[nsp-sec] more yahoo zeus malware
Jon Lewis
jlewis at lewis.org
Wed Jul 13 11:02:30 EDT 2011
http://federalsecuritygov[dot]com/banking_security_update.exe
$ md5sum banking_security_update.exe
a56f7d43ed30fd4427edaa8776f26be8 banking_security_update.exe
Domain Name.......... federalsecuritygov.com
Creation Date........ 2011-07-13
Registration Date.... 2011-07-13
Expiry Date.......... 2012-07-13
Organisation Name.... Mike Hidy
Organisation Address. PO Box 61359
Organisation Address.
Organisation Address. Sunnyvale
Organisation Address. 94088
Organisation Address. CA
Organisation Address. US
Admin Name........... Admin PrivateRegContact
Admin Address........ PO Box 61359
Admin Address........ registered post accepted only
Admin Address........ Sunnyvale
Admin Address........ 94088
Admin Address........ CA
Admin Address........ US
Admin Email.......... contact at myprivateregistration.com
Admin Phone.......... +1.5105952002
Admin Fax............
Tech Name............ TECH PrivateRegContact
Tech Address......... PO Box 61359
Tech Address......... registered post accepted only
Tech Address......... Sunnyvale
Tech Address......... 94088
Tech Address......... CA
Tech Address......... US
Tech Email........... contact at myprivateregistration.com
Tech Phone........... +1.5105952002
Tech Fax.............
Name Server.......... yns1.yahoo.com
Name Server.......... yns2.yahoo.com
;; ANSWER SECTION:
federalsecuritygov.com. 1075 IN A 98.139.135.21
federalsecuritygov.com. 1075 IN A 98.139.135.22
;; AUTHORITY SECTION:
federalsecuritygov.com. 86275 IN NS yns2.yahoo.com.
federalsecuritygov.com. 86275 IN NS ns8.san.yahoo.com.
federalsecuritygov.com. 86275 IN NS ns9.san.yahoo.com.
federalsecuritygov.com. 86275 IN NS yns1.yahoo.com.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the nsp-security
mailing list