Page 67 - index
P. 67
tout=60
osbt=1
osv=5.1 Windows version
osbd=2600 Windows build version
ossp=3.0 Windows Service Pack version
ulv=4
elv=1
rad=1
agp=1
devicea=1
devicev=0
uname=[username] username
cname=[computer_nam
e] computer name
vpn=1 vpn on
tvrv=0.2.2.1 tvspy version
The last variable is particularly interesting as this is the first time we have seen it. Other samples we
analyzed have not displayed this variable.
Command and control servers:
5.45.70.137/stats/getinfo.php
78.47.135.84/contacts/getinfo.php
91.121.44.159/tvddj39/gerinfo.php
91.215.155.46/tv/getinfo.php
91.215.155.48/tv/getinfo.php
92.53.96.101/getinfo.php
109.234.35.77/btrtrxirmi/getinfo.php
162.211.230.170/tv/getinfo.php
178.63.249.40/awstat/getinfo.php
194.63.142.171/tv/getinfo.php
206.su/admin42/getinfo.php
ac.myjino.ru/getinfo.php
aflnatour.ru/admin/getinfo.php
aflnatour.ruadmin/getinfo.php
bestkassa.com/tb/getinfo.php
blackvfl.com/tv0/getinfo.php
bo1324522.com/tv/getinfo.php
cdn-rskp.com/cdn/getinfo.php
67 Cyber Warnings E-Magazine – September 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
