privatesmartscreen.nl(Bitcoin Miner hosted in Netherlands Amsterdam Denkers-ict B.v.)

DNS Queries: privatesmartscreen.nl     DNS_TYPE_A     159.253.0.151

HTTP Conversations:
159.253.0.151:80 – [privatesmartscreen.nl]
Request: GET /Bitcoin/host.txt

149.210.128.55:80 – [149.210.128.55]
Request: GET /bitconi/winlogon32.exe
Request: GET /bitconi/winlogon64.exe
Request: GET /bitconi/usft_ext.dll
Request: GET /bitconi/miner.dll
Request: GET /bitconi/coinutil.dll
Request: GET /ptx.exe
Request: GET /bitconi/btc.exe
Request: GET /bitconi/phatk.exe

Dutch hecker here: winlogon32.exe” -o hxxp://pool.50btc.com:8332/ -u jeroengroenveld@live.nl_Apex -p omega321

Samples:
hxxp://149.210.128.55/bitconi/winreg.exe
hxxp://149.210.128.55/bitconi/winlogon64.exe
hxxp://149.210.128.55/bitconi/winlogon32.exe
hxxp://149.210.128.55/bitconi/usft_ext.dll
hxxp://149.210.128.55/bitconi/miner.dll
hxxp://149.210.128.55/bitconi/coinutil.dll

hosting infos:
http://whois.domaintools.com/159.253.0.151
http://whois.domaintools.com/149.210.128.55

Categories: Uncategorized