Bezbedan Balkan Bezbednost privatnih resursa Kompromitovani resursi v
Kompromitovan avalon.rs

Threaded Mode
Kompromitovan avalon.rs
1van Offline
Posting Freak
*****
Posts: 1,728
Threads: 664
Joined: Sep 2022
Reputation: 126
#1
07-05-2023, 05:01 PM
Izgleda da je kompromitovan avalon.rs. IP: 94.127.7.145, zemlja Srbija, provajder SBB.

VirusTotal: https://www.virustotal.com/gui/url/0f0c1.../detection
AbuseIPDB: https://www.abuseipdb.com/check/94.127.7.145

[Image: attachment.php?aid=953]


Attached Files Image(s)
   
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Website Find
Reply
maxxa Offline
キツツキ
*******
Posts: 288
Threads: 56
Joined: Sep 2022
Reputation: 109
#2
07-06-2023, 10:47 AM
Zanimljivo, urkquery ne nalazi nista maliciozno, ali scumware je pronasao problematican PDF:
hxxps[:]//avalon[.]rs/wp-content/uploads/formidable/8/bluecoat-proxy-log-example[.]pdf
md5: D2540E6C4B04930A683894B12ABAFFEE
i kaze: PDF.Spam.Heur.5

Naravno morao sam da ga preuzmem, clamav ga je odmah detektovao kao maliciozan, ali sam opalio i upload na VT:

   

PDF je verovatno tu zavrsio kroz propust u wp plugin-u formidable

Pustio sam Jami da radi analizu pa cu pisati kad zavrsi ako ima nesto smisleno, da ga ne drndam manuelno :p
#BudimoSajberSvesni
Website Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)