#3 Malware Network Analysis 17.10.2015

Discussion in 'Malware Analysis Archive' started by JM Security, Oct 17, 2015.

  1. JM Security

    JM Security Level 28
    Trusted

    Apr 12, 2015
    1,746
    13,954
    SecureMyBit Developer
    Unknown
    #1 JM Security, Oct 17, 2015
    Last edited: Oct 17, 2015
    Hi everyone.

    SAMPLE TYPE: W32/Agent.EW.gen!Eldorado

    Here are the results:
    • DOMAINS CONTACTED:
    Code:
    17roco.qq.com
    hi.baidu.com
    ossweb-img.qq.com
    pingjs.qq.com
    ui.ptlogin2.qq.com
    res.17roco.qq.com
    • IPs CONTACTED:
    Code:
    140.206.160.173
    180.76.2.41
    184.105.67.90
    203.205.151.212
    184.105.66.254
    184.105.67.90
    • HOSTS CONTACTED:
    Code:
    140.206.160.173
    180.76.2.41
    184.105.67.89
    184.105.66.254
    MD5: cbc88cdf8bf37bb607009aeb2509ade6

    SHA1: 0b6bd78a95beb0e82fd6730f40294467075054ce

    SHA256: 7ae7c683e4f1e65f218dc9fd7413e1723be745f599159d76b5062e51e51c13e6

    VirusTotal results: Antivirus scan for 7ae7c683e4f1e65f218dc9fd7413e1723be745f599159d76b5062e51e51c13e6 at 2015-10-17 14:57:28 UTC - VirusTotal

    Download the file(password: infected): hXXp://www32.zippyshare.com/v/lKGpyUVz/file.html
     
Loading...
Similar Threads Forum Date
Setting VM network for malware analysis Technology News Nov 2, 2017
Malware Analysis Malware Network Analysis 23.03.2016 Malware Analysis Mar 23, 2016
#2 Malware Network Analysis 27.07.2015 Malware Analysis Archive Jul 27, 2015