Avast WEBforum
Other => Viruses and worms => Topic started by: polonus on June 30, 2017, 11:55:51 PM
-
Where it is being flagged as malware: http://urlquery.net/report.php?id=1498852343499
What kind is detected there? -> https://www.scumware.org/report/218.75.153.34.html
and analysed: https://www.hybrid-analysis.com/sample/9a02bb13f72d4b0fadd2095d8c096bdff5be6fa747e2aa584bbf0ed0c4b05a78?environmentId=100
What is vulnerable on that server: https://asafaweb.com/Scan?Url=3.g.pc6.com
More on that address: http://toolbar.netcraft.com/site_report?url=3.g.pc6.com%2F
and the DOM: https://urlscan.io/result/31e1f714-3c81-45e1-9754-ca55bec52d18/dom/
Server cannot be scanned for POODLE, Rapid SSL Intermediate Cert. nginx gnu flaw - pc6/1.5.1
Server: paopaoche/1.5.1 PKU exploitable -reported earlier by me: https://forum.avast.com/index.php?topic=202754.0
reason Core Security Open Source Threat - see on Threatminer: https://www.threatcrowd.org/domain.php?domain=dow5.pc6.com
Also read here: https://www.theregister.co.uk/2016/02/16/glibc_linux_dns_vulernability/
polonus (volunteer website security analyst and website error-hunter)