hxxp://46.22.173.133/boom/cp.php?letter=home
$config['mysql_host'] = 'localhost';
$config['mysql_user'] = 'root';
$config['mysql_pass'] = 'thanks22';
$config['mysql_db'] = 'prince';
$config['reports_path'] = '_fe
we are in
// prince
admin 607cbd481652995c869ca3d08252df0e = favour123
// doom
admin 0192023a7bbd73250516f069df18b500 = admin123
// zeus panel + builder found at his pc
hxxp://www.datafilehost.com/d/863b03f7
pass : itsownz
// malware
c5b2ef451c3fc351401f07d12b48240a md5 hash
serach at malwr.com
// extraced from Xylitol thanks
Malware family ZEUS
MD5 0b68b3c971fb4109094b1437e15e258b
Version 2.1.0.1
RC4 Keystream bdd55760218b4d697d5681297c15a928758e7619368c05544a1bfd077722ce31adb10e3b41df0861a8503045272e7fcf55bec623fb9d6df49e10ea7109b22c43b5682b639f3549a66f5aae3d5eedaa665cbf9a33975317a0c9a1d103da674613d2f8007a396e9cc2920f93b3fe940a89146bdca391983a424e590174b8eec0efa4baff3ec5e0f7e3cdab1c122db4dd0b485d0ce6378734858a3f0d52d9c872e244e47bf6e95196cc1124c4bbc16aec73fceb831fe1866c2fb726d316d6af4c474088c78499f52ad74fb6701ed4a2f120b9588dd05b8f62ca3cde6506789b804ba51dcbf2e8c379381a5f02e5f9f318f0320425e7d8b07efa8295bcdb9064a7ac
gate.php URLs
hxxp://46.22.173.133/prince/secure.php
URLs
hxxp://46.22.173.133/prince/config.bin
Sunday, October 26, 2014
Zeus Botnet - 46.22.173.133 - Owned
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment