twtw.toh.info(chinese malware hosted in Hong Kong Nwt Idc Data Service)

By Pig, April 18, 2011

Name Query Type Query Result Successful Protocol
twtw.toh.info DNS_TYPE_A 58.64.203.53 YES udp

– Unknown TCP Traffic:
58.64.203.53:443
State: Connection established, not terminated – Transferred outbound Bytes: 672 – Transferred inbound Bytes: 14657
Data sent:

exe file:
http://a3dc4d85.theseblogs.com

infos about hosting:
http://whois.domaintools.com/58.64.203.53

Categories: Uncategorized

Previous posttf122.tefgame.com(Trojan-Downloader.Win32.FraudLoad hosted in United States Dallas Theplanet.com Internet Services Inc)

Next post111.90.139.77(ngrbot hosted in Malaysia Piradius Net)