Translate

4/02/2014

MALICIOUS ADs:
www.mapsgalaxy.com
risking with
Adware.MyWebSearch
White Plains, NEW YORK (UNITED STATES)



FOR WEBMASTERS
If you own a Website or a Blog and are affiliated with Google AdSense, in order to your own Reputation, should block the Domain www.mapsgalaxy.com in your AdSense Dashboard. The Site lets your Visitors download and install persistant ADWARE. See the following Report:

MALICIOUS GOOGLE AD: Adware.MyWebSearch.47

MALICIOUS CONTENT & DOWNLOADS:
http://googleads.g.doubleclick.net/aclk?sa=l&ai=CnEVeQDc8U-upIeel7QahnoDQCund95AHodCfgp4BtNjNkjsQASCOwJQjUOX47tf9_____wFguwOgAY-N4MsDyAECqAMByAPBBKoEiwFP0MESvZ_isD1TrzMOPDJ1o7Ufq5dre3IjKnqqYo-zjs39xY_t30Lip57ow-ldZoz2GU26VWAho6A9Zfx_82_n7YwdODV1nM_hOiWndJ9Ur_0KCBr2cVNXHqUbYh6rHuuZw6vVy-t87Bu9AdYWDGHkkkxPd-td_QvjgH9bq3ZYt0sk6iXBAIerka9uoAYCgAfZ8p80&num=1&sig=AOD64_0IYB2aEpKbXMiR0DfT4GK6wEbtjg&client=ca-pub-5585202032329389&adurl=http://www.mapsgalaxy.com/index.jhtml%3Fspu%3Dtrue%26partner%3DUXxdm063&nm=1&mb=2&bg=!A0Qka6E9cikknAIAAAAoUgAAABAqAOF3LAxbRwhN4BN-FCwOxvTpAJVAY9WiyoU86eSLNpX7oIu11_DHmjdhLtRJxnOsZ2ZRyxI1gmGBT5wpOWh-io87KnZHpVUxySq_sLVnszay-jesA7PsUY1GadC8jU80U8gmgzyt23KO5wCm_3kKPipcR-wmYUFGqhG3IF3DU6V5F_dft6JJcBuz8QGIoYwpzwmmdFstwcCSDxhbRT_gPOHJnI0rgkFGl8V_gcGC8067tK2mZXJ6J3RpV9c3FljPkMmJqBIAk27NWoNXPFLAtzCXuxRLD6Wx9O3OyjxViucvt-M
ANALYSIS VT:
  • https://www.virustotal.com/de/url/a92a922529b7b83d95cac0b4cc8d93e8e2370088c4084e86866279241bd5bcad/analysis/
URL AFTER REDIRECT:
http://www.mapsgalaxy.com/index.jhtml?spu=true&partner=UXxdm063&gclid=CI32lZabwr0CFYhaMgodVmQAAQ
  • https://www.virustotal.com/de/url/21b8b9a8349d7ddde85e4ca86b43d2e76552e689dcc3e80a9a38d4e49517a1bb/analysis/
IP:
http://74.113.233.180/
  • https://www.virustotal.com/de/url/54b4d071b1897bce1af782c969f0510bd2744190d95d92e4bae7d9758a033bb3/analysis/1396460279/
  • https://www.virustotal.com/de/ip-address/74.113.233.180/information/
Fwd/Rev DNS Match: NO
  • http://www.senderbase.org/lookup/?search_string=74.113.233.180


SCREENSHOT AT URLQuery: https://urlquery.net/screenshot.php?id=1396456860485


Own Screenshot

CLICK TO DOWNLOAD & INSTALL:
Adware.MyWebSearch.47
  • https://www.virustotal.com/de/file/68ae70b9cd962e0b44215c1e3b9909aec214ce508ce812876d0e2f0b798ad23a/analysis/1396457127/

OTHER MALICIOUS LINKS CONNECTED:
http://ak.imgfarm.com/images/download/spokesperson/spokesperson.js
  • https://www.virustotal.com/de/url/b08c15078bb414e7a8a5b00bfdd6cf39932a31b55d078bde87713ad4baa38ef9/analysis/
  • https://www.virustotal.com/de/file/dccc8d765c3a166c8fa79a0ad9358f1b6571cf0e411245a03950f1d9fc2e9d04/analysis/1396456474/
http://ak.imgfarm.com/images/anx/anemone-1.2.7.js
  • https://www.virustotal.com/de/url/02be3e7f50f96b17100f9298b452272ec2eda7aa02cf2f47acd56d168c83c2ae/analysis/
  • https://www.virustotal.com/de/file/b61f1dc82835d8bc3b6332443358eb5b9c41a5f4b0672497cdf06ac0a8bbfdfa/analysis/1394482504/
SEE ALSO:
http://wepawet.iseclab.org/view.php?hash=75d2310bc0fb8f44448a4ca37b09586c&t=1396455295&type=js
Eingestellt von um
Labels: , , , , , , , ,
Standort: White Plains, New York, USA

Keine Kommentare:

Kommentar veröffentlichen

Abonnieren Kommentare zum Post (Atom)