Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Alive phishing = long overdue! - 986.3 hrs
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Alive phishing = long overdue! - 986.3 hrs (Read 1069 times)
0 Members and 2 Guests are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34054
malware fighter
Alive phishing = long overdue! - 986.3 hrs
«
on:
January 15, 2014, 07:22:18 PM »
See:
https://www.virustotal.com/nl/url/e2245bc0deb7d48562478b52fa1f4be2980fede34c00ead1bbf415319a191afe/analysis/1389809500/
See:
http://urlquery.net/report.php?id=8829430
and
http://support.clean-mx.de/clean-mx/phishing.php?ip=108.168.242.153&sort=id%20DESC
Earlier an IDS alert for ET SHELLCODE Excessive Use of HeapLib Objects Likely Malicious Heap Spray Attempt
-> #
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET SHELLCODE Excessive Use of HeapLib Objects Likely Malicious Heap Spray Attempt"; flow:established,to_client; file_data; content:"Heap|2E|"; nocase; distance:0; content:"Heap|2E|"; nocase; distance:0; content:"Heap|2E|"; nocase; distance:0; classtype:shellcode-detect; sid:2013222; rev:2;) - by Jaime Blasco
For more insight read:
https://www.corelan.be/index.php/2011/12/31/exploit-writing-tutorial-part-11-heap-spraying-demystified/
(authors = corelan team)
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Alive phishing = long overdue! - 986.3 hrs
Author
Topic: Alive phishing = long overdue! - 986.3 hrs (Read 1069 times)
