cojun15cart.com(HTTP Malware Hosted In United States Ashburn Amazon.com Inc.)

By Pig, January 13, 2016

cojun15cart.com 23.22.255.164

Description :

Contains anti-debugging code
It makes use of some deprecated flags in the Characteristics field of FileHeader
PE section has SizeOfRawData set to zero

Behaviours :

Automatically unpack its own code
Deletes itself
Deletes itself after reboot
Drops .EXE file
Manipulates Internet Explorer settings
Runs existing executable
Suspicious delay

TCP Connections

Type Send :

C:cicaafbwww.exe (v. 1.0.0.0) 50.97.234.3:80 hxxp://cojun15cart.com/download.php?kHmEcWk=

Hosting Infos :
http://whois.domaintools.com/23.22.255.164

Categories: Uncategorized

Tags: http malware

Previous postlinux.xinhuamei.net(Malware Hosted in China Shenyang Chinanet Liaoning Province Network)

Next postseevu.net Waldek Trojan Hosted In (Netherlands Dronten Disk Group Ltd.)