1e2.bmobile-free.co.cc DNS_TYPE_A 76.73.100.211 76.73.100.211:2241 Nick: [AUT|00|P|22493] Username: XP-1133 Server Pass: password Joined Channel: ##Net##Man## with Password HaCkers.For.PC Channel Topic for Channel ##Net##Man##: “$seed.utorrent” Topic By: [ Emperador ] Modes On: [ ##Net##Man## ] [ +smntu ] infos about hosting here: http://whois.domaintools.com/76.73.100.211
server.gasbian.com(botnet hosted in United States Chicago Hostforweb Inc)
Remote Host Port Number 174.37.200.82 80 216.178.38.224 80 63.135.80.46 80 64.208.241.41 80 69.63.181.15 80 205.234.145.229 1234 PASS xxx MODE NEW-[USA|00|P|57896] -ix JOIN #!nn! test PONG 22 MOTD NICK NEW-[USA|00|P|57896] USER XP-0495 * 0 :COMPUTERNAME Other details * The following ports were open in the system: Port Protocol Process 1059 TCP nvsvc32.exe (%Windir%nvsvc32.exe) 1062 TCP nvsvc32.exeRead more...
main.logmebaby.com(bfbot hosted in United States Dallas Theplanet.com Internet Services Inc)
main.logmebaby.com DNS_TYPE_A: 174.122.138.170 174.121.62.122 174.122.138.154 174.122.138.162 – TCP Connection Attempts: 174.122.138.170:8800 174.121.62.122:8800 174.122.138.154:8800 174.122.138.162:8800 more here: http://anubis.iseclab.org/?action=result&task_id=1d7b1f13eb62a9bd461f71d0a04dfd8ac&format=html infos about hosting: http://whois.domaintools.com/174.122.138.170
173-163-151-27-cpennsylvania2.hfc.comcastbusiness.net(botnet hosted in United States Mechanicsburg Comcast Business Communications Inc)
Remote Host Port Number 173.163.151.27 9595 PASS prison 208.78.69.70 80 72.233.89.199 80 PRIVMSG {iNF-00-USA-XP-C` =~@ :HTTP SET http://211.232.30.165/http.exe JOIN ###meat PRIVMSG {00-USA-XP-COMP-` =~@ :SC// Sequential Port Scan started on 192.168.0.0:445 with a delay of 10 seconds for 0 minutes using 100 threads. PONG leaf.12774.com NICK {iNF-00-USA-XP-COMP-5508} USER MEAT * 0 :COMP JOIN #http NICK {00-USA-XP-COMP-1284}Read more...
d0x.me(botnet hosted in United States Crystal River Ispsystem At Nac)
Remote Host Port Number 82.146.51.22 1338 PONG :BEBD508C NICK qvdzl JOIN #foxes USER oivWsEmBCEZmpoAn0d2mosEhevNqtbdYEaV7QsQFjlGN8ZB * * :Q5RyK NICK GUqSpR66 PONG :7B532196 USER pyN4tVLUw705CTxc2BAJuV * * :d3WvenjZK9mrMR1P Registry Modifications * The newly created Registry Value is: o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + System = “C:Ppbn.exe” so that pbn.exe runs every time Windows starts Memory Modifications * There was aRead more...
204.15.252.199.icertified.net(botnet hosted in United States Henderson Trashy Media)
keshmoney.biz api.wipmania.com usakesh.biz heytherebitch.com these dns come from ngrbot exe to Remote Host Port Number 204.15.252.199 4042 NICK new[USA|XP|COMPUTERNAME]nrrkpsz USER hh “” “lol” :hh JOIN #chronic PONG 422 NICK new[USA|XP|COMPUTERNAME]hpfclbk USER y0 “” “lol” :y0 JOIN #usakesh PONG 422 UPDATE: PRIVMSG #boss :[HTTP]: Updated HTTP spread message to “haha, facebook photos? :p http://tinyurl.com/Pic-15-04-2011” JOIN #USRead more...
corp-200-105-228-106-uio.punto.net.ec(botnet hosted in Ecuador Quito Puntonet S.a)
Remote Host Port Number 200.105.228.106 8888 NICK inf444945 USER usrlsr 8 * : .: usrlsr :. JOIN #java PRIVMSG #java :GET / HTTP/1.0 Remote Host Port Number 200.105.228.106 8181 NICK bmi16146850 USER psdrman 8 * : .: psdrman :. JOIN #help PRIVMSG #help :Ready! File System Modifications * The following files were created in theRead more...
irc.chattir.com(botnet hosted in United States Fullerton Staminus Communications)
Remote Host Port Number 178.63.104.185 6667 72.20.56.35 6667 NICK ASLican USER acelya13 “SohbetCeLL” “178.63.104.185” :petek JOIN #Dos BoTisTaN MODE Babygirl_izmir +i MODE #Dos PRIVMSG #Dos :”CACA EHZEHBUGKERK, JA’DOF” R’AK JADL PRIVMSG #Dos :Coded By : tr0j3n PRIVMSG #Dos :Mode : mIRC USER isil “SohbetCeLL” “178.63.104.185” :^Perikizi^ MODE ASLican +i PRIVMSG #Dos : unning kca.exe NICKRead more...
178.63.104.185 (botnet hosted in Germany Hetzner Online Ag)
Remote Host Port Number 178.63.104.185 6667 NICK meral USER Bahar-ankara “SohbetCeLL” “178.63.104.185” :Begum23 JOIN #Dos BoTisTaN MODE meral +i MODE #Dos PRIVMSG #Dos :”CACA EHZEHBUGKERK, JA’DOF” R’AK JADL (tr0j3n) !q kapat (tr0j3n) !identclone kapat (tr0j3n) !identclone kapat Other details * The following ports were open in the system: Port Protocol Process 1053 TCP KCA.exe (%Windir%systemKCA.exe)Read more...
zg-17-12-a8.bta.net.cn(botnet hosted in China Beijing China Unicom Beijing Province Network)
Remote Host Port Number 202.108.17.12 5321 NICK n[USA][XP]966956 USER 7014 “” “lol” :7014 JOIN #faggotfuck PONG 422 Now talking in #faggotfuck Topic On: [ #faggotfuck ] [] Topic By: [ jsidfojdsiof ] Registry Modifications * The following Registry Keys were created: o HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices o HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServicesOnce o HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun o HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunOnce o HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunServices o HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunServicesOnce o HKEY_CURRENT_USERSoftwareMicrosoftWindowsRead more...