Month: November 2011

Remote Host Port Number 91.121.52.62 6667 NICK [USA-8741-XP] USER 2762911 “” “lol” :2762911 PONG :84BF2326 JOIN ##!sucka suckafree Local users: Current Local Users: 320 Max: 724 Global users: Current Global Users: 2069 Max: 3831 hosting infos: http://whois.domaintools.com/91.121.52.62

Remote Host Port Number 208.115.198.37 6668 NICK [NEW][USA]65327 USER [NEW][USA]65327 [NEW][USA]65327 [NEW][USA]65327 [NEW][USA]65327 JOIN #dream hosting infos: http://whois.domaintools.com/208.115.198.37

Also iStealer,Blackshades Bot,Fake Facebook message hosted inside exe file: http://2ca25ee4.whackyvidz.com hosting infos: http://whois.domaintools.com/188.72.205.35

45 malware samples in this package have fun reversing Download: http://0b0b84f6.tubeviral.com

Remote Host Port Number 199.15.234.7 80 70.34.196.90 1888 PASS strike NICK n{US|XPa}vihzehv USER vihzehv 0 0 :vihzehv JOIN #asdf strike JOIN #XP JOIN #US hosting infos: http://whois.domaintools.com/70.34.196.90

Resolved : [nooip.no-ip.org] To [69.65.19.116] Resolved : [nooip.no-ip.org] To [69.65.19.117] – TCP Connection Attempts: 69.65.19.116:81 69.65.19.117:81 exe file: http://b809236e.whackyvidz.com hosting infos: http://whois.domaintools.com/69.65.19.116

var $config = array(“server”=>”82.114.82.60”, “port”=>”5454”, “pass”=>””, “prefix”=>”chk-“, “maxrand”=>”4”, “chan”=>”#fuck”, “chan2″=>”#fuck”, “key”=>”ok”, “modes”=>”+p”, “password”=>”ok”, “trigger”=>”.”, “hostauth”=>”*” hosting infos: http://whois.domaintools.com/82.114.82.60

var $config = array(“server”=>”174.127.115.9”, “port”=>”2525”, “pass”=>””, “prefix”=>”RR|”, “maxrand”=>”8”, “chan”=>”#RR”, “chan2″=>””, “key”=>””, “modes”=>”+p”, “password”=>”pass”, “trigger”=>”.”, “hostauth”=>”*” Now talking in #RR Topic On: [ #RR ] [ 174.36.56.72 Room ! ] Topic By: [ DnsZ ] Modes On: [ #RR ] [ +nts ] hosting infos: http://whois.domaintools.com/174.127.115.9