« previous next »
Pages: [1]   Go Down

Author Topic: Suspicious file, PUP or false positive - no the name of the game is spam...  (Read 870 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33925
  • malware fighter
Suspicious file, PUP or false positive - no the name of the game is spam...
« on: August 10, 2015, 09:39:57 PM »
See: http://urlquery.net/report.php?id=1439234742806
See: https://www.virustotal.com/nl/url/4d376c98f54307400f3b87063718e6a5c4fcfc40f24adcd900d3693fbbd26dac/analysis/1439234706/
See: https://www.virustotal.com/nl/file/96babbcc140f49b68ac0bbbfc455bc0aa9ba5838fd2b8e4ff81bfc412ed18472/analysis/1439164859/
See: http://www.herdprotect.com/installimvu_521.0_st.exe-dc8095e1b680e7c32ca67abb4b9c08d1fe7ab4c8.aspx
After the download site, we land here:  -http://printedteeshirtscheap.com/js/script.min.js?ver=1.0
and then at:  -http://printedteeshirtscheap.com/js/masonry.min.js?ver=3.1.2
with PHP outdated: HTTP Server: nginx (Cloudflare)
PHP Version: 5.5.12 (Outdated) website risk status: http://toolbar.netcraft.com/site_report?url=http://printedteeshirtscheap.com with what we expected here: blacklisted mailservers: http://www.dnsinspect.com/printedteeshirtscheap.com/1439235473

polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »