Author: Pig

Remote Host Port Numberj00000000.inluver.com 47221 00000000 | 5041 5353 206C 6574 6D65 696E 0D0A 4E49 | PASS letmein..NI00000010 | 434B 205B 4E30 305F 5553 415F 5850 5F39 | CK [N00_USA_XP_900000020 | 3832 3839 3536 5D18 E740 0D0A 5553 4552 | 828956]..@..USER00000030 | 2053 5032 2D36 3935 202A 2030 203A 434F | SP2-695 * 0 :CO00000040Read more...

irc.shkumbimi.net DNS_TYPE_A 122.183.243.48 1 122.183.243.48:12351 Nick: `iuxauoeUsername: `iuxauoeJoined Channel: #.serve with Password krChannel Topic for Channel #.serve: “`adv.start lsass 100 5 0 -r -b -s |`sniff.on -s |`adv.start lsass 75 5 0 114.51.x.x -r -s” Registry Modifications * The following Registry Keys were created: o HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices o HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce o HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunOnce * The newly created RegistryRead more...

irc.gizemdolu.net 95.168.170.114i3ED6DCB3.versanet.de 62.214.220.179Opened listening TCP connection on port: 113 * C&C Server: 95.168.170.114:6667 * Server Password: * Username: Perihan881 * Nickname: Cansu-66 * Channel: #X (Password: s1k1k) * Channeltopic: irc.gizemdolu.net 95.168.170.114 * C&C Server: 95.168.170.114:6667 * Server Password: * Username: XP-8319 * Nickname: [DEU|00|P|37213] * Channel: #imbot (Password: test) * Channeltopic: : Registry Changes byRead more...

irc.reserstyle.net 208.98.34.150 * C&C Server: 208.98.34.150:6667 * Server Password: * Username: cfdvpakl * Nickname: L2-j|[[ * Channel: #diablocrewsc (Password: diablo) * Channeltopic: Registry Changes by all processesCreate or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Windows System” = C:ProgrammeGemeinsame DateienSystemsystem.exeHKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “C:ProgrammeGemeinsame DateienSystemsystem.exe” = C:ProgrammeGemeinsame DateienSystemsystem.exe:*:Enabled:Windows SystemReads HKEY_LOCAL_MACHINESYSTEMWPAMediaCenter “Installed”HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcSecurityService “DefaultAuthLevel”Enums File Changes by all processesNew Files C:ProgrammeGemeinsame DateienSystemsystem.exeC:ProgrammeGemeinsame DateienSystemsystem.exeDeviceRasAcdOpened FilesRead more...

NICK [00|USA|587663]USER XP-3162 * 0 :COMPUTERNAMEMODE [00|USA|587663] -ixJOIN #test.bMODE #test.b -ix Other details * To mark the presence in the system, the following Mutex object was created: o aS3V6Nu * The following port was open in the system: Port Protocol Process1036 TCP service.exe (%Windir%service.exe) * The following Host Name was requested from a host database:Read more...

Remote Host Port Number 174.37.240.240 1995 66.252.5.60 6161 NICK XPJnl3Q USER laMer “” “gt10.smo7he.com” : You Think i aughty USERHOST XPJnl3Q JOIN #kwt-team #191# MODE #kwt-team hosting infos: http://whois.domaintools.com/66.252.5.60

labfixer.mamadody.mobi 66.252.13.204Opened listening TCP connection on port: 113 * C&C Server: 66.252.13.204:15656 * Server Password: * Username: laMer * Nickname: XP|ibzcwN * Channel: (Password: ) * Channeltopic: * C&C Server: 66.252.13.204:15656 * Server Password: * Username: laMer * Nickname: :XPDzsU49 * Channel: #tcp# (Password: d0s) * Channeltopic: :!clear Registry Changes by all processesCreate or OpenRead more...

Remote Host Port Number194.109.20.90 6664bircd.w0rms.ro 200869.16.172.40 666869.16.172.40 7000 NICK jonasgUSER truman “” “194.109.20.90” :minedUSERHOST nickPART channelUSER truman “” “bircd.w0rms.ro” :minedSILENCE +*!*@*,~*!*@*undernet.orgMODE jonasg +iwxNICK soowonaUSER tandy “” “194.109.20.90” :alexUSER tandy “” “bircd.w0rms.ro” :alexMODE soowona +iwxMODE nick +iwxUSER tandy “” “69.16.172.40” :alex * There was application-defined hook procedure installed into the hook chain (e.g. to monitor keystrokes).Read more...

Remote Host Port Numberirc.seslichat5.com 6664 NICK USA|80748USER qyleek 0 0 :USA|80748USERHOST USA|80748MODE USA|80748 -xJOIN #zxc zxcNICK USA|75655USER snzef 0 0 :USA|75655USERHOST USA|75655MODE USA|75655 -xNICK USA|15845USER nbhjmi 0 0 :USA|15845USERHOST USA|15845MODE USA|15845 -xNICK USA|12043USER glhnnaw 0 0 :USA|12043USERHOST USA|12043MODE USA|12043 -xNICK USA|76159USER opqoge 0 0 :USA|76159USERHOST USA|76159MODE USA|76159 -x Other details * To mark the presenceRead more...

Remote Host Port Numberxdcc.h4ck.biz 53381 NICK UteetorUSER Uteetor Esmyia 127.0.0.1 :OsulusJOIN #mic#privmsg #mic# New install..NICK AlamUSER Alam Erosas 127.0.0.1 :AsernerNICK BisolfrUSER Bisolfr Edesim 127.0.0.1 :Frimsed * The following ports were open in the system: Port Protocol Process1033 TCP tcpipx.exe (%Windir%tcpipx.exe)1034 TCP tcpipx.exe (%Windir%tcpipx.exe)1035 TCP tcpipx.exe (%Windir%tcpipx.exe) * The following Host Name was requested from aRead more...