dns.aswend.com DNS_TYPE_A 70.107.249.167 70.107.249.167:7000 Nick: FL945610713002 Username: jtwwskrskekm Joined Channel: #GL with Password .x. Channel Topic for Channel #GL: “.advscan asn1smbnt 100 5 0 -b -r -s” Now talking in #GL Topic On: [ #GL ] [ .advscan asn1http 100 5 0 -b -r -s ] Topic By: [ ER ] Modes On: [ #GLRead more...
server95527.santrex.net(botnet hosted in Germany Berlin Netdirekt E.k)
Remote Host Port Number 212.95.32.241 6667 NICK {XPUSA900275} MODE {XPUSA900275} -ix JOIN ##spam## PONG irc.priv8net.com USER COMPUTERNAME * 0 :COMPUTERNAME NICK {XPUSA60072} Now talking in ##security-check## Topic On: [ ##security-check## ] [ .part ##security-check## ] Topic By: [ Z-3R0 ] infos about hosting: http://whois.domaintools.com/212.95.32.241
64.202.107.28( botnet hosted in United States Chicago Hostforweb Inc)
Remote Host Port Number 64.202.107.28 6667 NICK SoPro{USA-XP}378825 USER 3788 “” “SoPro” :3788 PONG :7153F3C2 JOIN #oGG wiggernet PRIVMSG #oGG : 9Main 9>>-
nokia2mon2.markaz-royal.net(shellbooter hosted in Saudi Arabia Riyadh Dsl Home Subscribers_dynamic Ips)
Remote Host Port Number 77.30.55.134 3086 Other details * The following port was open in the system: Port Protocol Process 1051 TCP svchost.exe (%AppData%Microsoftsvchost.exe) Registry Modifications * The following Registry Key was created: o HKEY_CURRENT_USERSoftwareeeptfs2 * The newly created Registry Values are: o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + Startup = “%AppData%Microsoftsvchost.exe” so that svchost.exe runs every time WindowsRead more...
websiteex.com(botnet hosted in United States Chicago Hostforweb Inc)
Remote Host Port Number 174.37.200.82 80 63.135.80.224 80 63.135.80.46 80 66.220.147.11 80 96.17.164.187 80 64.202.102.10 1234 PASS xxx MODE NEW-[USA|00|P|42884] -ix JOIN #!nn! test PONG 22 MOTD NICK NEW-[USA|00|P|42884] USER XP-9086 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/64.202.102.10
mx207.BLOGSHOTS.ORG(botnet hosted in United States Chicago Hostforweb Inc)
Remote Host Port Number 174.37.200.82 80 208.50.81.160 80 216.178.39.11 80 63.135.80.224 80 66.220.149.32 80 205.234.144.207 1234 PASS xxx MODE NEW-[USA|00|P|75060] -ix JOIN #!nn! test PONG 22 MOTD NICK NEW-[USA|00|P|75060] USER XP-9002 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/205.234.144.207
cancanmt2.no-ip.biz(RAT hosted in Turkey Antalya Tt Adsl-ttnet-ulus-static)
cancanmt2.no-ip.biz: type A, class IN, addr 95.9.90.39 Dest Port:100 Summary Creates temporary files Queries a list of all running processes Performs DNS lookups Enables debug privileges Creates files inside the system directory Loads the internet automation component (ieframe.dll) Creates an autostart registry key Checks for debuggers (Devices) Creates a thread in another existing process (threadRead more...
nnnnnnnn.schooluni.us(botnet hosted in China Zhengzhou China Unicom Henan Province Network)
Remote Host Port Number 112.78.112.208 80 218.85.133.201 80 61.158.145.4 7963 PASS laorosr MODE [N00_USA_XP_9462150] @ -ix 00000000 | 5041 5353 206C 616F 726F 7372 0D0A 5052 | PASS laorosr..PR 00000010 | 5256 4D53 4720 5B4E 3030 5F55 5341 5F58 | RVMSG [N00_USA_X 00000020 | 505F 3934 3632 BCB9 4020 3A20 5261 6E64 | P_9462..@ :Read more...
dq.javagames7.com(bfbot hosted in United States Dallas Theplanet.com Internet Services Inc)
dq.javagames7.com DNS_TYPE_A 174.122.138.154 174.122.138.162 174.122.138.170 174.121.62.122 port 8800 protocol udp more here: http://anubis.iseclab.org/?action=result&task_id=1172d6621b4499af45d7f3e443a358a78&format=html infos about hosting: http://whois.domaintools.com/174.122.138.154
server2.vip-connect.com(botnet hosted in United States Alexandria Shetab)
Remote Host Port Number 174.37.200.82 80 216.178.39.11 80 63.135.80.224 80 64.208.241.27 80 66.220.149.32 80 204.15.192.250 1234 PASS xxx NICK NEW-[USA|00|P|50950] USER XP-8403 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|50950] -ix JOIN #!nn! test PONG 22 MOTD infos about hosting: http://whois.domaintools.com/204.15.192.250