CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
spacer spacer

MIRT(TM)

Malware Incident Reporting and Termination(TM) Squad

A global malware termination operation launched by CastleCops, the volunteer MIRT Squad is comprised of folks who report malware, investigate malware, and actively work on malware takedown and termination. MIRT is funded by CastleCops. Become a MIRT Squad terminator by reporting malware today!

[ How-To / FAQ ]

MIRT -> Confirmed Malware | Terminated Malware


status: terminated

HTTP Response
14 Oct, 2008
18:37:17		408 - SIRT Operation Timed Out
ID967 (termination link)
TitleeCard
Entry
MIRT Squad
Reporter		0
Timestamp15 Aug, 2007 @ 14:16:24
Topic ID199267 - Read/respond to MIRT commentary.
Handler Note:
26 Aug, 2007
00:35:28		tetak: Consumed following related reports:

[1039] http://76.180.187.91/msdataaccess.exe
[1252] http://76.180.187.91/applet.exe
Handler Note:
26 Aug, 2007
00:36:13		tetak: View CIDR AS11351 Report: http://www.cidr-report.org/cgi-bin/as-report?as=11351

"11351 | US | arin | 1998-07-14 | RR-NYSREGION-ASN-01 - Road Runner HoldCo LLC"

Handler Note:
26 Aug, 2007
00:36:15		tetak: Extended information for AS11351:
State/Province: va
Country: us
Responsible Domain: rr.com
Abuse Email: abuse@rr.com
Handler Note:
26 Aug, 2007
00:36:15		tetak: video.exe at this location is a Trojan:Win32/Tibs.gen!B Trojan as seen by Microsoft
Handler Note:
26 Aug, 2007
00:37:21		tetak: Generated and sent email malware alert to respective parties.
Fetched URLs
Slaves1039, 1252,

Report for at 15 Aug, 2007 @ 14:30:03

fetched page

at 15 Aug, 2007 @ 14:30:04
MD5 Fingerprint: d41d8cd98f00b204e9800998ecf8427e
SHA1 Fingerprint: da39a3ee5e6b4b0d3255bfef95601890afd80709
Version 1.0
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
136ppm 0.202s (0.11s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer