genhagroup.com (Andromeda http botnet hosted by United States Provo Unified Layer)

By I_Post_Ur_Info, December 3, 2012

Resolved genhagroup.com to 74.220.199.26

This looks like it’s hosted on a hacked server

Server: genhagroup.com
Gate file: /andro/image.php

Plugins
Rootkit: genhagroup.com/andro/r.pack
Socks: genhagroup.com/andro/s.pack
Formgrabber: genhagroup.com/andro/f.pack
Gate file: genhagroup.com/andro/fg.php

Hosting infos: http://whois.domaintools.com/74.220.199.26

Categories: Uncategorized

Tags: Andromeda Bot

Previous posti.greenleafyplants.info (Athena irc botnet hosted by Germany Frankfurt Am Main Voxility S.r.l.)

Next postpainadiction.biz (Andromeda http botnet hosted by Ukraine Ukrainian Internet Names Center Ltd)

shinyhosting.ws.gy(Andromeda Bot hosted in United States Amsterdam Hosting Servers)

xylox.su (Betabot and Andromeda http botnets hosted by Panamaserver.com)

scum1904life.com (Andromeda http botnet hosted by 2×4.ru)