n18b7273u1j.in (Betabot http botnet hosted by worldstream.nl)

By I_Post_Ur_Info, September 20, 2013

Resolved n18b7273u1j.in to 217.23.3.102

Server: n18b7273u1j.in
Gate file: /M_jsh1/order.php

Alternate domains:
b19jdn167t.in

This is betabot version 1.5. This is the second betabot 1.5 botnet I have found, but the other one was just a different path on an already posted botnet, so it wasn’t worth a new post.
You may note that the domains used are only a day old.

Hosting infos: http://whois.domaintools.com/217.23.3.102

Related md5s (Search on Malwr.com to download samples)
Betabot: e2dfeedddcad222a0edb6e4a9b5205a4

Categories: Uncategorized

Tags: beta bot

Previous postsentryme.com (Betabot http botnet hosted by ecatel.net)

Next postscum1904life.com (Andromeda http botnet hosted by 2×4.ru)

2 Comments

Anonymous - September 20, 2013 at 9:06 pm

Downloads this skiddy "Survey Builder": https://malwr.com/analysis/ZmFhYjcwNjBmMjFmNDgxY2I1NDZmZDZlYWM0MmZkYjY/

This is the survey the user must do to unlock their PC: http://speedyfiles.net/file/0SR559

Please report this file! His account will be banned!

Anonymous - September 21, 2013 at 1:50 am

thank you

sinsec.net (Betabot http botnet hosted by alibabahost.com)

api.wifi-update.biz (Betabot http botnet hosted by oneandone.net)

frizzcams.com (Betabot http botnet hosted by Balticservers.com)

2 Comments

Anonymous - September 20, 2013 at 9:06 pm

Anonymous - September 21, 2013 at 1:50 am

Comments are closed