Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Just blacklisted, now parked, no actual malware?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Just blacklisted, now parked, no actual malware? (Read 2492 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34051
malware fighter
Just blacklisted, now parked, no actual malware?
«
on:
January 23, 2019, 04:09:04 PM »
Flagged:
https://urlhaus.abuse.ch/url/108522/
Once active: Generic detection:
https://www.virustotal.com/nl/file/03096a2e3cc5962980ba1adc36aa7a169972f90c89aa8df6a5e07129c431deca/analysis/1548254423/
8 to flag:
https://www.virustotal.com/#/url/3f6b2f74ae8a1eab28549eff381e222b6f45285b090dab9ff616f58128a66652/detection
On domain (known infection source):
https://www.virustotal.com/#/domain/www.biometricsystems.ru
Nothing:
https://urlquery.net/report/6d936861-d386-4159-a3b4-e26fcacf6627
Cannot be found:
https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3LmJbXW17dH1bXnN5c3R7bXMufXVgfE18Wl1OYEJ7c3R7bGwje3R8W2xzYDIwMTktMDFg~enc
Site blacklisted and outdated PHP:
https://sitecheck.sucuri.net/results/www.biometricsystems.ru/AMAZON/Bestelldetails/2019-01/
9 hints:
https://webhint.io/scanner/a652ffec-6f3f-4470-94f2-a3d5a50abaa1
No vuln. -http://www.biometricsystems.ru/templates/ordasofttemplate-sectiontemplate/bootstrap/js/bootstrap.js
Number of sources found: 31 ; number of sinks found: 35
Code relation to -http://bigohosting.com/wp-content/plugins/leads-phantom-lc-unlimited/includes//phantom.min.js?ver=1.1.18
Cloudhosting delivering free webbuilder...
polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pondus
Probably Bot
Posts: 37698
Re: Just blacklisted, now parked, no actual malware?
«
Reply #1 on:
January 23, 2019, 09:12:38 PM »
It is alive and the fake .doc is a downloader and will download emotet banking trojan
Brand new > First Submission 2019-01-23 17:05:06
https://www.virustotal.com/#/file/06fe66b8ee6de5224b638a4844b84c40bdba7752180213280a42536add933b8c/detection
Logged
polonus
Avast Überevangelist
Probably Bot
Posts: 34051
malware fighter
Re: Just blacklisted, now parked, no actual malware?
«
Reply #2 on:
January 24, 2019, 11:35:23 AM »
Thanks, Pondus, for that verification.
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Just blacklisted, now parked, no actual malware?