seevu.net Waldek Trojan Hosted In (Netherlands Dronten Disk Group Ltd.)

Behaviours

1 Attempts connections to suspicious countries
2 Automatically unpack its own code
3 Creates hook to unknown module
4 Injects code into other processes
5 Makes DNS lookup of recently registered domain
6 Runs existing executable

Dns Lookup

seevu.net 185.36.102.105
siloovoox.net 188.165.28.225

Sample here : hxxp://www.datafilehost.com/d/384b8efc

Hosting Infos :
http://whois.domaintools.com/185.36.102.105