Resolved r.gigaionjumbie.biz to 5.199.171.131, 5.199.171.132, 5.199.171.133 Server: r.gigaionjumbie.biz Gate file: /images/gx.php Alternate domains: x.dailyradio.su x.kei.su Hosting infos: http://whois.domaintools.com/5.199.171.131 http://whois.domaintools.com/5.199.171.132 http://whois.domaintools.com/5.199.171.133
Power Loader(http malware hosted in Luxembourg Steinsel Root Sa)
HTTP Requests: hxxp://94.242.250.178/daol/asidfk11.dat?wv=51&bt=32 hxxp://94.242.250.178/daol/oadl.php hxxp://wickedreport.com/images/2009/05/naughty-elephant.jpg Sample: hxxp://tbsnpd.best.volyn.ua/dlimage11.php hxxp://94.242.250.178/daol/asidfk11.dat Hosting infos: http://whois.domaintools.com/94.242.250.178