Domains used by the malware: 34324325kgkgfkgf.com dsffdsk323721372131.com fdshjfsh324332432.com jdsiwiqweiqwyreqwi.com 80.242.123.208 HTTP Requests: URI: http://jdsiwiqweiqwyreqwi.com/dffgbDFGvf465/YYf.php DATA: POST /dffgbDFGvf465/YYf.php HTTP/1.0 Host: jdsiwiqweiqwyreqwi.com Accept: */* Accept-Encoding: identity, *;q=0 Accept-Language: en-US Content-Length: 272 Content-Type: application/octet-stream Connection: close Content-Encoding: binary User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) samples:Read more...