mal-labs.asia (Andromeda http botnet hosted by United States Denver Fdcservers.net)

By I_Post_Ur_Info, November 24, 2012

Resolved mal-labs.asia to 37.221.170.238

Server: mal-labs.asia
Gate file: image.php
Plugins:
Rootkit mal-labs.asia/plugins/r.pack
Formgrabber mal-labs.asia/plugins/f.pack
Gate file: fg.php

This is the file Paradoxun was running on his bots (cachke.exe).

Hosting infos: http://whois.domaintools.com/37.221.170.238

Categories: Uncategorized

Tags: Andromeda BotParadoxun

Previous post199.119.226.75 (Barracuda irc botnet hosted by France Paris Dnsslave.com)

Next postz.7z.lt (Andromeda http malware hosted by United States Fremont Hurricane Electric Inc.)