Resolved vvvhhhccc.com to 192.111.153.98
Server: vvvhhhccc.com
Gate file: /8/8/8/be/order.php
Alternate domains:
virusprotect.su
virus-protector.net
latinodancewears.com.vn
He has a plasma http botnet on the same domain that he is using to mine dogecoins.
Gate file: /8/8/plasma/login.php
Hosting info: http://whois.domaintools.com/192.111.153.98
Related md5s (Download samples from Malwr.com)
Betabot: a58ddb7a7a3b823ff0ddd541f136d9f4
Plasma: 401459ef275cf0639a855a4dff234bf5
Mining info:
Stratum+tcp://pool.dogechain.info:3333 -u latinodresses.plasmahttp -p x
Anonymous - January 25, 2014 at 1:39 pm
Hei, did you know which are login details of his PlasmaHTTP?I will be happy even if you give me one of the two.
Anonymous - January 25, 2014 at 9:07 pm
Hi! I found another PlasmaHTTP site :
http://www.mikkeson.com/plasma/login.php