ZeJackalNZ
-
Posts
1 -
Joined
-
Last visited
ZeJackalNZ's Achievements
Newbie (1/14)
0
Reputation
-
Just noted the following (expected?) behaviour after using Wintoolkit 1.5.3.3 - It appears to drop the following files into the current user's temp folder binsis142.xml binsischeck654.xml bitool.dll nsw7B57.tmp xml.dll and attempts access the following URLs http://sub.ellette.info/installers/bi_downloader/1417485662766/setup.exe http://d27foqb3kkzkt9.cloudfront.net/sdk/binsis/2.2/BiTool.dll Virus total running over the 1.5.3.3 archive: Baidu-International Adware.Win32.Somoto.bL 20141202 ESET-NOD32 Win32/Somoto.L 20141203 TrendMicro-HouseCall Suspicious_GEN.F47V1114 20141202 Google Safe browsing on the ellette.info domain: Diagnostic page for ellette.infoWhat is the current listing status for ellette.info? What happened when Google visited this site? This site is not currently listed as suspicious. Part of this site was listed for suspicious activity 1 time(s) over the past 90 days. Has this site acted as an intermediary resulting in further distribution of malware?Of the 28 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-12-02, and the last time suspicious content was found on this site was on 2014-12-02. Malicious software includes 18 trojan(s). This site was hosted on 2 network(s) including AS16509 (AMAZON-02), AS26496 (26496-GO-DADDY-COM-LLC). Over the past 90 days, ellette.info did not appear to function as an intermediary for the infection of any sites. Has this site hosted malware? Yes, this site has hosted malicious software over the past 90 days. It infected 5 domain(s), including bit.ly/, openofficedl.com/, downloadappsforpc.net/. This may be another instance of "possible malaicious"\Adware detection but did not seem very kosher to me. Will switch to the portable version