In case you didn’t catch these earlier at another site, here are some new domains floating around out there doing bad things.
In some cases, binaries can be captured by using the following example format:
roguesite.com/files/get.php?id=538090733
Created | IP | Site | ||
4/29/2008 | 85.255.120.110 | flwplayer. com | ||
4/29/2008 | 85.255.118.214 | protectalerts. com | ||
4/29/2008 | 85.255.118.34 | toolbarusage. com | ||
4/29/2008 | 85.255.116.211 | safehomesite. com | ||
4/29/2008 | 216.255.179.243 | getnewfiles. com | ||
4/29/2008 | 216.255.179.243 | asearchflame. com | ||
4/29/2008 | 216.255.179.243 | asearchpool. com | ||
4/29/2008 | 216.255.179.243 | asearchreview. com | ||
4/29/2008 | 216.255.179.243 | explorertool. net | ||
4/29/2008 | 216.255.179.243 | gateietool. com | ||
4/29/2008 | 216.255.179.243 | gatetofind. com | ||
4/29/2008 | 216.255.179.243 | homepagerestart. com | ||
4/29/2008 | 216.255.179.243 | ieservicegate. com | ||
4/29/2008 | 216.255.179.243 | iqsearches. com | ||
4/29/2008 | 216.255.179.243 | linkietool. com | ||
4/29/2008 | 216.255.179.243 | newuploads. net | ||
4/29/2008 | 216.255.179.243 | renewfiles. com | ||
4/29/2008 | 216.255.179.243 | searchinggate. com | ||
4/29/2008 | 216.255.179.243 | searchthruweb. com | ||
4/29/2008 | 216.255.179.243 | shareownfiles. com | ||
4/29/2008 | 216.255.179.243 | trysearchhere. com | ||
4/29/2008 | 85.255.118.245 | dns404rule. com | ||
4/29/2008 | 85.255.118.212 | secureprior. com |
Patrick Jordan
Sunbelt Malware Research