Packed.Win32.Katusha(malware hosted in Netherlands Amsterdam Nforce Entertainment B.v)

dq.javagames7.com

Resolved : [ dq.javagames7.com ] To [ 109.201.135.61 ]
Resolved : [ dq.javagames7.com ] To [ 109.201.135.60 ]
Resolved : [ dq.javagames7.com ] To [ 109.201.135.62 ]
Resolved : [ dq.javagames7.com ] To [ 109.201.135.63 ]

– TCP Connection Attempts:

109.201.135.63:8800
109.201.135.61:8800
109.201.135.62:8800
109.201.135.60:8800

exe file:
http://31.184.237.180/dqs.exe

hosting infos:
http://whois.domaintools.com/109.201.135.63

Categories: Uncategorized