uploadwith.me (Betabot http botnet hosted by datashack.net)

By I_Post_Ur_Info, January 2, 2014

Resolved uploadwith.me to 63.141.233.107

Server: uploadwith.me
Gate file: /ashg653/order.php

Alternate domain:
strike-file-hosting.us

Hosting info: http://whois.domaintools.com/63.141.233.107

Notice anything interesting about this IP?

CustName:       Chris Gravenstein
Address:        201 E. 16th st
City:           North Kansas City
StateProv:      MO
PostalCode:     64116
Country:        US
RegDate:        2013-10-21
Updated:        2013-10-21
Ref:            http://whois.arin.net/rest/customer/C04738525

That’s right, Chris Gravenstein, aka digital has managed to top his previous acts of stupidity by getting his real info assigned to an IP address he’s using to host his malware.

Related md5s (Download sample from Malwr.com)
Betabot: 6facf6bdf3eb76f1594b097fcc8fef5b

Categories: Uncategorized

Tags: beta botdigital

Previous postilluminati.sx (Plasma http botnet hosted by worldstream.nl)

Next post93.174.94.158 (Linux Perl bots hosted by Ecatel.net)

1 Comment

Anonymous - January 7, 2014 at 9:15 pm

http://pastebin.com/eRzk8p0m

Enough said.

sinsec.net (Betabot http botnet hosted by alibabahost.com)

api.wifi-update.biz (Betabot http botnet hosted by oneandone.net)

frizzcams.com (Betabot http botnet hosted by Balticservers.com)

1 Comment

Anonymous - January 7, 2014 at 9:15 pm

Comments are closed