navega.pw (Betabot http botnet hosted by OVH.net)

By I_Post_Ur_Info, August 30, 2013

Resolved navega.pw to 198.245.51.109

Server: navega.pw
Gate file: /b7891/b986/bnav123/mar/360/vid5852/order.php

This is on the same IP as the previously posted Athena irc botnet, and is one of three betabot botnets hosted on the server, with smalltoys and strike-file-hosting being the other two.

Hosting infos: http://whois.domaintools.com/198.245.51.109

Related md5s (Search on malwr.com to download the samples)
betabot: a422f5aabc160f5a8dbde033ea9e6d0b

Edit:
There is now a betabot version 1.5 botnet hosted at the path
hxxp://navega.pw/b7891/b986/vid5852/mar/360/bnav123/order.php

Categories: Uncategorized

Tags: beta botmarvid

Previous posthosting-bros.me (Athena irc botnet hosted by OVH.net)

Next postbicycletrainers.info (betabot http botnet proxied by cloudflare to 100tb.com)

sinsec.net (Betabot http botnet hosted by alibabahost.com)

api.wifi-update.biz (Betabot http botnet hosted by oneandone.net)

frizzcams.com (Betabot http botnet hosted by Balticservers.com)