KUKU406beta(Malware stealing passwords hosted in Germany Dortmund 1&1 Internet Ag)

This is spreading through torrents and cracks and looks like passwd stealer.

Domains and ip’s used :

makemegood24.com         213.165.83.176
e710e2.makemegood24.com 87.106.20.192
aaakemegood24.com         146.148.34.125
ww11.aaakemegood24.com 166.78.106.200
abakemegood24.com         74.208.153.9
acakemegood24.com         87.106.20.192
adakemegood24.com         213.165.83.176
aeakemegood24.com         74.208.164.166
afakemegood24.com
perfectchoice1.com                 193.166.255.171
e71ec5.perfectchoice1.com 193.166.255.171
bparfectchoice1.com         109.74.196.143
bpbrfectchoice1.com         87.106.20.192
bpcrfectchoice1.com         52.28.3.6
bpdrfectchoice1.com
bperfectchoice1.com         52.28.3.6
bpfrfectchoice1.com
cash-ddt.net                         87.106.20.192
e7ce24.cash-ddt.net         87.106.253.18
ccaah-ddt.net                         50.21.181.152

HTTP Requests

 http://adakemegood24.com/?e718b5=15145141&id=150819103501

GET /?e718b5=15145141&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: adakemegood24.com
Cache-Control: no-cache

http://ww11.aaakemegood24.com/

GET / HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Connection: Keep-Alive
Cache-Control: no-cache
Host: ww11.aaakemegood24.com

http://bpcrfectchoice1.com/?e778fb=15169787&id=150819103501

GET /?e778fb=15169787&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: bpcrfectchoice1.com
Cache-Control: no-cache

http://bpbrfectchoice1.com/?e77710=15169296&id=150819103501

GET /?e77710=15169296&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: bpbrfectchoice1.com
Cache-Control: no-cache

http://e710e2.makemegood24.com/?e710e2=15143138&id=150819103501

GET /?e710e2=15143138&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: e710e2.makemegood24.com
Cache-Control: no-cache

http://e7ce24.cash-ddt.net/?e7ce24=15191588&id=150819103501

GET /?e7ce24=15191588&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: e7ce24.cash-ddt.net
Cache-Control: no-cache

http://aeakemegood24.com/?e71b18=15145752&id=150819103501

GET /?e71b18=15145752&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: aeakemegood24.com
Cache-Control: no-cache

http://aaakemegood24.com/?e712af=15143599&id=150819103501

GET /?e712af=15143599&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: aaakemegood24.com
Cache-Control: no-cache

http://bperfectchoice1.com/?e77a6d=15170157&id=150819103501

GET /?e77a6d=15170157&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: bperfectchoice1.com
Cache-Control: no-cache

http://perfectchoice1.com/?e71d21=15146273&id=150819103501

GET /?e71d21=15146273&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: perfectchoice1.com
Cache-Control: no-cache

http://acakemegood24.com/?e71757=15144791&id=150819103501

GET /?e71757=15144791&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: acakemegood24.com
Cache-Control: no-cache

http://abakemegood24.com/?e71562=15144290&id=150819103501

GET /?e71562=15144290&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: abakemegood24.com
Cache-Control: no-cache

http://makemegood24.com/?e70e4d=15142477&id=150819103501

GET /?e70e4d=15142477&id=150819103501 HTTP/1.1
User-Agent: KUKU v4.08 beta =150819103501
Host: makemegood24.com
Cache-Control: no-cache

Get files here and here

Hosting infos.