micolosoft.in(Trojan-Ransom.Winlock hosted in United States Scranton Network Operations Center Inc)

By Pig, February 18, 2012

Traffic – by DNS:
micolosoft.in 184.22.188.84
poletaem002.in 199.168.139.53
mekrosoft.in 184.22.188.84

Traffic – by TCP/IP Connections:
184.22.188.84 80
199.168.139.53 80

Traffic – by URL:
URL
micolosoft.in/zip/gate.php?user=partner_011&uid={B31F86E0-234C-11E1-BBF6-806D6172696F}&os=2
poletaem002.in/image/gate.php?getcmd=1&uid=XANNY here it demands for user and passwd have fun finding them

this is what u get if u are infected with:

hosting infos:
http://whois.domaintools.com/184.22.188.84

Categories: Uncategorized

Previous postn39rfiuewh9uihc.org(Bredolab hosted in Russian Federation St. Petersburg Petersburg Internet Network Ltd)

Next post216.18.232.151(3vbot hosted in United States Allhostshop.com)