NEW SECTION CALLED
**************
**************
Online Phising Webpages 0day
**************
**************
In this new Section Wjet News goin to show 0day Websites ONline whit --=Malicious activity=--- for all want to test online this sites and learn more about this tiny malware´s
Will also analyze these sites and give a detailed report of each of them.
Wjet News
**************
**************
SECURITY NOTICE
***********************
This sites are online and have Malicious activity, BECAREFUL
WEBSITE:
---------------
http://dipziit.pw
TYPE
---------
Phising
HTTP REQUEST
------------------
19
4072 iexplore.exe GET 302 146.66.69.135:80 http://dipziit.pw/ US
3396 iexplore.exe GET 200 204.79.197.200:80 http://www.bing.com/favicon.ico
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/login.php?cmd=login_submit&id=6295f48d612c1da6e4fd35f40d905e5f6295f48d612c1da6e4fd35f40d905e5f&session=6295f48d612c1da6e4fd35f40d905e5f6295f48d612c1da6e4fd35f40d905e5f
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/b1.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/al.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/b4.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/of.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/b3.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/oth.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/offc.php
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f2.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f3.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f4.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f1.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f8.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f6.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f5.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f7.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/login.pn
3396 iexplore.exe GET 200 204.79.197.200:80 http://www.bing.com/favicon.ico
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/login.php?cmd=login_submit&id=6295f48d612c1da6e4fd35f40d905e5f6295f48d612c1da6e4fd35f40d905e5f&session=6295f48d612c1da6e4fd35f40d905e5f6295f48d612c1da6e4fd35f40d905e5f
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/b1.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/al.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/b4.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/of.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/b3.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/oth.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/offc.php
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f2.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f3.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f4.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f1.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f8.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f6.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f5.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/f7.png
4072 iexplore.exe GET 200 146.66.69.135:80 http://dipziit.pw/images/login.pn
CONNECTIONS
------------------
9
3396 iexplore.exe 204.79.197.200:80 Microsoft Corporation US whitelisted
3396 iexplore.exe 146.66.69.135:80
DNS REQUEST
------------------
3
dipziit.pw 146.66.69.135
www.bing.com 204.79.197.200
13.107.21.200
In this case, in the analyzed threats and the processes that are activated when login are found, they were 25 and they are Potentially Bad Traffic .- ET DNS Query to a *.pw domain - Likely Hostile
THREATS
------------
25
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe A Network Trojan was detected MALWARE [PTsecurity] Google Drive Phishing
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe A Network Trojan was detected ET INFO Suspicious HTML Decimal Obfuscated Title 4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Generic Protocol Command Decode STREAM excessive retransmissions
4072 iexplore.exe Generic Protocol Command Decode STREAM excessive retransmissions
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe A Network Trojan was detected ET INFO Suspicious HTML Decimal Obfuscated
4072 iexplore.exe A Network Trojan was detected MALWARE [PTsecurity] Google Drive Phishing
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe A Network Trojan was detected ET INFO Suspicious HTML Decimal Obfuscated Title 4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Generic Protocol Command Decode STREAM excessive retransmissions
4072 iexplore.exe Generic Protocol Command Decode STREAM excessive retransmissions
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe A Network Trojan was detected ET INFO Suspicious HTML Decimal Obfuscated
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
3396 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
4072 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
3396 iexplore.exe Potentially Bad Traffic ET INFO HTTP Request to a *.pw domain
SECURITY NOTICE
***********************
This sites are online and have Malicious activity, BECAREFUL :p
