Malware Analysis & Diagnostic - ( Jeudi 21 Janvier 2010 )

SECUBOX LABS, FRANCE - PUBLIC STATS DEMO (01/2010) - [ **RSS** ]
TS	IP/DNS	TAILLE	PACKER	EP	EP OFFSET	EP SECTION	LINKER	SHA-1
21/01/2010 23:25:23:10	IN.FACEBOOKI-MG.COM	87 045	Unknown	0000BA64	0000BAE4	.text	6.0	791e36eb0baf81435eb9017d371ae1905aec1cce
21/01/2010 18:38:19:15	TEMPXXP.3322.ORG	90 624	Unknown	0000C2D8	0000B6D8	CODE	2.25	77f42831cbd9bcb469b858d9838e97e0edff93fb
21/01/2010 18:36:39:60	TEMPXXP.3322.ORG	90 624	Unknown	0000C2D8	0000B6D8	CODE	2.25	d3ec5b33a6df705b0f555cf8e59be6cbdc5ce522
15/01/2010 08:45:28:85	WEBTECHANSWERS.COM	119 296	Unknown	000023C9	000017C9	.ahdkp	11.2	4a0b64e36adbf894e583f0ea64c6e2e9bc545338
15/01/2010 08:39:25:37	AVP.COOLPAGE.BIZ	57 856	Unknown	0000105D	0000045D	.text	7.10	0da67e75251d704d0d1a28dda12f74e2f7ff4d74
15/01/2010 08:38:14:84	GOVERMENTPLACE.IN	67 072	Unknown	00001000	00000400	.text	9.0	1b35811ae9c2fc97764f165d21b7fd1b5e85908c
14/01/2010 15:35:24:98	WWW-HIPHOTO.COM	164 864	Microsoft CAB SFX (Suspicious) *	0000645C	0000585C	.text	7.10	9b466b4c2802e197a51a38b311434cc5bebca5fe
13/01/2010 19:44:33:39	91.212.226.180	192 512	UPX V2.00-V2.90 -> Markus Oberhumer & Laszlo Molnar & John Reiser *	0003E3B0	0002E7B0	UPX1	2.25	ddc19eb6991abad8a956242194eb4ace5cc5131b
11/01/2010 15:59:42:26	FREEUPIMAGES.COM	159 744	Microsoft CAB SFX (Suspicious) *	0000645C	0000585C	.text	7.10	964e8aca8c9bb3652c94254fcd7db2d41f64a523
08/01/2010 11:32:44:35	FLIPSFOTO.COM	166 912	Microsoft CAB SFX (Suspicious) *	0000645C	0000585C	.text	7.10	68ee92593a5f8f82eb237de11049607b76e54bcf
04/01/2010 11:28:57:74	DATASEASON.NET	117 248	Unknown	000014B3	000008B3	.ddpf	7.8	e9bb3bb2327d975696bf6b8befbe97e5287d660b
04/01/2010 07:38:24:01	PLUGININPUT.COM	3 056 640	Unknown	00165738	00164B38	.text	165.33	2089715ec000fe4d422b5c19c3dce068dbb370c2
04/01/2010 07:23:11:87	URLNEWHOME.COM	1 401 856	Unknown	000B5A04	000B4E04	.text	7.229	c34173cdda033b9c193f379a92ae493396604fa1
04/01/2010 06:46:09:21	FUCHS-HOF.DE	2 086 400	Unknown	000B4071	000B3471	.text	138.136	c028ceb83eaa33ca33699e9c625299bfc84588cf
04/01/2010 01:04:46:75	213.163.89.54	17 408	Unknown	00001000	00000400	CODE	8.0	4d8fa03b8d11ce278e38857f0a24e4e6b2515966
03/01/2010 21:00:12:52	YOUPHOTOS.YO.OHOST.DE	166 400	Microsoft CAB SFX (Suspicious) *	0000645C	0000585C	.text	7.10	0e43a7e52b211a634382a162f0a014f9e163a589
03/01/2010 13:26:17:64	IMG101.LMAGEHACK.US	82 432	Unknown	0000286F	00001C6F	.text	6.0	e4d36609f02d5002207cacf9776fb752252a4e7c
03/01/2010 07:12:53:32	YOUIMAGE.FREEHOSTIA.COM	165 888	Microsoft CAB SFX (Suspicious) *	0000645C	0000585C	.text	7.10	1796efe76523a81055615b453ac282465eda977a
02/01/2010 18:43:59:93	TUIMAGES.TU.OHOST.DE	165 888	Microsoft CAB SFX (Suspicious) *	0000645C	0000585C	.text	7.10	7b18eb47c34a1a81a3a3ecbecaba4248a8c54bbe
02/01/2010 09:14:09:10	CHRISTMASTUBEZ.COM	1 970 583	Nullsoft PiMP Stub [Nullsoft PiMP SFX] *	000030BE	000024BE	.text	6.0	409e473e7d7a35bef27ed096c6f009a1e184d019
02/01/2010 09:12:47:11	JAZZPOWER.CO.KR	204 800	Unknown	000029F4	000029F4	.text	6.0	4fdcd0dcab5190ceea13e1c7863f5b26bb3ee4a5
02/01/2010 09:10:36:04	204.27.56.178	41 472	Unknown	0000403A	0000343A	.text	0.0	44b9baf738e36f6da8740937ab851aed6076c93d
02/01/2010 09:09:45:86	89.149.216.215	250 624	Nothing found [Overlay] *	000010B3	000004B3	CODE	9.0	7b9922b831decc51b3a9a92f918e89d225152b6a
02/01/2010 09:08:50:40	193.104.94.15	109 056	Unknown	0000DC5F	0000D05F	.text	6.0	890ad66b97d20de4b36ed26904c311397ec89323
02/01/2010 09:07:53:41	EXPRESSMOVIEPLUGIN.COM	111 104	Unknown	00001538	00000938	.mmcj	8.4	4da8c39412d42ed8a720e6f30c270b5cd0e6c987
02/01/2010 09:07:19:71	67.159.29.228	24 900	UPX v0.89.6 - v1.02 / v1.05 -v1.24 -> Markus & Laszlo [overlay] [Overlay] *	0000F2B0	000056B0	UPX1	6.0	ee8d3c486cf00679b6e86815d302d78bf85aaddc
02/01/2010 09:05:59:21	67.159.29.227	34 816	UPX v0.89.6 - v1.02 / v1.05 -v1.24 -> Markus & Laszlo [overlay] *	0000D4F0	000008F0	UPX1	6.0	83d12d776be7afe0e4edbcdad1c7555e0ffd7380
02/01/2010 09:05:02:94	67.159.29.226	33 712	UPX v0.89.6 - v1.02 / v1.05 -v1.24 -> Markus & Laszlo [overlay] [Overlay] *	00015480	00007880	UPX1	6.0	80e7e42febb20cba8b5ea351b90bc22c32faadd5
02/01/2010 09:04:44:51	67.159.29.230	24 632	UPX v0.89.6 - v1.02 / v1.05 -v1.24 -> Markus & Laszlo [overlay] [Overlay] *	0000F2A0	000056A0	UPX1	6.0	273c4f783fac84ee064c4e960eebf218851ed5e2
02/01/2010 09:02:57:72	JUSTINNEW1.COM	61 952	Unknown	000010BA	000004BA	.code	4.3	f3b82a54e064547b3b57c6ec67153b8426e5b8fa
02/01/2010 09:02:32:42	ALOPECOID.IN	130 560	Unknown	00006D77	00006177	.text	9.0	8066184d3e6a1c973d657c5a186306f9990793c1
02/01/2010 09:02:00:53	ARANEIDAN.IN	65 024	Unknown	000010B3	000004B3	CODE	9.0	461c251925f3cce6c18dd1fd28cbe77d4f015226
02/01/2010 09:01:40:03	ANACARDIC.IN	73 728	Unknown	000010D0	000010D0	.text	6.0	1261b9f0e6ddbe800cb3cac0e0114b41a2f0302b
02/01/2010 09:01:15:40	ALVEOLATE.IN	65 024	Unknown	000010B3	000004B3	CODE	9.0	1804c59f1b305895889c7922e4dd5b588835d4d9
02/01/2010 08:59:39:68	JUSTINNEW24.COM	94 208	Unknown	000011C9	000005C9	.text	171.178	0f9bbd2130556b31ac2ee63edfd026cd398b084d
02/01/2010 08:56:18:37	BOOLRED.IN	10 752	Unknown	00001D94	00001194	.text	9.0	d7d5b50096ac1c454e00a1e2bd5a0a4402360087
02/01/2010 08:51:50:00	SWANJIN.COM	942 080	Nothing found [Overlay] *	000010B0	000010B0	.text	6.0	e7da02ee1bcd6ac45362dfa46ad4928d099ac61c
02/01/2010 08:51:19:20	VULVAPALOOZA.COM	36 352	Win32/CeeInject.Gen *	00000820	00000820	.text	5.12	fd75718b8eecf56a19170e101042b0120e6065c8
02/01/2010 08:49:41:26	DOWMOWVID.RU	72 580	Nullsoft PiMP Stub [Nullsoft PiMP SFX] *	000030FA	000024FA	.text	6.0	7a4c5c193ec4d446f46b6dee8b47d565ae8b16fe
02/01/2010 00:15:21:41	EXPRESSMOVIEPLUGIN.COM	111 104	Unknown	00001538	00000938	.mmcj	8.4	39ca9224c9843418f8428f99b3a5e241e36918a0
01/01/2010 23:47:58:16	YOUIMAGE.FREEHOSTIA.COM	171 520	Microsoft CAB SFX (Suspicious) *	0000645C	0000585C	.text	7.10	3bd0759bbd21a2a8eb81d4a96fcaac223bec8a1b
01/01/2010 09:17:57:27	TUIMAGES.TU.OHOST.DE	164 352	Microsoft CAB SFX (Suspicious) *	0000645C	0000585C	.text	7.10	8ad116b2bb4b3a3daaabbf55bd14bba6be799b3d

INTERNETPOL.FR