Author: Pig

46.165.209.181(ngrBot hosted in Germany Frankfurt Am Main Leaseweb Germany Gmb)h

By Pig, January 17, 2013
Uncategorized

Server:46.165.209.181:1887 Server:95.211.211.69:1887 Now talking in #pool Topic On: [ #pool ] [ ~pu hxxp://www.sendspace.com/pro/dl/cbl9jc 0dd3c01bdc07bd74c7eb7d76488f7858 -r ] Topic By: [ google ] Modes On: [ #pool ] [ +smntMu ] Traffic – by DNS samples downloaded by this exe www.sendspace.com/pro/dl/cbl9jc fs01n4.sendspace.com/dlpro/c39fbffebf805aebb814397028790f8f/50f839ec/cbl9jc/apocalipss.exe www.sendspace.com/pro/dl/je1b2n fs01n4.sendspace.com/dlpro/65e23174885e70f50c60165a549e2504/50f839f1/je1b2n/afgh.exe www.sendspace.com/pro/dl/qdzubq fs01n4.sendspace.com/dlpro/69390ccaa0039b65a93bd54175c25dba/50f839f5/qdzubq/fdgd.exe www.sendspace.com/pro/dl/xvmvkvfs07n1.sendspace.com/dlpro/145b6e78853ec6d5b05678662487d679/50f974d7/xvmvkv/acuavit.exewww.sendspace.com/pro/dl/fea2gpfs07n2.sendspace.com/dlpro/3adeaf41953e34a07a8d6839d41e0ed3/50f974db/fea2gp/adgf.exewww.sendspace.com/pro/dl/qesvuufs07n5.sendspace.com/dlpro/d0e84ae45337f129391c5db17d00aa2f/50f974df/qesvuu/hkjgf.exe hosting infos: http://whois.domaintools.com/46.165.209.181

tassweq.com(ngrBot hosted in United States West Chester Privatesystems Networks Ca)

By Pig, January 15, 2013
Uncategorized

There is no sample so i cant post channels u can see if u can find channels your self Resolved : [tassweq.com] To [67.222.19.155] Resolved : [zerx-virus.biz] To [67.222.19.155] Server: tassweq.com:7000 PASS trb123trb NICK ydgchu USER rqqlrc “” “ooq” :rqqlrc UPDATE: Server: zerx-virus.biz :4040 PASS trb123trb Server: tassweq.com :4040 PASS trb123trb  67.222.19.155:4040 Nick: n{US|XPa}radwklw Username:Read more...

sixdollarads.com(SpyEye hosted in United States Dallas Theplanet.com Internet Services Inc.)

By Pig, January 4, 2013
Uncategorized

Resolved : [sixdollarads.com] To [174.132.190.220] SpyEye Panel:http://sixdollarads.com/vc/cp/maincp/ Bins: hxxp://sixdollarads.com/vc/cp/maincp/bin/0.1.exe hxxp://sixdollarads.com/vc/cp/maincp/bin/1.0.exe hxxp://sixdollarads.com/vc/cp/maincp/bin/config.bin hxxp://sixdollarads.com/vc/cp/maincp/bin/sys.exe hxxp://sixdollarads.com/vc/cp/maincp/bin/upload/sys.exe hxxp://sixdollarads.com/vc/cp/maincp/bin/upload/Photo345.jpg.scr hosting infos: http://whois.domaintools.com/174.132.190.220

updates211.zapto.org(Pony hosted in United States Port Richey Private Customer – Verizon Internet Services Inc.)

By Pig, January 4, 2013
Uncategorized

Pony Gate :updates211.zapto.org/pony/gate.php Pony Admin:http://updates211.zapto.org/pony/admin.php Setup file is inside:http://updates211.zapto.org/pony/setup.php Here u can see Pony files and folders:http://updates211.zapto.org/pony/ Pony sample:hxxp://updates211.zapto.org/update211.exe hosting infos: http://whois.domaintools.com/96.254.171.6

84mb samples

By Pig, December 29, 2012
Uncategorized

Another package around 84mb full of banking trojan samples, irc bots ,exploit packs etc have fun and remember only for analysis Source Source

95.58.254.79(Pony hosted in Kazakhstan Almaty Jsc Kazakhtelecom)

By Pig, December 26, 2012
Uncategorized

Pony Gate:95.58.254.79/p/gate.php Pony admin login:http://95.58.254.79/p/admin.php Pony-legit-packed s.exe inside pony package is Autoiframer Bot, Version 1.0 here some strings from the sample: File: ZR1.exe Size: 193552 Bytes MD5: A889A2ADAFEFF5A16AFF93DD668B763C Packer: File not found C:peid.exe File Properties: CompanyName FileDescription FileVersion InternalName LegalCopyright OriginalFilename ProductName ProductVersion Exploit Signatures: --------------------------------------------------------------------------- Scanning for 19 signatures Scan Complete: 212Kb in 0,016Read more...