adobe-helper.cloudapp.net (Andromeda http botnet hosted by microsoft.com)

By I_Post_Ur_Info, September 20, 2013

Resolved adobe-helper.cloudapp.net to 168.63.166.85

Server: adobe-helper.cloudapp.net
Gate file: /updates/gate.php

It downloads a bitcoin miner and begins mining using this proxy, also hosted on the windows cloud:
hxxp://updating-flash6.cloudapp.net
Bonus andromeda 2.7 panel here: hxxp://adobe-helper.cloudapp.net/panel.zip

Hosting infos: http://whois.domaintools.com/168.63.166.85

Related md5s (Search on Malwr.com to download samples)
Andromeda: 2fd21454a5c17fcfffef9f900dec1434

Categories: Uncategorized

Tags: Andromeda BotBitcoin Miner Botnet

Previous postdreiansc.ws (Ice 9 banking malware hosted by vps.ua)

Next postsentryme.com (Betabot http botnet hosted by ecatel.net)

illuminati.sx (Plasma http botnet hosted by worldstream.nl)

shinyhosting.ws.gy(Andromeda Bot hosted in United States Amsterdam Hosting Servers)

meziamussucemaqueue.su (Betabot http botnet hosted by sunnyvision.com)