Domain and Ip m0ntecrist0.co.ve 195.3.144.85 Sample : hxxp://82.165.11.63/DHL-All4btc%40Dhl.com Hosting Infos : http://whois.domaintools.com/195.3.144.85
boot.sx (Betabot http botnet hosted by worldstream.nl)
Resolved boot.sx to 109.236.80.74 Server: boot.sx Gate file: /g4sg/order.php Alternate domain: illuminati.sx This betabot is quite interesting due to the bizarre crypter it uses. The crypter starts with a Winrar SFX archive. This dumps it’s contents in the users temp folder and starts the next layer, a vbs script. The vbs script runs a AutoITRead more...