[MIRT#11191] Backdoor on 202.143.160.86 AS23974

 CastleCops -> MIRT Reports
Author: tetak PostPosted: Fri May 09, 2008 2:44 am    Post subject: [MIRT#11191] Backdoor on 202.143.160.86 AS23974
Malware Alert
 
 Full Report: CastleCops Link/Backdoor_malware11191.html
 
 Changed status to confirmed malware.IP Converted: 202.143.160.86

dword = 3398410326
hex1 = 0xca8fa056
hex2 = 0xca.0x8f.0xa0.0x56
oct = 0312.0217.0240.0126
card.exe at this location is malware known as Backdoor:Win32/IRCFlood (Microsoft).View CIDR AS23974 Report: http://www.cidr-report.org/cgi-bin/as-report?as=23974

"23974 | TH | apnic | 2003-12-12 | MOE-EDNET-AS-AP Ministry of education"<br />
Extended information for AS23974:
State/Province:
Country: th
Responsible Domain: emisc.moe.go.th
Abuse Email: postmaster@emisc.moe.go.th
Quote:
http://202.143.160.86/~kmc/card.exe
CastleCops -> MIRT Reports

All times are GMT

Page 1 of 1


Powered by phpBB © 2001 phpBB Group