Hosted In United States Wilmington Hostus )

Thanks to Xylitol for confirming this is Betabot.

 Domain :

 Behaviours :

1 Contains Windows Firewall manipulation routine
2 Creates autorun registry key
3 Creates hook to unknown module
4 Deletes itself
5 Injects code into other processes
6 Makes DNS lookup of recently registered domain
7 Manipulates Internet Explorer settings
8 Runs existing executable
9 Steals local browser data
10 Suspicious delay
11 Tries to detect whether it is being emulated

Url’s : here u have the panel encoded(ioncube) and betabot folders.

hxxp:// alot of nazi pictures here u have to refresh your browser to see them all.

hxxp://  some samples here.

Login Panel :

Get samples here :  hxxp://

Hosting infos :

Categories: Uncategorized