Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Domain not in namespace - are they spreading a malicious executable?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Domain not in namespace - are they spreading a malicious executable? (Read 1003 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33900
malware fighter
Domain not in namespace - are they spreading a malicious executable?
«
on:
March 01, 2015, 02:51:29 PM »
See:
https://www.virustotal.com/nl/url/3486f71159f5a5a9ba3558a9e83f708a9ee387c80db2b7249136deef9fc01f87/analysis/1425216544/
Missed big time:
http://zulu.zscaler.com/submission/show/00fa5a7036984687c7da2f77606ea5cd-1425216566
See:
http://urlquery.net/queued.php?id=268920109
For the main domain (the sub-domain did not resolve - nameserver issue):
http://www.dnsinspect.com/ipcheker.com/1425217188
->
http://whois.domaintools.com/ipcheker.com
IP badness:
https://www.virustotal.com/nl/ip-address/199.59.243.120/information/
Redirects to: /Zm9yY2VTUg - Site Potentially Harmful
Script Scan:
http://jsunpack.jeek.org/?report=45433e722df0a3ce1b44bafaaaccdac93cc3257e
For security research only, open in browser with NoScript active and running inside a sandbox/VM.
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Domain not in namespace - are they spreading a malicious executable?