These are all being blocked by avast:
ID Date Host IP address ASN URL Infected with
605812 2012-08-08 dark-hole dot net 176.31.208.105 16276 htxp://dark-hole.net/malware/testmee.exe BackDoor.Blackshades.2
605811 2012-08-08 dark-hole dot net 176.31.208.105 16276 htxp://dark-hole.net/malware/miner.exe unknown
605810 2012-08-08 dark-hole dot net 176.31.208.105 16276 htxp://dark-hole.net/malware/iloveyou.exe not available
605809 2012-08-08 dark-hole dot net 176.31.208.105 16276 htxp://dark-hole.net/malware/DFD76FRE.exe BackDoor.Blackshades.2
605808 2012-08-08 dark-hole dot net 176.31.208.105 16276 htxp://dark-hole.net/malware/crypted5656.exe BackDoor.Blackshades.2
605807 2012-08-08 dark-hole dot net 176.31.208.105 16276 htxp://dark-hole.net/malware/crypted.exe BackDoor.Andromeda.22
605806 2012-08-08 dark-hole dot net 176.31.208.105 16276 htxp://dark-hole.net/malware/androweeee.exe BackDoor.Andromeda.22
605805 2012-08-08 dark-hole dotnet 176.31.208.105 16276 htxp://dark-hole.net/malware/5656.exe Trojan.Siggen.65159
605804 2012-08-08 dark-hole dot net 176.31.208.105 16276 htxp://dark-hole.net/malware/uncryptedAndro.exe BackDoor.Andromeda.22

Avast detects this malware as MSIL:Injector-AJ [Trj]; Win32:VB-UQZ [Trj], Win32:Trojan-gen (malvertising malware) & MSIL:Ainslot-F [Trj]
IDS flags here: http://urlquery.net/report.php?id=119607 snort rule: FILE-IDENTIFY Portable Executable binary file magic detected

polonus

Hi Polonus,

Also found this: hXtp://dark-hole.net/Logged/

~!Donovan

Hi !Donovan,

Thank you,

polonus

Hi !Donovan,

Also found this additional info on your contribution here: http://pastebin.com/GV0FgMHX

polonus