my $server = “200.75.12.211”; my $port = “7029”; my $nick = “kokoreh”.(int(rand(99))); my $chan = “#dollar”; my $admin = “byz9991”; Current Local Users: 68 Max: 452 Current Global Users: 68 Max: 577 infos about hosting: http://whois.domaintools.com/200.75.12.211
shkodra.rr.nu(linux bots hosted in United States Scranton Network Operations Center Inc)
$servidor=’shkodra.rr.nu’ unless $servidor; my $porta=’6667′; my @canais=(“#al#”); my @adms=(“PrEdAtOr”); There are 1 users and 222 invisible on 1 servers 1 operator(s) online 7 channels formed I have 223 clients and 0 servers – Current Local Users: 223 Max: 561 Current Global Users: 223 Max: 561 infos about hosting: http://whois.domaintools.com/64.120.164.197
213.229.107.27(botnet hosted in United Kingdom Canonical Range For Bs2-hp1-le)
Remote Host Port Number 213.229.107.27 2345 PASS xxx 213.229.107.27 1234 PASS xxx 216.178.38.224 80 216.178.39.11 80 64.208.241.41 80 MODE NEW-[USA|00|P|31622] -ix JOIN #!gf! test PONG 22 MOTD NICK NEW-[USA|00|P|31622] USER XP-0160 * 0 :COMPUTERNAME UPDATE: NICK NEW-[USA|00|P|94381] USER XP-5513 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|94381] -ix JOIN #!nn! test PONG 22 MOTD Note: Capability to manipulateRead more...
178.239.57.79(botnet hosted in United Kingdom Xsserver-eu)
Remote Host Port Number 178.239.57.79 6567 PASS s1m0n3t4 MODE [SI|USA|00|P|63543] -ix JOIN #tir# c1rc0dusoleil PONG Apple2.Network NICK [SI|USA|00|P|63543] USER XP-8770 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/178.239.57.79
74.117.174.4(botnet hosted in United States Seattle Kwshells Internet Services)
Remote Host Port Number 74.117.174.4 22322 NICK Zcbgmzubhzg USER pqbmeyzqwu “” “oul” :pqbmeyzqwu JOIN #darkwar w4r PONG :irc.mp48net.com infos about hosting: http://whois.domaintools.com/74.117.174.4
ddddddd.drwhox.com(botnet hosted in China Harbin China Unicom Heilongjiang Province Network)
dddddd.drwhox.com 221.206.88.193 ddddddddddddddddd.idolmovies.com dd.furioshizzle.info 221.206.88.193 ddd.paintballlingco.net ddddddd.drwhox.com 221.206.88.193 Outgoing connection to remote server: dddddd.drwhox.com TCP port 5900 Outgoing connection to remote server: dddddd.drwhox.com TCP port 33333 Outgoing connection to remote server: dddddd.drwhox.com TCP port 3333 Outgoing connection to remote server: dddddd.drwhox.com TCP port 5900 PRIVMSG #d3 :Done.. PRIVMSG #d4 :Err0r.. NICK VirUs-pgnrpl USER VirUs “”Read more...
one.123back.com(botnet hosted in Lithuania Webhosting Collocation Services)
Remote Host Port Number 77.79.7.233 7000 NICK XP|tlzl0l PONG :HTTP.chat.strong.com USER laMer “” “one.123back.com” : You Think i aughty USERHOST XP|tlzl0l MODE #Chats MODE XP|tlzl0l +B MODE XP|tlzl0l +i JOIN #ksa1# kay MODE #ksa1# UPDATE: Remote Host Port Number 77.79.7.233 6667 NICK [XP-7465485] NOTICE [XP-7465485] : PING 1302439724 PRIVMSG [XP-7465485] : PING 1302439754 NICK [XP-7352845]Read more...
1sk.no-ip.info(rat user hosted in United States Western Springs Comcast Cable Communications)
1sk.no-ip.info 24.14.128.117 Outgoing connection to remote server: 1sk.no-ip.info TCP port 5000 exe file: http://0bf6bcc6.theseblogs.com infos about hosting: http://whois.domaintools.com/24.14.128.117
11mb exe samples
11mb exe samples from diferent malwares Download: http://16486133.megaline.co
75.102.22.40(botnet hosted in United States Chicago Hostforweb Inc)
Remote Host Port Number 213.251.170.52 80 75.102.22.40 1866 PASS ngrBot NICK n{US|XPa}yaqhqnb USER yaqhqnb 0 0 :yaqhqnb JOIN #!hot! ngrBot PRIVMSG #!hot! :[HTTP]: Updated HTTP spread interval to “6” PRIVMSG #!hot! :[MSN]: Updated MSN spread interval to “6” PRIVMSG #!hot! :[HTTP]: Updated HTTP spread message to “check this picture out 😛 http://apps.facebook.com/profilespage/photo.php?=340495902102” infos about hosting:Read more...