xlotxdxtorwfmvuzfuvtspel.com(zeroaccess hosted in United States San Antonio Rackspace Cloud Servers)

By Pig, April 23, 2013

Domain used: xlotxdxtorwfmvuzfuvtspel.com 166.78.144.80

C:WINDOWSsystem32rsaenh.dll
systemroot
C:RECYCLER
C:RECYCLERS-1-5-21-1547161642-507921405-839522115-1004
C:RECYCLERS-1-5-21-1547161642-507921405-839522115-1004$e0da97a6dd053ef45a7e44d9077fa7d5
L
U
@
n
ACPI#PNP0303#2&da1a3ff&0
d2cd4bfe
C:RECYCLERS-1-5-18
C:RECYCLERS-1-5-18$e0da97a6dd053ef45a7e44d9077fa7d5
C:DOCUME~1UserLOCALS~1Temp1 (1).exe
PIPEwkssvc
C:

sample here

hosting infos:
http://whois.domaintools.com/166.78.144.80

Categories: Uncategorized

Tags: zeroaccess

Previous postmoneybooster.info (Betabot http botnet hosted by leaseweb.com)

Next postkryptic.me (Andromeda http botnet hosted by alibabahost.com)

srv5050.asia/pro/in (snk asper mod hosted by United Kingdom Birmingham Compuweb Communications Services Limited)

beerpigfarm.ru (Installs crap hosted by Santex.net)