Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Phishing on AliCloud blocked by avast
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Phishing on AliCloud blocked by avast (Read 813 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33891
malware fighter
Phishing on AliCloud blocked by avast
«
on:
July 22, 2019, 01:50:21 PM »
Re:
https://urlquery.net/report/cdbe2fd0-b6c1-4fb7-8c16-cebce12e7c36
and
https://www.abuseipdb.com/whois/47.88.103.239
(IP address).
Re:
https://otx.alienvault.com/indicator/domain/finanso.top
Re:
http://urlquery.net/report/2354c304-a72e-480e-80c5-003f1402be65
Re:
https://urlquery.net/report/1cf696d0-60d1-46cf-9a38-536f37298ed4
Re:
https://any.run/report/3962cec5ca5ee3dcf564143e332196f0f6c91cf6beb5547efc3cb18dbb039d99/b649e647-9c03-4194-a212-2d2f15a4e2f2
Re:
https://www.hybrid-analysis.com/sample/2714d9c00094d3d40289e0531e669f57afd08ba6a1e2a919101fe1f7339fe21f?environmentId=120
and
https://www.maltiverse.com/sample/d2e4082bba9c6f5429b601aacc215f252612b4832b1291b703fa82a9b0c57f3c
in particular:
https://urlscan.io/result/12d2ebfd-7b25-4647-8125-d4686df5241a/#behaviour
(no IDS alert for suspicious .xyz domain)
Seems -finanso.top is no longer running, even reports on it are being blocked by avast extensions.
Spam detections:
https://www.virustotal.com/gui/url/3962cec5ca5ee3dcf564143e332196f0f6c91cf6beb5547efc3cb18dbb039d99/detection
(recent?).
Here a final verdict was not yet given:
Re:
https://urlscan.io/result/53b40e7e-7edc-47ba-b945-3a51f5ba09fc
Consider:
https://urlscan.io/search/#page.domain%3Afinansos.top
Generic malware flagged:
https://www.maltiverse.com/hostname/vip.ninanetu.xyz
polonus
«
Last Edit: July 22, 2019, 02:34:53 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Phishing on AliCloud blocked by avast