onlinedatingsecretfriends.com(malware hosted in United States Austin Road Runner Holdco Llc)

By Pig, March 17, 2011

onlinedatingsecretfriends.com 97.79.238.39
127.0.0.1 127.0.0.1
onemouseklick.com 96.9.186.133
zonetf.com 96.9.169.85
freecdvideo.com 66.199.251.242
www.google.com 209.85.149.105
www.yahoo.com 87.248.122.122

Opened listening TCP connection on port: 55192
Outgoing connection to remote server: onlinedatingsecretfriends.com TCP port 80
Outgoing connection to remote server: freecdvideo.com TCP port 80
Outgoing connection to remote server: zonetf.com TCP port 80
Outgoing connection to remote server: zonetf.com TCP port 80
Outgoing connection to remote server: onemouseklick.com TCP port 80
Outgoing connection to remote server: zonetf.com TCP port 80
Outgoing connection to remote server: zonetf.com TCP port 80
Outgoing connection to remote server: www.google.com TCP port 80
Outgoing connection to remote server: www.yahoo.com TCP port 80

exe here:
http://91.217.162.24/pod.exe

infos about hosting:
http://whois.domaintools.com/97.79.238.39

Categories: Uncategorized

Previous postxvm-163-151.ghst.net(botnet hosted in France Gandi Dedicated Hosting Servers)

Next postunassigned.calpop.com(botnet hosted in United States Los Angeles Atmlink Inc)