forwardmotionconcepts.com(SpyEye banking trojan hosted in United States Dallas Softlayer Technologies Inc)

By Pig, April 18, 2011

Remote Host Port Number
173.192.41.194 80

The data identified by the following URL was then requested from the remote web server:
http://forwardmotionconcepts.com/wip5/main/gate.php?guid=UserName!COMPUTERNAME!00CD1A40&ver=10299&stat=ONLINE&ie=6.0.2900.2180&os=5.1.2600&ut=Admin&plg=billinghammer;creditgrab;ftpbc;socks5;USBSpread&cpu=100&ccrc=0D98E50E&md5=fc5531793ca5bebd917e6ef85d709272

SpyEye Panel:
http://forwardmotionconcepts.com/wip5/main/

exe file:
http://9d0a7f4d.tinylinks.co

infos about hosting:
http://whois.domaintools.com/173.192.41.194

Categories: Uncategorized

Previous post111.90.139.77(ngrbot hosted in Malaysia Piradius Net)

Next postdarkdosser.redirectme.net(malware hosted in United States La Crosse Charter Communications)