uploadwith.me (Betabot http botnet hosted by datashack.net)

Resolved uploadwith.me to 63.141.233.107

Server:  uploadwith.me
Gate file:  /ashg653/order.php

Alternate domain:
strike-file-hosting.us

Hosting info:  http://whois.domaintools.com/63.141.233.107

Notice anything interesting about this IP?

CustName:       Chris Gravenstein
Address:        201 E. 16th st
City:           North Kansas City
StateProv:      MO
PostalCode:     64116
Country:        US
RegDate:        2013-10-21
Updated:        2013-10-21
Ref:            http://whois.arin.net/rest/customer/C04738525

That’s right, Chris Gravenstein, aka digital has managed to top his previous acts of stupidity by getting his real info assigned to an IP address he’s using to host his malware.

Related md5s (Download sample from Malwr.com)
Betabot: 6facf6bdf3eb76f1594b097fcc8fef5b

Categories: Uncategorized

1 Comment

Anonymous - January 7, 2014 at 9:15 pm

Comments are closed