millanchannel.info (Baadshah from #bottalk second botnet)

By Pig, May 6, 2009

– DNS Queries:millanchannel.info
– HTTP Conversations: 92.48.75.63:80 – [millanchannel.info]
Request: GET /uddb.exe
Response: 200 “OK”
Request: GET /uddb.exe
Response: 304 “Not Modified”

– HTTP Conversations: 72.10.169.26:80 – [72.10.169.26]
Request: GET /ssvc.exe
Response: 200 “OK”

– IRC Conversations:

72.10.169.26:2569
Nick: fpNWLXVf
Username: ewambn
Joined Channel: ##russia##
Channel Topic for Channel ##russia##: “=dphtYucrsh1S2Lp/Iah/dudBcoYuLymU7nu+UAHBCer23eQTNteOzdaveWqqR8QeZx8vQyyqlxdq5hvnyYvtkRtc5r6f1fpdFZpTJvfpFzLWUE0CaSQhDN3yBqfMiB”

ssvc.exe infos

– DNS Queries:

Name Query Type Query Result Successful Protocol
s.bigolder.info DNS_TYPE_A 64.191.93.90 1

– Opened Listening Ports:

Port Type
4820 tcp

Categories: Uncategorized

Previous postjiets.soidudrf.com (Baadshah,lynx from #bottalk DNS for bots)

Next postitalian.swiifatecihno.com(Baadshah from #bottalk server)