JM Security

Level 32
Content Creator
Verified
Joined
Apr 12, 2015
Messages
2,187
Operating System
Linux Ubuntu
#1
Hi everyone.

SAMPLE TYPE: W32/Agent.EW.gen!Eldorado

Here are the results:
  • DOMAINS CONTACTED:
Code:
17roco.qq.com
hi.baidu.com
ossweb-img.qq.com
pingjs.qq.com
ui.ptlogin2.qq.com
res.17roco.qq.com
  • IPs CONTACTED:
Code:
140.206.160.173
180.76.2.41
184.105.67.90
203.205.151.212
184.105.66.254
184.105.67.90
  • HOSTS CONTACTED:
Code:
140.206.160.173
180.76.2.41
184.105.67.89
184.105.66.254
MD5: cbc88cdf8bf37bb607009aeb2509ade6

SHA1: 0b6bd78a95beb0e82fd6730f40294467075054ce

SHA256: 7ae7c683e4f1e65f218dc9fd7413e1723be745f599159d76b5062e51e51c13e6

VirusTotal results: Antivirus scan for 7ae7c683e4f1e65f218dc9fd7413e1723be745f599159d76b5062e51e51c13e6 at 2015-10-17 14:57:28 UTC - VirusTotal

Download the file(password: infected): hXXp://www32.zippyshare.com/v/lKGpyUVz/file.html
 
Last edited: