Infos are from our anonymous friend http://www.exposedbotnets.com/2012/05/insomniaincorporatedhostinginfoinsomnia.html C&C Server: 46.166.162.130:1993 Server Password: Username: lvkkqub Nickname: n{DE|XPa}lvkkqub Channel: #ngrs (Password: scrt) Channeltopic: : Now talking in #ngrs Topic On: [ #ngrs ] [ ] Topic By: [ null ] Resolved : [dk1.zapto.org] To [109.169.61.117] dk1.zapto.org:6667 channel #bots owner of this is iDDoS@pie69 he’s using no-ip forRead more...
vps33.max-vps.net(Insomnia Bot hosted in France Ovh Systems)
Resolved : [vps33.max-vps.net] To 13[178.33.88.93] Clients: I have 570 clients and 0 servers Local users: Current Local Users: 570 Max: 1666 Global users: Current Global Users: 570 Max: 1345 IRC Server HOST, PORT: vps33.max-vps.net 8745 channel: #insomnia Insomnia exe: http://uppit.com/oovmmjteut38/irc.rar this is another contribution from anonymous guy all credits go to him Pass: infected hostingRead more...
87mb malware samples
This package contains irc bots,banking trojans,linux shells-bots,coin miners etc have fun exploring them Download Download
x0r.xxxisniperixxx.cn(ngrBot hosted in United States New York City Digital Ocean)
Resolved : [x0r.xxxisniperixxx.cn] To [69.55.55.149] Remote Host Port Number x0r.xxxisniperixxx.cn 51987 PASS Virus NICK VirUs-qkrcdlij. USER VirUs “” “vxs” : .8,1..8Coded .4By .8AhmedRamzey@Hotmail.Com Clients: I have 576 clients and 0 servers Local users: Current Local Users: 576 Max: 691 Global users: Current Global Users: 576 Max: 691 Join #Aryan hosting infos: http://whois.domaintools.com/69.55.55.149
q520qq.3322.org(Trojan Downloader hosted in China Beijing Chinanet Jiangsu Province Network)
Resolved : [q520qq.3322.org] To [58.215.133.238] Traffic – by TCP/IP Connections Country IP Port CN 58.215.133.238 7000 sample hosting infos: http://whois.domaintools.com/58.215.133.238
aaa1adasadasda444.net(Andromeda Bot hosted in Czech Republic Prague Casablanca Int)
Resolved : [aaa1adasadasda444.net] To [217.11.251.173] Traffic – by DNS 4 domain found Country Domain IP CZ aaa1adasadasda444.net 217.11.251.173 CZ aaa1kjsadhasiodo.com 217.11.251.173 CZ aaa1lilililili.com 217.11.251.173 CZ aaa1skjadsdaskld.net 217.11.251.173 Traffic – by URL 4 outbound URL connection found URL aaa1adasadasda444.net/admin/image.php aaa1kjsadhasiodo.com/admin/image.php aaa1lilililili.com/admin/image.php aaa1skjadsdaskld.net/admin/image.php Strings from executable: Processes: PID ParentPID User Path -------------------------------------------------- 3324 3144 xxxx-xxx:xxx C:WINDOWSsystem32wuauclt.exe Ports:Read more...
j.rania-style.com(ngrBot hosted in China Beijing Chinanet Hunan Province Network)
3 domains are used to control bots: j.rania-style.com active j.symtec.us not active j.idolmovies.com not active Resolved : [j.rania-style.com] To [175.6.1.159] Resolved : [j.rania-style.com] To [122.226.202.221] Resolved : [j.rania-style.com] To [117.21.224.29] Resolved : [j.rania-style.com] To [121.61.118.106] C&C server: j.rania-style.com:1888 j.rania-style.com:6971 Traffic – by DNS 14 domain found Country Domain IP US 113890url.displayadfeed.com 66.45.56.124 US myvideos.stream-free-movies-online.com 66.45.56.124Read more...