Resolved ad.amneplay.com to 146.185.246.36, 146.185.246.131 Server: ad.amneplay.com Gate file: /ad/pops/gate.php Alternate domains (same gate path) ad.tool2ago.com ad.sobhanik.com ad.kbirbsghir.com ad.masisyarb.com ad.kosifikon.com Hosting infos: http://whois.domaintools.com/146.185.246.36 http://whois.domaintools.com/146.185.246.131
oneproxifier.com (Reverse proxy malware hosted by ecatel.net)
Resolved w7bren.oneproxifier.com to 93.174.93.39, 89.248.174.42, 89.248.172.58, 93.174.93.204 Resolved extradq.oneproxifier.com to 94.102.49.207, 80.82.70.232 Here are two samples of what appears to be reverse proxy malware. It connects back to the indicated servers and maintains a connection, waiting to relay connections through the infected computer. It appears to only use windows servers for the back connect software.Read more...
in.thegamejuststarted10.com (Insomnia irc botnet hosted by China Dongguan Shenzhenshiluohuquhepingluyifengguangchangczuo32h)
Resolved in.thegamejuststarted10.com to 121.12.123.139 SSL is required to connect to this server. You will also need to accept invalid/self generated certificates. Server: in.thegamejuststarted10.com Port: 2020 Server password: hax0r Channel: #in * Topic for #in is: eEtqRXBzV2l4S2pFcThTNXhLVEVxOFM2eEtURXE4Uzd4S1RFcThTOHhLVEVxOFM5eEtURXE4Uyt4YlE9fDIyMjkzMjY0 * Topic for #in set by smart93 at Sun Dec 25 13:30:39 2011 All bots are also autojoinedRead more...
178.86.13.96(ngrBot hosted in Ukraine Odessa Tehnologii Budushego Llc)
Server: 178.86.13.96:1865Server Password:Username: ecwtldeNickname: n{DE|XPa}ecwtldeChannel: #main (Password: 4m3r1k4)Channeltopic: :.m on .mdns hxxp://wings.cl/images/qwerty.txt .up hxxp://www.negociosnr.com/galeria/020113.exe a1f343ffdb43dcde6054dba891a214c4 hosting infos: http://whois.domaintools.com/178.86.13.96