Another version from this malware some domains changed.
makemegood24.com 213.165.83.176
1453eea.makemegood24.com 74.208.153.9
aaakemegood24.com 146.148.34.125
ww11.aaakemegood24.com 166.78.106.200
abakemegood24.com 50.21.181.152
acakemegood24.com 74.208.164.166
adakemegood24.com 74.208.153.9
aeakemegood24.com 87.106.20.192
afakemegood24.com
perfectchoice1.com 193.166.255.171
1459e2b.perfectchoice1.com 193.166.255.171
All hosts
74.208.164.166
87.106.253.18
54.210.47.225
166.78.106.200
87.106.20.192
213.165.83.176
87.106.250.34
193.166.255.171
URL’S
http://1453eea.makemegood24.com/?1453eea=21315306&id=212331279066
GET /?1453eea=21315306&id=212331279066 HTTP/1.1
User-Agent: KUKU v4.08 beta =212331279066
Host: 1453eea.makemegood24.com
Cache-Control: no-cache
http://perfectchoice1.com/?1459c9a=21339290&id=212331279066
GET /?1459c9a=21339290&id=212331279066 HTTP/1.1
User-Agent: KUKU v4.08 beta =212331279066
Host: perfectchoice1.com
Cache-Control: no-cache
http://aaakemegood24.com/?14540b7=21315767&id=212331279066
GET /?14540b7=21315767&id=212331279066 HTTP/1.1
User-Agent: KUKU v4.08 beta =212331279066
Host: aaakemegood24.com
Cache-Control: no-cache
http://adakemegood24.com/?14547fd=21317629&id=212331279066
GET /?14547fd=21317629&id=212331279066 HTTP/1.1
User-Agent: KUKU v4.08 beta =212331279066
Host: adakemegood24.com
Cache-Control: no-cache
http://acakemegood24.com/?145454a=21316938&id=212331279066
GET /?145454a=21316938&id=212331279066 HTTP/1.1
User-Agent: KUKU v4.08 beta =212331279066
Host: acakemegood24.com
Cache-Control: no-cache
http://ww11.aaakemegood24.com/
GET / HTTP/1.1
User-Agent: KUKU v4.08 beta =212331279066
Connection: Keep-Alive
Cache-Control: no-cache
Host: ww11.aaakemegood24.com
http://abakemegood24.com/?1454374=21316468&id=212331279066
GET /?1454374=21316468&id=212331279066 HTTP/1.1
User-Agent: KUKU v4.08 beta =212331279066
Host: abakemegood24.com
Cache-Control: no-cache
Sample here
Hosting infos :
http://whois.domaintools.com/213.165.83.176