Palevo Tracker :: Home

Palevo is a worm that spreads using instant messaging, P2P networks and removable drives (like USB sticks). It is being sold in underground forums like ZeuS. The worm (also known as Rimecud, Butterfly bot and Pilleuz) made big press in 2010 (see Trend Micro: "Clipping Mariposa's Wings" / Symantec: "Symantec: The Mariposa Butterfly"). For more information about Palevo you can take a look at the Palevo readme file.

-> Palevo Tracker Statistics

Recent Palevo Command&Control servers

subscribe Subscribe Palevo Tracker C&C RSS Feed

DateaddedPalevo C&C DomainIP addressStatusSBLAS numberAS nameCountryLastseen# of Samples
2012-12-12internet.estr.es189.135.116.163onlineNot listedAS8151Uninet S.A. de C.V.,MXMX Mexico (MX)never1
2012-10-26mariposita.web-personal.org189.236.206.143onlineNot listedAS8151Uninet S.A. de C.V.,MXMX Mexico (MX)never1
2012-09-06s.24otuwotefsmd.com115.236.76.168onlineNot listedAS4134CHINANET-BACKBONE No.31,Jin-roCN China (CN)2012-09-112
2012-08-11ns.dunno-net.com69.43.161.141onlineNot listedAS22489CASTLE-ACCESS - Castle Access AU Australia (AU)2012-11-053
2012-08-04mail3.nad123nad.com67.198.207.34onlineNot listedAS35908VPLSNET - Krypt Technologies,UUS United States (US)2013-04-165
2012-08-03computo164.laweb.es187.214.120.147onlineNot listedAS8151Uninet S.A. de C.V.,MXMX Mexico (MX)2012-10-242
2012-04-10bff4.7oorq8.com208.185.82.133onlineNot listedAS6461ABOVENET - Abovenet CommunicatUS United States (US)never1
2011-12-10alotibi.panadool400.com141.138.203.138onlineNot listedAS35470XL-AS XL Internet Services B.VNL Netherlands (NL)2012-08-043
2011-10-29hcuewgbbnfs1uew.com176.31.117.59onlineNot listedAS16276OVH OVH SAS,FRFR (FR)2012-08-303
2011-08-15hcuewgbbnfdu1ew.com80.83.124.187onlineNot listedAS29141BKVG-AS Bradler & Krantz GmbH DE Germany (DE)2012-05-0218
2011-04-04bff.7oorq8.com107.150.36.226onlineNot listedAS33387DATASHACK - DataShack, LC,USUS United States (US)2011-10-013
2011-03-20ssl.aukro.ua5.134.210.228onlineNot listedAS42656QXL-POLAND Grupa Allegro Sp. zPL Poland (PL)2011-05-2713
2011-03-08mst.com.ua82.196.6.164onlineNot listedAS46652SERVERSTACK-ASN - ServerStack,NL Netherlands (NL)2011-05-1212
2011-02-19masterkey.com.ua91.208.194.18onlineNot listedAS47900AMSOFT-AS Art-master LLC,UAUA Ukraine (UA)2011-05-1210
2011-02-16mx5.nadnadzz2.info183.60.143.34onlineSBL213735AS4134CHINANET-BACKBONE No.31,Jin-roCN China (CN)2011-05-0273
2011-02-13rastu.com.ua144.76.143.4onlineNot listedAS24940HETZNER-AS Hetzner Online AG,DDE Germany (DE)2011-05-1210
2011-02-07ms4all.twoplayers.net98.126.44.98onlineNot listedAS35908VPLSNET - Krypt Technologies,UUS United States (US)2011-05-166
2011-02-07uae1.info205.178.189.131onlineNot listedAS6245NETWORK-SOLUTIONS - InterNIC RUS United States (US)2011-05-1627
2011-02-05tlaloc666.com89.233.105.148onlineNot listedAS35017SWIFTWAY-AS Swiftway Sp. z o.oNL Netherlands (NL)2013-04-2775
2011-01-24legionarios.servecounterstrike.com76.74.255.138onlineNot listedAS13768PEER1 - Peer 1 Network (USA) IUS United States (US)2013-05-0560
2011-01-23penchatox.sin-ip.es67.210.170.141onlineNot listedAS26230TOTTAWA - Telecom Ottawa LimitCA Canada (CA)2012-11-0986
2011-01-17panchitox.laweb.es67.210.170.140onlineNot listedAS26230TOTTAWA - Telecom Ottawa LimitCA Canada (CA)2013-04-15132
2011-01-14symconempkr.com194.116.174.85onlineNot listedAS15510CWCS-PS Compuweb CommunicationGB United Kingdom (GB)2011-10-0962
2011-01-10arta.romail3arnest.info173.230.133.99onlineNot listedAS3595GNAXNET-AS - Global Net AccessUS United States (US)2013-03-2532
2011-01-09shv4.no-ip.biz76.74.255.138onlineNot listedAS13768PEER1 - Peer 1 Network (USA) IUS United States (US)2013-04-15323
2011-01-07shv4b.getmyip.com67.210.170.169onlineNot listedAS26230TOTTAWA - Telecom Ottawa LimitCA Canada (CA)2011-06-08251

# of Palevo Command&Control Servers tracked: 26