More BetaBot:
In attach Unpacked + dump of config:
MD5 c6ca1470501c1d885717104ca9ac51e2
MD5 4046fd4e5ddfc40548c2316d6cd289f4
MD5 c994461c69b02a63d0f1bbcd2a56ba54
From the config of c6ca1470501c1d885717104ca9ac51e2:
In attach Unpacked + dump of config:
MD5 c6ca1470501c1d885717104ca9ac51e2
MD5 4046fd4e5ddfc40548c2316d6cd289f4
MD5 c994461c69b02a63d0f1bbcd2a56ba54
From the config of c6ca1470501c1d885717104ca9ac51e2:
- Owner: the sky daddy
- Dropped File name: svchost (win)
- C&C(s):
Code: Select all
gate: sentryme.com/order.php gate: stayattentive.com/order.php
- Owner: lavnesh (http://www.hackforums.net/member.php?ac ... uid=101982 ???)
- Dropped File name: Realtek (Realtek\Audio\Manager)
- C&C(s):
Code: Select all
gate: hxxp://lpa4u.in/radioserver/order.php
- Owner: nicksasa
- Dropped File name: Magic Helper
- C&C(s):
Code: Select all
gate: hxxp://imafaggot.pw/service/order.php gate: hxxp://winblowservice.hopto.org/service/order.php login: hxxp://winblowservice.hopto.org/service/login.php gate: hxxp://imtheop.redirectme.net/service/order.php login: hxxp://imtheop.redirectme.net/service/login.php
Attachments
pass: infected
(113.37 KiB) Downloaded 82 times
(113.37 KiB) Downloaded 82 times
pass: infected
(113.95 KiB) Downloaded 84 times
(113.95 KiB) Downloaded 84 times
pass: infected
(114.62 KiB) Downloaded 81 times
(114.62 KiB) Downloaded 81 times