seosaw.pw (betabot http botnet hosted by plusserver.de)

By I_Post_Ur_Info, January 29, 2014

Resolved seosaw.pw to 188.138.125.103

Server:  seosaw.pw
Gate file:  /wq782jwoqkQy19qkdh27hqudqj/order.php

Alternate domains:
microsoftgo.pw
updateom.info
seosaw.info
googlerw.info

Downloads what looks like Sefnit from 

hxxp://now.googlefast.pw/remote/index.php?u=48&istan

Hosting info: http://whois.domaintools.com/188.138.125.103

Related md5s (Download sample from Malwr.com
Betabot: daee8c5056fbbf1964588e70cb371fae
Sefnit: b99ed8704716ab6ff273e3dc66fe3cfb

Categories: Uncategorized
Tags: