zedhacker.no-ip.org:3460
irc.zief.pl
Resolved : [irc.zief.pl]To [61.160.232.116]Resolved : [irc.zief.pl]To [218.93.205.24]Resolved : [irc.zief.pl]To [221.5.74.39]
massive chinese botnets
Capability to block access to several security-related Web sites by modifying the hosts file.Communication with a remote IRC server.Modifies some system settings that may have negative impact on overall system security state.Installs a default debugger that is injected into the execution sequence of a target application. If a threat is installed as a default debugger,Read more...
servers.sinip.es (PI server)
– DNS Queries:servers.sinip.es– TCP Connection Attempts:87.217.110.10:1080
m.DRD3H.COM
m.DRD3H.COM 76.76.9.3* C&C Server: 76.76.9.3:6668* Server Password:* Username: wvehqmfyb* Nickname: Cbb-991238523* Channel: #dc (Password: dcpass)* Channeltopic: :xvvv asn1smbnt 100 0 0 -b -r -s
irc.highteq.de
* Connects to “irc.highteq.de” on port 6667 (TCP). * Connects to IRC server. * IRC: Uses nickname USA|027018. * IRC: Uses username xcjcok. * IRC: Joins channel #srvsearch with password fook. * IRC: Sets the usermode for user USA|027018 to +n+B. [ Process/window information ] * Creates a mutex N_rul0r. * Creates process “iexplorer.exe”. *Read more...
darkace.gotdns.com
NICK [lsass]-607449USER wxfjkzd 0 0 :[lsass]-607449USERHOST [lsass]-607449MODE [lsass]-607449 +BJOIN #lobbyNICK [lsass]-107136USER gxrpwkab 0 0 :[lsass]-107136USERHOST [lsass]-107136MODE [lsass]-107136 +BNICK [lsass]-223789USER nldxck 0 0 :[lsass]-223789USERHOST [lsass]-223789MODE [lsass]-223789 +B Remote Host Port Number darkace.gotdns.com 17001
206.51.231.148:6667
Interesting ports on 206.51.231.148:(The 1631 ports scanned but not shown below are in state: closed)PORT STATE SERVICE VERSION21/tcp open ftp ProFTPD 1.3.022/tcp open ssh OpenSSH 4.3p2 (protocol 2.0)69/tcp filtered tftp111/tcp filtered rpcbind135/tcp filtered msrpc137/tcp filtered netbios-ns138/tcp filtered netbios-dgm139/tcp filtered netbios-ssn194/tcp filtered irc445/tcp filtered microsoft-ds529/tcp filtered irc-serv593/tcp filtered http-rpc-epmap800/tcp filtered mdbs_daemon994/tcp filtered ircs1025/tcp filtered NFS-or-IIS1026/tcp filteredRead more...
Irc.expozed.gov
66.196.40.219 (6667)chanel #Owned topic=Zero is a homoChannels: 4 channels formedLocal users: Current Local Users: 20 Max: 201Global users: Current Global Users: 20 Max: 84