe59342/analysis/1437996454/

Download: hXXp://www53.zippyshare.com/v/JYZdj4OQ/file.html (password: infected)
 
Last edited:

MisterToto

Level 9
Verified
Well-known
Aug 31, 2014
439
When i saw the three winners detecting the trojan : Dr Web and Sophos are in ! Sophos is really impressive ;)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top