Author: Pig

Remote Host Port Number 112.78.112.208 80 208.53.183.113 80 208.53.183.92 80 218.85.133.201 80 74.63.78.27 80 91.212.127.147 80 204.45.85.210 57221 ircd here 204.45.85.218 57221 ircd here 65.55.92.152 25 76.73.36.42 8800 * The data identified by the following URLs was then requested from the remote web server: o http://www.nippon.to/cgi-bin/prxjdg.cgi o http://208.53.183.113/nbf.exe o http://208.53.183.92/usa.exe o http://208.53.183.92/zalz.exe o http://www.cooleasy.com/cgi-bin/prxjdg.cgi oRead more...

Remote Host Port Number 69.42.218.75 8878 USER rmivvghu rmivvghu rmivvghu :tqidsjkg NICK eCTKvLpor MODE eCTKvLpor +xi JOIN #maxi USERHOST eCTKvLpor MODE #maxi +smntu PONG :lols.nope.com Now talking in #maxi Topic On: [ #maxi ] [ =iSPD1SfJVIXS78hku1th2mVmfzMNV0S9vmziKgN8rsXvuchJAAboS1N6d+47GpGRbqNA1Rp5AetxCSFjRLWzVXl+QjkC2RRdv96+K+EeYItTv79hc1MOogFKpvVJaySVa6r7iVsXVKg5yrYAuvJnyLsyg6jDPOI9j1mVNgaT/5a69YtxDR1VP8QeyGS7W3DUZWZwMg1VCaKDreE1KD2kxbZ ] Topic By: [ dbbab ]

Remote Host Port Number 92.241.174.61 6667 NICK {XPUSA345887} JOIN #hack PONG irc.hackers.gov USER COMPUTERNAME * 0 :COMPUTERNAME MODE {XPUSA345887} +ix Registry Modifications * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Windows Services = “servis.exe” so that servis.exe runs every time Windows starts o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + Windows Update = “%Temp%service2.exe” Memory Modifications * ThereRead more...

Remote Host Port Number r0x.botsgod.info 4949 Resolved : [r0x.botsgod.info] To [92.243.28.194] Resolved : [r0x.botsgod.info] To [217.70.188.30] Resolved : [r0x.botsgod.info] To [95.142.163.184] PASS VrX NICK [USA][XP-SP2]644230 USER VirUs “” “lol” :My_Name_iS_PIG_and_Iam_A_GaY1854 JOIN #r0x# VrX NICK {NOVA}[USA][XP-SP2]733340 USER VirUs “” “lol” :My_Name_iS_PIG_and_Iam_A_GaY8868 NICK [USA][XP-SP2]350911 USER VirUs “” “lol” :My_Name_iS_PIG_and_Iam_A_GaY0505 * To mark the presence in the system,Read more...

Remote Host Port Number 184.73.209.168 80 204.0.5.41 80 204.0.5.42 80 204.0.5.48 80 204.0.5.51 80 204.0.5.58 80 204.0.5.59 80 208.43.117.134 80 216.178.38.168 80 63.135.80.58 80 202.157.176.20 1234 PASS xxx JOIN #!nn! test MODE NEW-[USA|00|P|50950] -ix PONG 22 MOTD PONG get.lost NICK NEW-[USA|00|P|50950] USER XP-8403 * 0 :COMPUTERNAME Now talking in #!nn! Topic On: [ #!nn! ]Read more...

Remote Host Port Number 184.73.209.168 80 204.0.5.41 80 204.0.5.42 80 204.0.5.48 80 204.0.5.51 80 204.0.5.57 80 204.0.5.58 80 204.0.5.59 80 208.71.125.131 80 216.178.38.168 80 66.225.241.182 2345 PASS xxx NICK NEW-[USA|00|P|78655] USER XP-9188 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|78655] -ix JOIN #!gf! test PONG 22 MOTD Now talking in #!gf! Topic On: [ #!gf! ] [ .m.s|.m.eRead more...

Resolved : [login.ipwhois.co.uk] To [195.3.145.182] NICK {XPUSA528985} USER COMPUTERNAME * 0 :COMPUTERNAME * To mark the presence in the system, the following Mutex object was created: o adsaxf * The following port was open in the system: Port Protocol Process 1034 TCP servicese.exe (%Temp%servicese.exe) * The following Host Name was requested from a host database:Read more...

Remote Host Port Number 112.78.112.208 80 195.2.252.21 80 204.45.118.250 80 204.45.121.50 80 218.85.133.201 80 123.0.41.218 3128 24.63.206.135 3128 62.103.174.192 3128 82.38.141.57 3128 204.45.85.218 57221 PASS laorosr 209.90.137.223 1199 USER SP2-743 * 0 :COMPUTERNAME MODE #! -ix MODE #Ma -ix MODE [N00_USA_XP_7728388] @ -ix MODE #dpi -ix 00000000 | 5041 5353 206C 616F 726F 7372 0D0ARead more...

formosa.notengodominio.com 184.106.215.31 C&C Server: 184.106.215.31:6667 Server Password: Username: DELL-D3E62F7E26 Nickname: {XPDEU494207} Channel: ##fuds9## (Password: ) Channeltopic: C&C Server: 184.106.215.31:6667 Server Password: Username: DELL-D3E62F7E26 Nickname: {XPDEU485738} Channel: ##fuds9## (Password: ) Channeltopic: Registry Changes by all processes Create or Open Changes HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Windows Update” = C:DOKUME~1ADMINI~1LOKALE~1Tempservice.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Windows Services” = service.exe HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Windows Update” = C:DOKUME~1ADMINI~1LOKALE~1Tempservice.exe ReadsRead more...

Remote Host Port Number ate.lacoctelera.net 1034 Other details * To mark the presence in the system, the following Mutex objects were created: o Micro Upe o oleacc-msaa-loaded o _!SHMSFTHISTORY!_ * The following Host Names were requested from a host database: o astro.ic.ac.uk o ale.pakibili.com o versatek.com o journalofaccountancy.com o transnationale.org o mas.0730ip.com o bejsis.com oRead more...