Tuesday, February 7, 2012

Deutschen Post Strain 1 - Some information

Nothing to mention, really. I ran the first strain in the same condition ... and got the same outcome. It seems that the two are variants of the same piece of code.

They both try to access Google.com, then resolve "kemolderin.com" and to do a POST request to "/wap/udp.php".

For more information: see my previous post