Jump to content

FP check for sourpuss.net


Go to solution Solved by Zynthesist,

Recommended Posts

Hello,

Block is related to this: 

https://www.hybrid-analysis.com/sample/9226d08158c1536dfa7c4f15bbed9fd6b0d6e59880eeaae2143e9025436123a0?environmentId=100

https://www.virustotal.com/#/file/9226d08158c1536dfa7c4f15bbed9fd6b0d6e59880eeaae2143e9025436123a0/detection

 

Edited by Zynthesist
spelling
Link to post
Share on other sites

Thanks for the links, but I'm still having trouble with this one.  I see a number of references to "payload.exe" and "ping.exe" however I have searched my web folders and can't seem to find any such files.  There doesn't seem to be any reference on either of the above links which show WHERE they found this file at under my domain?  Did I miss something?  If I accidentally hosted an infected file on my server I certainly want to get rid of it.

About the only thing of relevance I can seem to make out of these pages is that my domain is somehow listed as a reference within this virus.  I also see 8.8.8.8 in that list, so I assume this is a list of DNS servers, and while I have run a public DNS server in the past my current DNS setup only answers non-recursive queries, so I don't know that there is anything else I can do about this particular issue.  Even so, I would assume that providing a DNS host is not the cause for blacklisting my domain name since obviously google isn't being blacklisted for having their IP in that virus...

So what else can I do here to get this resolved?

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.