BotHunter ®
  Cyber-TA Internet Release
  Computer Science Laboratory
  SRI International


  SAMPLE NAME:    Spy22_botHunter.txt
  Last Updated: Tue Dec 29 11:44:56 2009
BOTHUNTER LOGO
www.BOTHUNTER.net


Victim IP
 		Max Score
 		Profiles
 		CCs
 		Events
192.168.71.131
 2.8 VIEW 1
  • 72.55.140.184 (Ip-72-55-140-184.Static.Privatedns.Com), Country: Canada (Ca), City: Montreal.
  • 206.251.244.226 (Ny1026.Yawsa.Com), Country: United States (Us), City: (Unknown City).
  • 85.12.60.13 Country: Belgium (Be), City: (Unknown City).
  • 199.93.58.124 Country: United States (Us), City: (Unknown City).
  • 208.69.57.194 Country: (Unknown Country?) City: (Unknown City?).
  • 64.191.208.114 (Vrp1.Ric.Xpc-Mii.Net), Country: United States (Us), City: Woburn, Ma.
  • 85.255.118.117 (85.255.118.117.Static.Ukrtelegroup.Com.Ua), Country: Ukraine (Ua), City: Odessa.
  • 1:2002739 {tcp} Egg Download: ET MALWARE iDownloadAgent Spyware User Agent; 3056->80
  • 1:2008012 {tcp} Egg Download: ET MALWARE Winquickupdates.com/Mycashloads.com Related Trojan Install Report; 3048->80
  • 1:2007577 (2) {tcp} Egg Download: ET TROJAN General Downloader Checkin URL (GUID+); 3090->80
  • 1:2008394 (2) {tcp} Egg Download: ET CURRENT_EVENTS Likely Trojan-Downloader.Win32.Homles.br (/17PHolmes.cmt); 3043->80
  • 1:2008438 (2) {tcp} Egg Download: ET MALWARE Possible Windows executable sent when remote host claims to send a Text File; 3043<-80
  • 1:2002739 {tcp} Egg Download: ET MALWARE iDownloadAgent Spyware User Agent; 3044->80