Tag: GanDcrab

Our ruski hecker snk is still hunting for money. Downloader : http://92.63.197.48/m/tm.exe hxxp://92.63.197.48/m/mb.exe Here some samples from snk bots,malwares also uncpaked bY Xylitol Trik Bot 2.5 sample. hxxp://filestorage.biz/download.php?file=3084255e737c1968b06d97242fe297ac Password for the archive : secretzone.io

The sample looks like Carberp with ransomware option added . Contacts domains :  “www.billerimpex.com”  “www.macartegrise.eu”  “www.poketeg.com”  “priceclub.su”  “perovaphoto.ru”  “vision2010usa.com”  “asl-company.ru”  “www.fabbfoundation.gm”  “www.perfectfunnelblueprint.com”  “www.wash-wear.com”  “pp-panda74.ru” Contacts ips : “216.58.215.46:80”  “91.210.104.247:80”  “148.251.131.183:80”  “52.29.192.136:80”  “178.33.233.202:80”  “185.174.175.30:80”  “87.236.19.51:80”  “50.63.197.11:80”  “87.236.16.31:80”  “104.27.184.39:80”  “146.66.72.87:80”  “69.73.180.151:80”  “87.236.16.29:80” “173.247.242.133:80”  “188.165.53.185:80”  “107.178.113.162:80”  “188.64.184.90:80”  “188.64.184.90:443”  “213.186.33.3:80”  “213.186.33.3:443” Sample here : hxxp://91.210.104.247/putty.exe The sample porn.jpg downloads theseRead more...