micolosoft.in(Trojan-Ransom.Winlock hosted in United States Scranton Network Operations Center Inc)

Traffic – by DNS:
micolosoft.in 184.22.188.84
poletaem002.in 199.168.139.53
mekrosoft.in 184.22.188.84

Traffic – by TCP/IP Connections:
184.22.188.84 80
199.168.139.53 80

Traffic – by URL:
URL
micolosoft.in/zip/gate.php?user=partner_011&uid={B31F86E0-234C-11E1-BBF6-806D6172696F}&os=2
poletaem002.in/image/gate.php?getcmd=1&uid=XANNY here it demands for user and passwd have fun finding them

this is what u get if u are infected with:

hosting infos:
http://whois.domaintools.com/184.22.188.84

Categories: Uncategorized