frizzcams.com (Betabot http botnet hosted by Balticservers.com)

By I_Post_Ur_Info, May 11, 2014

Resolved frizzcams.com to 5.199.165.239

Server:  frizzcams.com
Gate file:  /beta/order.php

Alternate domains:
fapncam.com
proxypool.info
update-silo.com

This has the same C&C domains as this betabot, just in a different order. It’s involved with spreading a youtube views boosting bot.

Domain info: frizzcams.com

Domain Name: FRIZZCAMS.COM
Registrar: MONIKER ONLINE SERVICES LLC

Registrant [4327848]:
        Moniker Privacy Services FRIZZCAMS.COM@monikerprivacy.net
        Moniker Privacy Services
        1800 SW 1st Avenue
        Suite 440
        Portland
        OR
        97201
        US


Administrative Contact [4327848]:
        Moniker Privacy Services FRIZZCAMS.COM@monikerprivacy.net
        Moniker Privacy Services
        1800 SW 1st Avenue
        Suite 440
        Portland
        OR
        97201
        US
        Phone: +1.5032070147
        Fax:   +1.9545859186


Billing Contact [4327848]:
        Moniker Privacy Services FRIZZCAMS.COM@monikerprivacy.net
        Moniker Privacy Services
        1800 SW 1st Avenue
        Suite 440
        Portland
        OR
        97201
        US
        Phone: +1.5032070147
        Fax:   +1.9545859186


Technical Contact [4327848]:
        Moniker Privacy Services FRIZZCAMS.COM@monikerprivacy.net
        Moniker Privacy Services
        1800 SW 1st Avenue
        Suite 440
        Portland
        OR
        97201
        US
        Phone: +1.5032070147
        Fax:   +1.9545859186


Domain servers in listed order:

        NS1.PROXYPOOL.INFO
        NS2.PROXYPOOL.INFO

        Record created on:        2013-09-24 13:11:40.0
        Database last updated on: 2014-03-30 13:12:56.15
        Domain Expires on:        2014-09-24 13:11:44.0

Hosting info: 5.199.165.239

inetnum:        5.199.164.0 - 5.199.165.255
netname:        BALTICSERVERS-LT-CLUSTER
descr:          Cluster network
country:        LT
admin-c:        MS33333-RIPE
tech-c:         MS33333-RIPE
status:         ASSIGNED PA
mnt-by:         DUOMENUCENTRAS-MNT
source:         RIPE # Filtered

person:         Martynas Simkevicius
address:        Tilzes 74
address:        LT-76140 Siauliai
phone:          +37070005030
nic-hdl:        MS33333-RIPE
mnt-by:         DUOMENUCENTRAS-MNT
source:         RIPE # Filtered
abuse-mailbox:   abuse@balticservers.com
remarks:        *************************************************
remarks:        * For spam/abuse/security issues please contact *
remarks:        *  =======>  abuse@balticservers.com  <=======  *
remarks:        *************************************************

route:          5.199.164.0/22
descr:          BALTICSERVERS-LT
origin:         AS16125
mnt-by:         DUOMENUCENTRAS-MNT
source:         RIPE # Filtered

route:          5.199.164.0/22
descr:          BALTICSERVERS-LT
origin:         AS59642
mnt-by:         DUOMENUCENTRAS-MNT
source:         RIPE # Filtered

Related md5s (Download samples from Malwr.com)
Betabot: b3f0c5659273a9b45f6d73f54beb744a
Youtube bot: 26b1de7d936b75d5b28d740cae58805a

Categories: Uncategorized
Tags: