Month: May 2011

Remote Host Port Number 184.22.249.48 5992 PASS none NICK [3316|USA|XP|Z3R0x] USER 3316 “” “lol” :3316 JOIN #unauthorized none UPDATE: Remote Host Port Number 184.22.249.48 888 PASS none NICK n-055786 USER pzqbzki 0 0 :n-055786 JOIN #slinky jack123 USERHOST n-055786 MODE n-055786 -x+B infos about hosting: http://whois.domaintools.com/184.22.249.48

Remote Host Port Number 213.251.170.52 80 46.166.131.252 4723 PASS ngrBot NICK n{US|XPa}uysbxut USER uysbxut 0 0 :uysbxut JOIN #ngrBot Access infos about hosting: http://whois.domaintools.com/46.166.131.252

Remote Host Port Number 64.62.181.43 80 72.20.30.22 6667 PASS Virus NICK VirUs-cmsfogxb USER VirUs “” “gdz” : 8Coded 8Ahmed.Ramzey@Hotmail.Com.. JOIN #OgarD# Virus PONG :TESTING.STUFF.HERE infos about hosting: http://whois.domaintools.com/72.20.30.22

Remote Host Port Number 184.73.170.26 80 72.22.88.171 6464 NICK {XPUSA564335} PRIVMSG #canal3 :.::[Update]::. File download: 172.0KB to: C:DOCUME~1UserNameLOCALS~1Temperaseme_01435.exe @ 172.0KB/sec. QUIT Brb, Updating to new Binary. NICK {XPUSA75801} USER COMPUTERNAME * 0 :COMPUTERNAME MODE {XPUSA75801} -ix JOIN #canal4 MODE #canal4 -ix MODE {XPUSA564335} -ix JOIN #canal3 MODE #canal3 -ix infos about hosting: http://whois.domaintools.com/72.22.88.171

Remote Host Port Number 188.165.191.17 1234 PASS xxx 204.0.5.41 80 63.135.80.224 80 63.135.80.46 80 69.171.224.11 80 MODE NEW-[USA|00|P|72247] -ix JOIN #!nw! test PONG 22 MOTD NICK NEW-[USA|00|P|72247] USER XP-0778 * 0 :COMPUTERNAME UPDATE: NICK NEW-[USA|00|P|29503] USER XP-0159 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|29503] -ix JOIN #!nn! test PONG 22 MOTD infos about hosting: http://whois.domaintools.com/188.165.191.17

Remote Host Port Number 46.17.100.229 4443 NICK N[USA|XP][kqrogxv] USER kqro “” “lol” :kqro JOIN #b0ts PONG 422 PRIVMSG #b0ts :[Download]: Succeeded using primary method [WinInet: 231 KB] * The data identified by the following URLs was then requested from the remote web server: o http://quantummechanic.cc/cp/gate_billing.php?guid=UserName!COMPUTERNAME!00CD1A40 o http://quantummechanic.cc/cp/gate.php?guid=UserName!COMPUTERNAME!00CD1A40&ver=10299&stat=ONLINE&ie=6.0.2900.2180&os=5.1.2600&ut=Admin&plg=billinghammer;ccgrabber;creditgrab;webfakes&cpu=100&ccrc=3696A42A&md5=963fc26a9538c289359b7c5bbd597838 o http://zer0day.co.cc/win32.exe infos about hosting: http://whois.domaintools.com/46.17.100.229

Remote Host Port Number 91.211.116.169 7777 PASS pissh0nk NICK [NEW][USA]59979 USER [NEW][USA]59979 [NEW][USA]59979 [NEW][USA]59979 [NEW][USA]59979 JOIN #h h4rb0ur infos about hosting: http://whois.domaintools.com/91.211.116.169

Remote Host Port Number 213.251.170.52 80 77.79.11.239 1234 PASS ngrBot NICK n{US|XPa}enjukze USER enjukze 0 0 :enjukze JOIN #!nigro! ngrBot infos about hosting: http://whois.domaintools.com/77.79.11.239

Remote Host Port Number 50.22.127.157 1812 PASS none NICK [5973|USA|XP|Z3R0x] USER 5973 “” “lol” :5973 PONG :F20D71F5 JOIN #re0x none USER :whatisthis JOIN #devbot NICK [mBot|COMPUTERNAME|75476] PONG :CC19243C infos about hosting: http://whois.domaintools.com/50.22.127.157

Resolved : [chaos.tano.mobi] To [72.47.197.62] Resolved : [chaos.tano.mobi] To [70.32.80.37] Clients: I have 30 clients and 0 servers Local users: Current Local Users: 30 Max: 34 Global users: Current Global Users: 190 Max: 257 70.32.80.37:6667 Nick: :toyonz Username: apicu Joined Channel: #ZiaD infos about hosting: http://whois.domaintools.com/70.32.80.3