Author: Pig

64.120.14.52

Uncategorized

Remote Host Port Number 64.120.14.52 27034 PASS sextsex MODE #!!pp!!# +ix NICK [00|USA|765097] USER XP-4182 * 0 :COMPUTERNAME MODE [00|USA|765097] +ix JOIN #!!pp!!# sextsex Other details * The following port was open in the system: Port Protocol Process 1052 TCP tub3tex.exe.exe (%Windir%tub3tex.exe.exe) Registry Modifications * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + JavaRead more...

62.193.242.95

Uncategorized

Remote Host Port Number 62.193.242.95 8080 NICK [New|OutBreak|USA|XP|026717] PONG 22 MOTD USER [New|OutBreak|USA|XP|026717] * 0 :(null) MODE [New|OutBreak|USA|XP|026717] +iR JOIN #out PRIVMSG #out :[OutBreak]: 08New * The following port was open in the system: Port Protocol Process 1056 TCP iexplore.exe (%Windir%iexplore.exe) Registry Modifications * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + iexplore.exe =Read more...

java.KUTLUFAMILY.COM

Uncategorized

java.KUTLUFAMILY.COM 66.90.113.196 membres.lycos.fr membres.lycos.fr 213.131.252.251 membres.multimania.fr membres.multimania.fr 213.131.252.251 proxyworld.ifrance.com proxyworld.ifrance.com 82.196.5.79 Download URLs http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://82.196.5.79/azenv.php (proxyworld.ifrance.com) * C&C Server: 66.90.113.196:81 * Server Password: * Username: SP3-536 * Nickname: [N00_DEU_XP_9471050]ˆð@ * Channel: (Password: ) * Channeltopic: * C&C Server: 66.90.113.196:80 * Server Password:Read more...

onlinecentralstore.com

Uncategorized

onlinecentralstore.com onlinecentralstore.com 193.105.0.60 76.191.104.55 76.191.104.55 Opened listening TCP connection on port: 28976 Opened listening TCP connection on port: 37660 Download URLs http://193.105.0.60/pemperem.bin (onlinecentralstore.com) http://193.105.0.60/pemperem.bin (onlinecentralstore.com) http://193.105.0.60/ononnono.exe (onlinecentralstore.com) Outgoing connection to remote server: onlinecentralstore.com TCP port 80 Outgoing connection to remote server: onlinecentralstore.com TCP port 80 Outgoing connection to remote server: 76.191.104.55 TCP port 443 OutgoingRead more...

mindleak.com(detox bot)

Uncategorized

mindleak.com 0xff.memzero.info 0x80.online-software.org 0x80.goingformars.com 0x80.martiansong.com 0x80.my1x1.com /server 194.109.11.65 6556 channel: #9#, #raw #exploit detox bot

mot.thand.su

Uncategorized

mot.thand.su 69.42.218.72 fr.thand.su fr.thand.su 67.214.175.92 www.cship.info www.cship.info 87.98.247.2 Download URLs http://67.214.175.92/ (fr.thand.su) http://67.214.175.92/ (fr.thand.su) http://67.214.175.92/ (fr.thand.su) http://87.98.247.2/azenv.php (www.cship.info) http://87.98.247.2/azenv.php (www.cship.info) http://87.98.247.2/azenv.php (www.cship.info) http://87.98.247.2/azenv.php (www.cship.info) * C&C Server: 69.42.218.72:1863 * Server Password: * Username: SP3-082 * Nickname: [N00_DEU_XP_8844899]_CHAR(0x18)_á@ * Channel: (Password: ) * Channeltopic: * C&C Server: 69.42.218.72:1863 * Server Password: * Username: SP3-582 * Nickname:Read more...

grummerhens.net

Uncategorized

grummerhens.net grummerhens.net 66.96.219.101 Opened listening TCP connection on port: 21366 Download URLs http://66.96.219.101/13/cc.bin (grummerhens.net) Outgoing connection to remote server: grummerhens.net TCP port 80 Outgoing connection to remote server: grummerhens.net TCP port 80 Outgoing connection to remote server: grummerhens.net TCP port 80 Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon “userinit” = C:WINDOWSsystem32userinit.exe,C:WINDOWSsystem32sdra64.exe,Read more...

95.154.216.63

Uncategorized

Remote Host Port Number 95.154.216.63 3211 NICK XP5e7Y3 USER Mazyon_1z7 “” “” : 14Don`t 14Abuse 14Power JOIN #g xpass MODE #G PRIVMSG XP5e7Y3 : PING 1264507340 Registry Modifications * The following Registry Keys were created: o HKEY_LOCAL_MACHINESOFTWAREClasses.cha o HKEY_LOCAL_MACHINESOFTWAREClasses.chat o HKEY_LOCAL_MACHINESOFTWAREClassesChatFile o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileDefaultIcon o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileShell o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileShellopen o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileShellopencommand o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileShellopenddeexec o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileShellopenddeexecApplication o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileShellopenddeexecifexecRead more...

92.243.19.221(10k bots)

Uncategorized

Remote Host Port Number 92.243.19.221 16667 NICK [USA]XP-SP2[00]1154 USER qhvb 0 0 : JOIN #l# lam 2k bots inside USERHOST [USA]XP-SP2[00]1154 MODE [USA]XP-SP2[00]1154 -x+i PONG :MBoY.Org Invisible Users: 6556 Channels: 19 channels formed Clients: I have 6557 clients and 0 servers Local users: Current Local Users: 6557 Max: 13429 Global users: Current Global Users: 6557Read more...

ju.backup-host.ru(45k bots)

Uncategorized

193.104.27.98 193.104.27.98 UDP Connections Remote IP Address: 127.0.0.1 Port: 1036 Send Datagram: 9 packet(s) of size 1 Recv Datagram: 9 packet(s) of size 1 Download URLs http://193.104.27.98/2krn.bin (193.104.27.98) Outgoing connection to remote server: 193.104.27.98 TCP port 80 DNS Lookup Host Name IP Address dell-d3e62f7e26 10.1.10.2 10.1.10.1 10.1.10.1 wpad 193.104.27.98 193.104.27.98 193.104.27.107 193.104.27.107 Opened listening TCPRead more...