Cheat sheets

Zeus malware sample 10/1/2014 17:33

Share this with people that should know this:

This Zeus malware sample is using the /Dede/ folder to store the cp.php page.

It looks like that the domain has been hijacked to store the Zeus malware control panel.

Additional Zeus Malware Sample Information

We were able to collect the following information about the Zeus malware sample

Notified on

 10/1/2014 17:33

URL

 104.192.103.30/dede/helps/cp.php?m=login

URL 1

 

URL 2

 

URL 3

 

URL 4

 

URL 5

 

Status

 reported

virustotal scan

Scan via VirusTotal

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=104.192.103.30/dede/helps/cp.php?m=login

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=

Zeus URL

https://www.virustotal.com/en/url/submission/?force=1&url=

Pictures

Share this with people that should know this: