[TwinHeadedEagle]

What is the simplest way to find out adress of server that downloader contacts to download more malware...

Can you point me some informations, tools or articles.

Thanks

[EP_X0FF]

http://www.wireshark.org/download.html

[dn5]

Either Wireshark as EP_X0FF posted or track UrlDownloadToFile API in OllyDbg.

Regards.

References:
//hxxp://msdn.microsoft.com/en-us/library/ms775123(v=vs.85).aspx