[360Tencent]

PWS


https://www.virustotal.com/en/file/d75b ... 369546079/

SHA256: d75b07eced87360e8753c4f312f59075a0bb6a42c5075a57b53b92355727d16b
SHA1: 43dd86e050d7d287ce4990e74582b3344bfdcc6c
MD5: 35f63590d1dd5bf6423f527b22584bc4

35f63590d1dd5bf6423f527b22584bc4.7z

pass;infected
(3.1 MiB) Downloaded 90 times

hxxp://jjso.net:88/

hxxp://jjso.net:88/1
hxxp://jjso.net:88/2
hxxp://jjso.net:88/3
hxxp://jjso.net:88/4
hxxp://jjso.net:88/ceshi
hxxp://jjso.net:88/D_mt
hxxp://jjso.net:88/D_xp
hxxp://jjso.net:88/jjso
hxxp://jjso.net:88/jp
hxxp://jjso.net:88/l0
hxxp://jjso.net:88/l0_1
hxxp://jjso.net:88/l1
hxxp://jjso.net:88/l1_1
hxxp://jjso.net:88/l1_T.jpg
hxxp://jjso.net:88/l2
hxxp://jjso.net:88/l2_T.doc
hxxp://jjso.net:88/l3
hxxp://jjso.net:88/l4
hxxp://jjso.net:88/l4_T.jpg
hxxp://jjso.net:88/liwei.jpg
hxxp://jjso.net:88/mt
hxxp://jjso.net:88/mt1
hxxp://jjso.net:88/mt2
hxxp://jjso.net:88/mt3
hxxp://jjso.net:88/mt3_T.jpg
hxxp://jjso.net:88/px.jpg
hxxp://jjso.net:88/xp.jpg
...

Capture.PNG (52.76 KiB) Viewed 1193 times

[Xylitol]

http://my.opera.com/securitygroup/blog/ ... ure-attack

[hx1997]

Sendspace is sending (targeted?) malware
http://www.reddit.com/r/netsec/comments ... d_malware/

It's adware. VT 8/47
https://www.virustotal.com/en/file/7565 ... 372819428/

Malware download page

捕获3.png (15.04 KiB) Viewed 1072 times

Note that you need to check the "sendspace accelerator" checkbox to download this adware.

[markusg]

SHA256:
81fdbf04f3d0d9a85e0fbb092e257a2dda14c5d783f1c8bf3bc41038e0a78688
Dateiname:
asus-sor-u5-drayver.exe
Erkennungsrate:
12 / 61
https://virustotal.com/de/file/81fdbf04 ... /analysis/

[markusg]

some sort of adware i think
SHA256:
db1de97c7287fe26063a5b3306e7df331d1e2c6e5e0f3e1e2c979bbad8aba91d
Dateiname:
pci_input_device_driver_windows_7_download.exe
Erkennungsrate:
11 / 60
https://virustotal.com/de/file/db1de97c ... 497026285/