Month: May 2011

67.202.109.136(irc botnet hosted in United States Kansas City Steadfast Networks)

Uncategorized

Remote Host Port Number 67.202.109.136 6567 PASS s1m0n3t4 70.38.98.239 80 MODE [SI|USA|00|P|83237] -ix JOIN #feb# c1rc0dusoleil PRIVMSG #feb# :[Dl]: File download: 80.0KB to: c:WINDOWSjtu.exe @ 80.0KB/sec. PRIVMSG #feb# :[Dl]: Created process: “c:WINDOWSjtu.exe”, PID: PONG Apple2.Network NICK [SI|USA|00|P|83237] USER XP-8307 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/67.202.109.136

59.76.142.100(irc botnet hosted in China Lanzhou Lanzhou Resources & Envirsonment Voc-tech College)

Uncategorized

Remote Host Port Number 195.122.131.6 80 213.251.170.52 80 59.76.142.100 4042 PASS ngrBot NICK n{US|XPa}hbxapke USER hbxapke 0 0 :hbxapke JOIN #boss ngrBot PRIVMSG #boss :[MSN]: Updated MSN spread interval to “6” PRIVMSG #boss :[MSN]: Updated MSN spread message to “wow…haha!! http://is.gd/facebook_photos_07_05_2011” JOIN #US JOIN #new infos about hosting: http://whois.domaintools.com/59.76.142.100