cNotes 検索 一覧 カテゴリ

ZeuS/zbot - You have received an Greeting eCard

Published: 2010/07/24

繰り返し使われるネタ+zeusの組み合わせ。

定期的に登場する奴です。

http://www.virustotal.com/analisis/513899cd6496879476604598a539c96f18efe25eef0ec88f415bdfb2673d0f1a-1279857693

使われるURLのバリエーション

 woodstockguitars.dk
 lesetainsdugraal.com
 digi-desmond.nl
 kellyarnoldi.com

 Domain:               woodstockguitars.dk
 DNS:                  woodstockguitars.dk
 Registered:           2002-07-01
 Expires:              2010-09-30
 Registration period:  5 years
 VID:                  no
 Status:               Active
 86.58.167.87
 inetnum:        86.58.128.0 - 86.58.255.255
 org:            ORG-JA1-RIPE
 netname:        DK-JAYNET-20050427
 descr:          Jay.net A/S
 descr:          PROVIDER LIR
 country:        DK
 Domain Name: LESETAINSDUGRAAL.COM
   Registrar: OVH
   Whois Server: whois.ovh.com
   Referral URL: http://www.ovh.com
   Name Server: DNS1.ALIZES-INFO.FR
   Name Server: DNS2.ALIZES-INFO.FR
   Status: clientDeleteProhibited
   Status: clientTransferProhibited
   Updated Date: 25-aug-2008
   Creation Date: 18-sep-2002
   Expiration Date: 18-sep-2010
 80.74.71.21
 inetnum:        80.74.71.1 - 80.74.71.254
 netname:        PulsationDHD2
 descr:          Pulsation - DHD Range 2
 country:        FR
 Domain name: digi-desmond.nl
 Status:      active
 
 Registrar:
   Transip BV
   Schipholweg 9 b
   2316XB LEIDEN
   Netherlands
 
 Domain nameservers:
   nsauth0.aleto.nl     85.17.205.237
   nsauth1.aleto.nl     195.74.65.5
   nsauth2.aleto.nl     195.248.77.2
 
 Record maintained: NL Domain Registry 
 195.74.65.12
 inetnum:        195.74.65.0 - 195.74.65.255
 netname:        ALETO-INTERNET
 descr:          Aleto Internet
 country:        NL
 Domain Name: KELLYARNOLDI.COM
   Registrar: GODADDY.COM, INC.
   Whois Server: whois.godaddy.com
   Referral URL: http://registrar.godaddy.com
   Name Server: NS1.GVODNS.COM
   Name Server: NS2.GVODNS.COM
   Status: clientDeleteProhibited
   Status: clientRenewProhibited
   Status: clientTransferProhibited
   Status: clientUpdateProhibited
   Updated Date: 11-may-2010
   Creation Date: 11-may-2010
   Expiration Date: 11-may-2011
 12.68.141.13
 NetRange:       12.68.141.0 - 12.68.141.127
 CIDR:           12.68.141.0/25
 OriginAS:       
 NetName:        TEK-CHAN72-141-0
 NetHandle:      NET-12-68-141-0-1
 Parent:         NET-12-0-0-0-1
 NetType:        Reallocated
 RegDate:        2009-09-30
 Updated:        2009-09-30
 Ref:            http://whois.arin.net/rest/net/NET-12-68-141-0-1
 
 OrgName:        TEK CHANNEL CONSULTING LLC DBA WHOLSALE BANDWITH
 OrgId:          TEKCH-2
 Address:        21715 FILIGREE CT.
 City:           ASHBURN
 StateProv:      VA
 PostalCode:     20147-6209
 Country:        US
 RegDate:        2007-08-24
 Updated:        2007-08-24

[カテゴリ:spam観察日記]

by jyake