http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~PWS-BXJ/detailed-analysis.aspx
www.wmicrosoftw3.com
Whois
Domain Name ..................... WMICROSOFTW3.COM
Name Server ..................... dns27.hichina.com
dns28.hichina.com
Registrant ID ................... hc354172142-cn
Registrant Name ................. li gang
Registrant Organization ......... ligang
Registrant Address .............. beijingchaiyangshuangjing
Registrant City ................. bei jing shi
Registrant Province/State ....... bei jing
Registrant Postal Code .......... 100001
Registrant Country Code ......... CN
Registrant Phone Number ......... +86.01052636523 -
Registrant Fax .................. +86.01095236325 -
Registrant Email ................ pksslxc@gmail.com
pksslxc@gmail.com is also registrant of many other espionage domains
Actor Attribution
pksslxc@gmail.com is the registrant email of many chinese boards. On his baidu profile he mentioned that he is into Computers / Network Military but after the Bloomberg and Mandiant report, he removed that information.
6Sanya
http://www.6sanya.com/show.php?t_766_72_82125
http://www.tianya.cn/techforum/content/766/72/82125.shtml ( Cache)
7140#作者:pksslxc 回复日期:2012-3-19 23:12:00 pksslxc@gmail.com
http://www.baidu.com/p/pksslxc
http://www.baidu.com/p/pksslxc/detail
擅长领域: 电脑/网络 军事
Male, Area of expertise - Computer / Network Military
(Now the profile details are changed)
CSDN Profile
http://blog.csdn.net/pksslxc
51CTO Blog
http://3239647.blog.51cto.com
Tianya Board
http://www.tianya.cn/65799758
No comments:
Post a Comment