[MIRT#13796] Trojan-Dropper on dj-samy.fr AS35830

 CastleCops -> MIRT Reports
Author: tetak PostPosted: Sat Jun 28, 2008 9:18 pm    Post subject: [MIRT#13796] Trojan-Dropper on dj-samy.fr AS35830
Malware Alert
 
 Full Report: CastleCops Link/Trojan_Dropper_malware13796.html
 
 Consumed following related reports:

[13808] http://dj-samy.fr/video.exe
Changed status to confirmed malware.IP Converted: 193.37.145.41

dword = 3240464681
hex1 = 0xc1259129
hex2 = 0xc1.0x25.0x91.0x29
oct = 0301.045.0221.051
video1.exe at this location is malware known as TrojanDropper:Win32/Nuwar.gen!ldt (Microsoft).video.exe at this location is malware known as TrojanDropper:Win32/Nuwar.gen!ldt (Microsoft).View CIDR AS35830 Report: http://www.cidr-report.org/cgi-bin/as-report?as=35830

"35830 | FR | ripencc | 2005-11-09 | SIVIT-AS SIVIT Network - http://www.sivit.net/"<br />
Extended information for AS35830:
State/Province:
Country: fr
Responsible Domain: sivit.fr
Abuse Email: gregory@sivit.fr
Quote:
http://dj-samy.fr/video1.exe
CastleCops -> MIRT Reports

All times are GMT

Page 1 of 1


Powered by phpBB © 2001 phpBB Group