Remote Host Port Number 213.251.170.52 80 91.211.117.153 80 91.211.117.155 1865 PASS ngrBot NICK n{US|XPa}rwslldg USER rwslldg 0 0 :rwslldg JOIN #main 4m3r1k4 QUIT :rebooting * The data identified by the following URLs was then requested from the remote web server: o http://api.wipmania.com/ o http://91.211.117.153/070711.exe hosting infos: http://whois.domaintools.com/91.211.117.155
92.241.164.229(ngrBot hosted in Russian Federation Oao Webalta)
Remote Host Port Number 199.15.234.7 80 92.241.164.229 7654 PASS ngrBot NICK n{US|XPa}iyhylyn USER iyhylyn 0 0 :iyhylyn JOIN #oldgold noKIDs JOIN #US hosting infos: http://whois.domaintools.com/92.241.164.229
24mb malware samples
ngrBot,spyeye,zeus,ransomware and more malware samples inside this package Download: http://adf.ly/21FL5
goim.hoodrich.ru(ngrBot hosted in United States South Lake Tahoe Reliablehosting.com – Network Services)
Remote Host Port Number goim.hoodrich.ru 4042 PASS google_cache2.tmp NICK [USA|XP]698545 USER 6985 “” “TsGh” :6985 JOIN #newbiz# abc NICK n[USA|XP]576351 USER 5763 “” “TsGh” :5763 NICK [USA|XP]626543 USER 6265 “” “TsGh” :6265 hosting infos: http://whois.domaintools.com/216.131.127.13
gangbang.angels-agency.nl(large botnet linux bots hosted in China Anhui Chinanet Anhui Province Network)
Resolved : [gangbang.angels-agency.nl] To [223.244.227.2] Resolved : [gangbang.angels-agency.nl] To [117.211.84.155] UPDATE: Resolved : [ gangbang.angels-agency.nl ] To [ 78.47.59.194 ] Resolved : [ gangbang.angels-agency.nl ] To [ 223.244.227.2 ] Resolved : [ gangbang.angels-agency.nl ] To [ 117.211.84.155 ] var $config = array(“server”=>”gangbang.angels-agency.nl”, “port”=>”25343”, “pass”=>””, “maxrand”=>”1”, “chan”=>”#wWw#”, “chan2″=>”#wWw#”, “key”=>”scan”, “modes”=>”+p”, “password”=>”41aa15390e2efa34ac693c3bd7cb8e88”,//p0w3r “trigger”=>”.”, “hostauth”=>”0wn3d.3u” hosting infos: http://whois.domaintools.com/223.244.227.2
www.chatcity2011.net(irc botnet hosted in Turkey Radore Hosting Telekomunikasyon Hizmetleri San. Ve Tic. Ltd. Sti)
Resolved : [www.chatcity2011.net] To [176.53.19.44] Resolved : [www.chatcity2011.net] To [176.53.19.45] Remote Host Port Number 176.53.19.44 81 irc here 213.131.252.251 80 74.206.242.164 80 NICK [N00_USA_XP_2228330] PRIVMSG [N00_USA_XP_2228 @ :scan; Trying to get external IP. USER SP2-988 * 0 :COMPUTERNAME @ :scan; Sequential Port Scan started on 174.133.89.0:445 with a delay of 5 seconds for 0 minutesRead more...
212.58.8.78(irc botnet hosted in Turkey Istanbul Doruk Iletisim Ve Otomasyon Sanayi Ve Ticaret A.s)
Remote Host Port Number 212.58.8.78 4244 NICK new[iRooT-XP-USA]296933 USER 3378 “” “TsGh” :3378 PONG :6DFC6C82 JOIN #!bt!# sk1 hosting infos: http://whois.domaintools.com/212.58.8.78
85.17.180.218(irc botnet hosted in Netherlands Amsterdam Leaseweb B.v)
Remote Host Port Number 85.17.180.218 7775 NICK {XPUSA338226} PONG irc.foonet.com USER COMPUTERNAME * 0 :COMPUTERNAME MODE {XPUSA338226} -ix JOIN #karakirli MODE #karakirli -ix UPDATE: NICK n{Ganja-USA|XP}011539 PRIVMSG #c :http://www.r0kettube.com/kategori/Fantazi-Porno Has Been Visited! USER 0115 “” “TsGh” :0115 JOIN #o3 PRIVMSG #d :http://www.r0kettube.com/kategori/Hemsire-Porno Has Been Visited! JOIN #a,#b,#c,#d,#e,#f,#g,#h,# ,#j,#k,#l (null) PRIVMSG #e :http://r0kettube.com/eski-porno-filmi.html Has Been Visited!Read more...
74.117.56.213(irc botnet hosted in United States Union City Psychz Networks)
Remote Host Port Number 74.117.56.213 2319 PASS charm@nte! NICK [NEW][USA]COMPUTERNAME|49470 USER [NEW][USA]COMPUTERNAME|49470 [NEW][USA]COMPUTERNAME|49470 [NEW][USA]COMPUTERNAME|49470 [NEW][USA]COMPUTERNAME|49470 JOIN ##WAREZ## charm@nte~!~ PONG :ur.now.afraid.org hosting infos: http://whois.domaintools.com/74.117.56.213
116.126.143.141(ngrBot hosted in Korea, Republic Of Seoul Hanaro Telecom)
Remote Host Port Number 116.126.143.141 3922 PASS 441 213.251.170.52 80 50.22.66.188 80 NICK n{US|XPa}kttdoir USER kttdoir 0 0 :kttdoir JOIN #alfa … PRIVMSG #alfa :[DNS]: Blocked 1259 domain(s) – Redirected 0 domain(s) hosting infos: http://whois.domaintools.com/116.126.143.141