Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
What is this strange redirect malware?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: What is this strange redirect malware? (Read 1735 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33895
malware fighter
What is this strange redirect malware?
«
on:
October 01, 2013, 12:00:59 AM »
See here:
http://sitecheck.sucuri.net/results/goldcentre.ru
and go to website details to see it redirects users to:http://www.google.com/images/url so to
Set-Cookie: GSID=31c8d28f1a2396284f32b691be92a850; expires=Tue, 01-Oct-2013 21:57:34 GMT; path=/; domain=goldcentre dot ru
Location: htxp://www.google.com/url?sa=?q=how%20to&url=http%3A%2F%2
Note: This line has redirected the request to htxp://www.google.com/url?sa=?q=how%20to&url=http%3A%2F%2
The location line in the header above has redirected the request to: htxp://www.google.com/url?sa=?q=how%20to&url=http%3A%2F%2
( If this redirect is not what you expected it has to be cleared.)
http://labs.sucuri.net/db/malware/malware-entry-mwhta7
http://sucuri.net
Quttera gets Normalized URL:
-http://goldcentre.ru
Last scan date:
30-9-2013 23:41:05
Current status:
Unreachable
See:
http://urlquery.net/report.php?id=6124380
(also IP history with ET TROJAN W32/Sality Executable Pack Digital Signature ASCII Marker IDS alert)
Malware closed or dead according to:
http://support.clean-mx.de/clean-mx/viruses.php?ip=78.140.165.153&sort=id%20DESC
Any comments?
polonus
«
Last Edit: October 01, 2013, 12:05:11 AM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Secondmineboy
Avast Evangelist
Massive Poster
Posts: 3645
Re: What is this strange redirect malware?
«
Reply #1 on:
October 01, 2013, 12:16:09 AM »
NO.
Trend Micro blocks this as malicious.
Benign by ZScaler.
Logged
Windows 10 1909, 4 GB DDR3 RAM, 500 GB 5400 RPM HDD, 1366 by 768 LCD Screen, Intel Core i3 5010U Dual Core, Intel HD Graphics 5500
HUAWEI P30 Pro. Android 10
polonus
Avast Überevangelist
Probably Bot
Posts: 33895
malware fighter
Re: What is this strange redirect malware?
«
Reply #2 on:
October 01, 2013, 01:10:40 PM »
Also flagged by Bitdefender TrafficLight:
https://trafficlight.bitdefender.com/info?url=http://www.goldcentre.ru/
flagged at
https://malwr.com/analysis/NzdkYmZmNWUzNmQ0NGNmN2I1ZWQ0NDU3NzRhZTI3MjA/
and this
http://www.threatexpert.com/report.aspx?md5=a78df2774ee768d61962ae458e8e7f22
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
What is this strange redirect malware?