Remote Host Port Number 70.107.249.167 7000 NICK SL624232320666 USER kerwvaiajtadgu 0 0 :SL624232320666 USERHOST SL624232320666 MODE SL624232320666 +i JOIN #GL .x. infos about hosting: http://whois.domaintools.com/70.107.249.167
92.241.165.156(botnet hosted in Russian Federation 2×4.ru Network)
Remote Host Port Number 174.37.200.82 80 204.0.5.35 80 216.178.39.11 80 63.135.80.224 80 69.171.224.12 80 92.241.165.156 1234 PASS xxx NICK NEW-[USA|00|P|00429] USER XP-8653 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|00429] -ix JOIN #!nn! test PONG 22 MOTD infos about hosting: http://whois.domaintools.com/92.241.165.156
94.249.188.86(botnet hosted in Germany Ghostnet Gmbh)
Remote Host Port Number 94.249.188.86 2345 NICK [USA|00|P|40787] PRIVMSG #!loco! :[M]: Thread Disabled. PRIVMSG #!loco! :[M]: Thread Activated: Sending Message With Email. USER XP-2097 * 0 :COMPUTERNAME MODE [USA|00|P|40787] -ix JOIN #!loco! PONG 22 MOTD infos about hosting: http://whois.domaintools.com/94.249.188.86
up.scorevidic.net(botnet hosted in United States Baltimore Gandi Us Inc)
* Dns resolving up.scorevidic.net – * Dns resolved up.scorevidic.net to 173.246.103.19 – * Dns resolving av.psybnc.cz – * Dns resolved av.psybnc.cz to 173.246.103.19 – * Dns resolving av.shannen.cc – * Dns resolved av.shannen.cc to 173.246.103.19 173.246.103.19 3211 173.246.103.19 4949 173.246.103.19 5900 Remote Host Port Number 173.246.103.19 4949 PASS ngrBot 194.28.44.217 80 213.251.170.52 80 216.45.58.150 80Read more...
70mb malware samples
This is big package with diferent malwares like banking trojans,irc bots,trojan downloaders in diferent languages Download: http://a5181c44.tinylinks.co
208.98.40.230(botnet hosted in United States Missoula Sharktech Internet Services)
Remote Host Port Number 208.98.40.230 3211 PASS google_cache2.tmp NICK n[DvLz-USA|XP]294793 USER 1810 “” “TsGh” :1810 PONG :9FCB5175 JOIN #DvLz DvLz# PONG :Irc.D3v1Lz.Com * Now talking in #DvLz * Topic is ‘!Msn http://www.youtubes.ca/watch.php?v=OnLhzs7d0E8 ‘ * Set by Sh on Wed Apr 13 20:50:32 infos about hosting: http://whois.domaintools.com/208.98.40.230
206.41.117.188(botnet hosted in United States Seattle Risingnet Llc)
Remote Host Port Number 206.41.117.188 3921 PASS internet_csche2.tmp NICK {NeW}-[USA|XP][618943] USER 6189 “” “TsGh” :6189 JOIN #test bz infos about hosting: http://whois.domaintools.com/206.41.117.188
KGootkit(malware hosted in Latvia Users)
Some features: Start/Install windows service: This executable starts a windows service. Services have the highest level of privilege in Windows, and are thus useful for a number of malicious purposes. Load driver: This executable loads a driver into the windows kernel. Device drivers are used by advanced malware (rootkits) to operate stealthily and escape detection.Read more...
67.159.63.23(botnet hosted in United States Woodstock Fdcservers.net)
Remote Host Port Number 67.159.63.23 6464 NICK {XPUSA900275} PONG z3k4nt.audigier.Mx USER COMPUTERNAME * 0 :COMPUTERNAME MODE {XPUSA900275} -ix JOIN #z3k4nt2 MODE #z3k4nt2 -ix UPDATE: NICK {XPUSA830783} PONG z3k4nt.audigier.Mx USER COMPUTERNAME * 0 :COMPUTERNAME MODE {XPUSA830783} -ix JOIN #z3k4nt3 MODE #z3k4nt3 -ix infos about hosting: http://whois.domaintools.com/67.159.63.23
matea.dukatlgg.com(botnet hosted in United States Staminus Communications)
* Dns resolving haso.dukatlgg.com – * Dns resolved haso.dukatlgg.com to 72.20.30.119 – * Dns resolving matea.dukatlgg.com – * Dns resolved matea.dukatlgg.com to 72.20.30.119 Dns resolved haso.dukatlgg.com to 67.159.63.63 Remote Host Port Number 213.251.170.52 80 70.38.98.234 80 70.38.98.237 80 70.38.98.238 80 72.20.30.119 8888 PASS ngrBot PRIVMSG #msn :[MSN]: Updated MSN spread message to “hahah.. your photo?Read more...