Palevo Tracker :: Home

Palevo is a worm that spreads using instant messaging, P2P networks and removable drives (like USB sticks). It is being sold in underground forums like ZeuS. The worm (also known as Rimecud, Butterfly bot and Pilleuz) made big press in 2010 (see Trend Micro: "Clipping Mariposa's Wings" / Symantec: "Symantec: The Mariposa Butterfly"). For more information about Palevo you can take a look at the Palevo readme file.

-> Palevo Tracker Statistics

Recent Palevo Command&Control servers

subscribe Subscribe Palevo Tracker C&C RSS Feed

DateaddedPalevo C&C DomainIP addressStatusSBLAS numberAS nameCountryLastseen# of Samples
2012-10-26mariposita.web-personal.org189.236.206.143onlineNot listedAS8151Uninet S.A. de C.V., MXMX Mexico (MX)never1
2012-04-14webmail.drshells.net199.2.137.25onlineNot listedAS3598MICROSOFT-CORP-AS - Microsoft US United States (US)never1
2011-05-05hubs.toikgame.com103.51.144.193onlineNot listedAS133731TOINTER-AS-AP Royal Network TeHK (HK)2011-06-0856
2011-04-04bff.7oorq8.com107.150.36.226onlineNot listedAS33387DATASHACK - DataShack, LC, USUS United States (US)2011-10-013 listedAS200130NL Netherlands (NL)2011-05-1212
2011-02-24av.babypin.net199.2.137.20onlineNot listedAS3598MICROSOFT-CORP-AS - Microsoft US United States (US)2011-04-2312 listedAS47900AMSOFT-AS Art-master LLC, UAUA Ukraine (UA)2011-05-1210
2011-02-17hub3.toikgame.com103.51.144.193onlineNot listedAS133731TOINTER-AS-AP Royal Network TeHK (HK)2011-03-1415
2011-02-12tes.stuckin.org173.255.206.248onlineNot listedAS36351SOFTLAYER - SoftLayer TechnoloUS United States (US)2012-02-0890
2011-01-24legionarios.servecounterstrike.com76.74.255.138onlineNot listedAS13768PEER1 - Peer 1 Network (USA) IUS United States (US)2013-05-0560
2011-01-10arta.romail3arnest.info173.230.133.99onlineNot listedAS17025US United States (US)2013-03-2532 listedAS13768PEER1 - Peer 1 Network (USA) IUS United States (US)2013-04-15323
2011-01-07shv4b.getmyip.com67.210.170.169onlineNot listedAS26230TOTTAWA - Telecom Ottawa LimitCA Canada (CA)2011-06-08251
2011-01-06ff.fjpark.com42.120.158.78onlineNot listedAS37963CNNIC-ALIBABA-CN-NET-AP HangzhCN China (CN)2011-08-1515

# of Palevo Command&Control Servers tracked: 14