Resolved www.welovegiveaways.net to 199.229.235.250 Server: www.welovegiveaways.net Gate file: /justricewithwater/image.php Plugins: Rootkit: hxxp://www.welovegiveaways.net/justricewithwater/r.pack Bitcoin mining info: Shell.exe” -o stratum+tcp://stratum.bitcoin.cz:3333 -u vovler.split1 -p none -t 0 -I 10macromedia.exe” -o stratum+tcp://stratum.bitcoin.cz:3333 -u vovler.split1 -p none -g no Hosting infos: http://whois.domaintools.com/199.229.235.250
199.127.102.218(Umbra Loader hosted in United States Miami Avesta Networks Llc)
Panel here: hxxp://199.127.102.218/handy/beta/Panel/Panel/ stub here: hxxp://199.127.102.218/handy/beta/Bot/stub/ Builder: hxxp://199.127.102.218/handy/UMBRA_LOADER_1.2.0.RAR usb spread plugin: hxxp://199.127.102.218/handy/beta/Bot/Plugins/usbspreader.umbplg hosting infos: http://whois.domaintools.com/199.127.102.218