linux.xinhuamei.net DNS_TYPE_A 123.184.41.30 Malware installs as service,injects to iexplorer and does selfdelete : “C:WINDOWSsystem32cmd.exe” /c del C:a.exe > nul Sample here : hxxp://www.xup.in/dl,17109295/a.7z/ Hosting Infos : http://whois.domaintools.com/123.184.41.30