Other > Viruses and worms

Hackers id founded 94.74.81.92:80

(1/2) > >>

lichesssatrancturkiye:
this post created because some chess lovers dowload this files
he is cracked Total war
https://www.reddit.com/r/techsupport/comments/4hyb49/machine_dns_server53_what_is_it/
virusscan.org test file : Engine32.dll and find results
exe files creates dll files
Hacker Id :


c:\windows\system32\riched20.dll
ole32.dll
comctl32.dll


this result is false MD5   c4d483c716f9bca44eaec7b2c8dbc0e5
SHA-1   f33d035c13bd939d14281d3fd1615bfc90e20a20
SHA-256   c902889dd83fbd941b632e20d073d34da61a175a1d9bc6f930462d6ccbea1dd9
Authentihash   169c53f9a2b08c796b2c32dc06ea0fc4189721b2810a8484b5df18d8074950b4
Imphash   af259ff2e92553acc666c7197a0a84de
SSDEEP   3072:sc6PKbnv3RzTow0VyS+B4bjDpORM/VTIuizRt5:s6nvtTowMyGrTI3J
File type   Win32 DLL
Magic   PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
File size   149.92 KB (153520 bytes)
History
Creation Time   2018-05-14 09:37:22
Signature Date   2018-05-14 10:37:00
First Submission   2018-05-16 13:31:07
Last Submission   2018-05-23 13:38:44
Last Analysis   2018-06-13 14:09:00
Names
Engine32.dll
Signature Info
Signature Verification
Signed file, valid signature
File Version Information
Date signed   10:37 AM 5/14/2018
Signers
ChessBase - Schachprogramme-Schachdatenbank Verlagsgesellschaft
Symantec Class 3 SHA256 Code Signing CA
VeriSign
Counter Signers
Symantec Time Stamping Services Signer - G4
Symantec Time Stamping Services CA - G2
Thawte Timestamping CA
Portable Executable Info
Header
Target Machine   Intel 386 or later processors and compatible processors
Compilation Timestamp   2018-05-14 09:37:22
Entry Point   42407
Contained Sections   6
Sections
Name   Virtual Address   Virtual Size   Raw Size   Entropy   MD5
.text   4096   87925   88064   6.58   9d74cbfcc35f533a3deaa85c43dcdd8a
.rdata   94208   31820   32256   4.97   62753564b7374282435d276f156476e8
.data   126976   13752   11264   7.11   b8701c90b36e4936b16de1a217d9a310
.gfids   143360   264   512   2.07   b189a56b8f028d3c3cf68abce6e750d1
.rsrc   147456   480   512   4.72   daefabcc5853733844632a0d26725281
.reloc   151552   6612   6656   6.53   2a47337ebb4056f3c68685d63234b052
Imports
KERNEL32.dll
SHELL32.dll
ole32.dll
Exports
Engine32
Contained Resources By Type
RT_MANIFEST   1
Contained Resources By Language
ENGLISH US   1
Contained Resources
SHA-256   File Type   Type   Language
4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df   ASCII text   RT_MANIFEST   ENGLISH US
ExifTool File Metadata
CodeSize   88064
EntryPoint   0xa5a7
FileType   Win32 DLL
FileTypeExtension   dll
ImageVersion   0.0
InitializedDataSize   53760
LinkerVersion   14.0
MIMEType   application/octet-stream
MachineType   Intel 386 or later, and compatibles
OSVersion   6.0
PEType   PE32
Subsystem   Windows GUI
SubsystemVersion   6.0
TimeStamp   2018:05:14 10:37:22+01:00
UninitializedDataSize   0
VirusTotal

Adware.Agent.abst
id : <MACHINE_DNS_SERVER>:53 (UDP)


Name
2017-02-13
13
/ 56
Win32 EXE
VsHub.exe
2018-09-15
42
/ 67
Win32 EXE
MSPDBSRV.EXE
2017-09-23
4
/ 64
Win32 EXE
DeskGoSetup
2018-04-26
0
/ 67
Win32 EXE
0
2018-05-03
0
/ 67
Win32 EXE
0
2018-05-12
0
/ 66
Win32 EXE
0
2018-06-09
1
/ 68
Win32 EXE
QQMusicDownloader.exe
2018-07-26
1
/ 68
Win32 EXE
DeskGoSetup
2018-09-12
1
/ 68
Win32 EXE
DeskGoSetup
2018-07-25
0
/ 66
Win32 EXE
WinPE_PreBoot_Support_1.4.4.exe
msvcp140.dll 0/66


hackers id 94.74.81.92:80 (TCP)
<MACHINE_DNS_SERVER>:53 (UDP)

DNS Resolutions
myfilesupload.biz

finally hacker id  :) founded :  :)

virus first founded virus created at 2018
 in 2019 04 22 ( gdata )
Bejing sc. antvirus 2019 3-4  ??

lichesssatrancturkiye:
turk hacker
forum.avast.com/index.php?topic=228938.0


Turk hacker founded
Language turkish :
[PDF]
tc süleyman demirel üniversitesi fen bilimleri enstitüsü dosya ... ( file name turkish file name )

tez.sdu.edu.tr/Tezler/TF03902.pdf
“94.74.81.92:80” TCP. Kurulan bağlantılar ve domainler “virustotal.com” üzerinden araştırılıp zararlı oldukları belirlenmiştir. “94.74.81.92” IP adresine ait ..

lichesssatrancturkiye:
opps sorry 94.74.81.92

lichesssatrancturkiye:
https://www.hybrid-analysis.com/sample/988706aad4817c347b4e1b4cd224726efdf1047227ca4f42378f41de73265b75?environmentId=100

lichesssatrancturkiye:
https://www.reddit.com/r/techsupport/comments/4hyb49/machine_dns_server53_what_is_it/
2016

Navigation

[0] Message Index

[#] Next page

Go to full version