Resolved : [chaos.tano.mobi] To [72.47.197.62] Resolved : [chaos.tano.mobi] To [70.32.80.37] Clients: I have 30 clients and 0 servers Local users: Current Local Users: 30 Max: 34 Global users: Current Global Users: 190 Max: 257 70.32.80.37:6667 Nick: :toyonz Username: apicu Joined Channel: #ZiaD infos about hosting: http://whois.domaintools.com/70.32.80.3
213.155.21.112(irc botnet hosted in Ukraine Carramba – Andrej Valerevich)
Remote Host Port Number 213.155.21.112 1863 PASS ngrBot 213.251.170.52 80 217.175.246.74 80 NICK n{US|XPa}sgbezlv USER sgbezlv 0 0 :sgbezlv JOIN #main 4m3r1k4 QUIT :rebooting infos about hosting: http://whois.domaintools.com/213.155.21.112
46.243.8.215(irc botnet hosted in Cyprus C & C Advanced Online Services Ltd)
Remote Host Port Number 46.243.8.215 1337 NICK new[iRooT-XP-USA]254683 USER 0109 “” “TsGh” :0109 JOIN #slagle96 butcher1 infos about hosting: http://whois.domaintools.com/46.243.8.215
67.202.109.136(irc botnet hosted in United States Kansas City Steadfast Networks)
Remote Host Port Number 67.202.109.136 6567 PASS s1m0n3t4 70.38.98.239 80 MODE [SI|USA|00|P|83237] -ix JOIN #feb# c1rc0dusoleil PRIVMSG #feb# :[Dl]: File download: 80.0KB to: c:WINDOWSjtu.exe @ 80.0KB/sec. PRIVMSG #feb# :[Dl]: Created process: “c:WINDOWSjtu.exe”, PID: PONG Apple2.Network NICK [SI|USA|00|P|83237] USER XP-8307 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/67.202.109.136
75.102.22.40(irc botnet hosted in United States Chicago Hostforweb Inc)
Remote Host Port Number 204.0.5.51 80 216.178.38.224 80 216.178.39.11 80 66.220.146.25 80 75.102.22.40 2866 PASS xxx USER XP-3593 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|76688] -ix JOIN #!nine! test PONG 22 MOTD NICK NEW-[USA|00|P|76688] infos about hosting: http://whois.domaintools.com/75.102.22.40
213.229.107.27(irc botnet hosted in United Kingdom Canonical Range For Bs2-hp1-le)
Remote Host Port Number 213.229.107.27 2345 MODE New[USA|00|P|74295] -ix JOIN #!loco! PONG 22 MOTD PRIVMSG #!loco! :[M]: Thread Disabled. PRIVMSG #!loco! :[M]: Thread Activated: Sending Message With Email. infos about hosting: http://whois.domaintools.com/213.229.107.27
59.76.142.100(irc botnet hosted in China Lanzhou Lanzhou Resources & Envirsonment Voc-tech College)
Remote Host Port Number 195.122.131.6 80 213.251.170.52 80 59.76.142.100 4042 PASS ngrBot NICK n{US|XPa}hbxapke USER hbxapke 0 0 :hbxapke JOIN #boss ngrBot PRIVMSG #boss :[MSN]: Updated MSN spread interval to “6” PRIVMSG #boss :[MSN]: Updated MSN spread message to “wow…haha!! http://is.gd/facebook_photos_07_05_2011” JOIN #US JOIN #new infos about hosting: http://whois.domaintools.com/59.76.142.100
50.7.247.10(irc botnet hosted in United States Chicago Fdcservers.net)
Remote Host Port Number 50.7.247.10 6667 NICK NEW[XX][XP]0491010843 USER 0491 “” “TsGh” :0491 MODE NEW[XX][XP]0491010843 -d JOIN ##spam## PONG :irc.priv8net.com infos about hosting: http://whois.domaintools.com/50.7.247.10
46.4.196.255(irc botnet hosted in Germany Html Design)
Remote Host Port Number 46.4.196.255 6667 NICK [USA-9252-XP] USER 4978204 “” “lol” :4978204 JOIN #Skar3 infos about hosting: http://whois.domaintools.com/46.4.196.255
26mb malware samples
Here 26mb malware samples have fun analysing them Download: http://779a81d0.goneviral.com