======================================================================== 2018-11-09 ======================================================================== 'External Remediation Coordination' via Abuse - Coka.la Thu 8 Nov, 12:54 from External Remediation Coordination to abuse@e.coka.la, abuse@coka.la Abuse Team, Bank of America detected malware on the following site hosted on your network. Please take appropriate action to investigate and remediate any malicious files. Malicious URL's: hxxp://bit[.]ly/2D9tuqr Redirects to -> hxxps://e.coka[.]la/KUskEc.jpg Malware served: Nanacore Thank you for your immediate attention and action. Please contact us as soon as you receive this and stay in contact until the issue has been resolved. Best Regards, Albert Abuse team Bank of America This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message. ======================================================================== 2018-01-14 ======================================================================== abuse Received: July 14, 2018 12:27 PM From: Markus Grubert markusg2004@yahoo.de To: admin@coka.la, abuse@online.net CC: support@registry.la, support@epag.de my name is markus, we talking about domains on ip 163.172.215.76 coka.la a.coka.la a.coka.la/wHxcOA.jpg malware, scanresult of malware: https://www.virustotal.com/#/url/002ece13b4abe423f58ae647e41ce14730c2525aea91e51eb65095f8e3611b45/detection a.coka.la/TcKpGE.exe malware a.coka.la/0BdVw.exe- a.coka.la/XGA8Jb.exe- my name is markus, we talking about domains on ip 163.172.215.76 coka.la a.coka.la/wHxcOA.jpg virusscan https://www.virustotal.com/#/url/002ece13b4abe423f58ae647e41ce14730c2525aea91e51eb65095f8e3611b45/detection a.coka.la/TcKpGE.exe scan: https://www.virustotal.com/#/url/a6701cebcd39dd6cda40ff34b7fbbab1ec5a627b3f1c1d2f1bc0d63f7d8990d2/detection a.coka.la/0BdVw.exe- https://www.virustotal.com/#/url/da05cb7af37886c5918e54b050f7e67181a0bd8accd3a7ce6e43e9c74cc8d0cd/detection a.coka.la/XGA8Jb.exe- https://www.virustotal.com/#/url/8945aa42f41420428a54414c90c50766243b88a6e0dfe24eaa8d5e992cfa920a/detection a.coka.la/nR25hG.exe- https://www.virustotal.com/#/url/53649762edcc770b895bc84e72e569c2a5ed4153a0a6790fe9869c15b05efc15/detection a.coka.la/3BcCUr.exe- https://www.virustotal.com/#/url/c80e85e2bc278f2fe428bb6b8f4c9ae133f20379e9b06e2b86428740722378b3/detection a.coka.la/R1QGHZ.jpg https://www.virustotal.com/#/url/516c23d76178da7c602c54747b978c8b43910d77ab3626c23da3599552a4749d/detection a.coka.la/MqemT.exe https://www.virustotal.com/#/url/7f0d760c39c5f38466b1529e78f971adb9f82f3abc70dbdb42ac3c2b8b5bf5cb/detection a.coka.la/3x2saz.jpg https://www.virustotal.com/#/url/1bdbd13e7de26668c88351cab921b58c157a946014a2dd5dbdb30faf9b6f1983/detection a.coka.la/RhJxpP.pdf https://www.virustotal.com/#/url/91876d07e9ac947aaf61806972526f11405de23fa1d0d9f738420319640a7ce3/detection a.coka.la/4fAIH3.zip https://www.virustotal.com/#/url/76607d1eb3f88f2fbf6216ec78558b35caf49bab498ea8917dd4dcd08fd7043c/detection a.coka.la/mdDKh1.jpg https://www.virustotal.com/#/url/8a8e207ddce1d5f3aaec635f7690d1867b219446d9e2983448e1656b397a4ab9/detection a.coka.la/xxAdlr.jpg https://www.virustotal.com/#/url/5f31e98a07c80ee626f58308ee889524da21cd6d6f590b42c6c2aaf74749cd23/detection and more, have a look at this page, on virustotal you see listed all malicoius files on this domain https://www.virustotal.com/#/domain/a.coka.la if you have questions let me know, markus