alhamad.biz (Solar http botnet hosted by softlayer.com)

By I_Post_Ur_Info, October 3, 2013

Resolved alhamad.biz to 50.23.58.11

Server: alhamad.biz
Gate file: /web/info.php

Alternate domains (not currently registered):
gilsoncherylfuelquest.biz
burdickdoug-fuel.biz
callawayrickcanadian.biz
cano-martintexas.biz
comptondeborah-exxon.biz
davenport-kirktexas.biz
dearie-erin-international.biz
dixon-christy-oklahoma.biz
donnellan-robert-2global.biz
doughertymichael-fhwa.biz
drewryamy-louisdreyfus.biz
dudek-sabrina-nustarenergy.biz
engelken-davidtank-management.biz
farishdanmurphy-oil.biz
felettoloucaboard.biz
fitzgeraldjulian-sr2.biz

It also tried to connect to a gate file hosted on a hacked site at hxxp://carriesbridalcollection.com/images/1/2/cart.php

Hosting infos: http://whois.domaintools.com/50.23.58.11

Related md5s (Search on Malwr.com to download samples)
Solar:
f83706169037cf6da4bf04469428329a

Categories: Uncategorized

Tags: solarbot

Previous postupdating-flash.cloudapp.net (Citadel banking malware hosted by Microsoft.com)

alhamad.biz (Solar http botnet hosted by softlayer.com)

1 Comment

Anonymous - October 7, 2013 at 5:59 am

Comments are closed

93.171.173.195 (Solar http botnet hosted by InterServer.ru)

thepremiumsellers.com (Solar http botnet hosted by Ecatel.net)

www.paloshke.org (Solar http botnet hosted by ghandi.net)

1 Comment

Anonymous - October 7, 2013 at 5:59 am

Comments are closed