Zeus malware sample 10/1/2014 17:33

This Zeus malware sample is using the /Dede/ folder to store the cp.php page.

It looks like that the domain has been hijacked to store the Zeus malware control panel.

Additional Zeus Malware Sample Information

We were able to collect the following information about the Zeus malware sample

Notified on

 10/1/2014 17:33

URL

 104.192.103.30/dede/helps/cp.php?m=login

URL 1

 

URL 2

 

URL 3

 

URL 4

 

URL 5

 

Status

 reported

virustotal scan

Scan via VirusTotal

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=104.192.103.30/dede/helps/cp.php?m=login

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=

Pictures