ha3.ha2.ha1.us(irc botnet hosted in Canada Globotech Communications)

By Pig, July 11, 2011

IRC Botnet Host

Malware: vnc.exe
MD5: 0x962B127F456B05956DE254B0C68A767F

IP: 72.10.160.166 / Host: ha3.ha2.ha1.us

Location : CA, Canada

NICK [00|USA|XP|SP2]-4374
USER yebse 0 0 :[00|USA|XP|SP2]-4374
JOIN #vnc
USERHOST [00|USA|XP|SP2]-4374
MODE [00|USA|XP|SP2]-4374 +x

Now talking in #vnc
Topic On: [ #vnc ] [ Scanner VNC: ONline Link: http://www.fandefutebol.com.br/torcedores/vnc.exe]
Topic By: [ Nogrod ]
Modes On: [ #vnc ] [ +snt ]
([00|BRA|23|SP2]-7276) VNC[-] 201.43.51.94 authentication result:217815064
([00|BRA|23|SP2]-7276) VNC[-] 201.43.51.94 authentication result:412678924
([00|BRA|23|SP2]-6955) VNC[-] 189.41.17.40 authentication result:217841448
([00|BRA|23|SP2]-7276) VNC[-] 201.43.51.94 authentication result:217815064

credits to turnigy for infos

hosting infos:
http://whois.domaintools.com/72.10.160.166

Categories: Uncategorized

Previous postFastAntivirus2011 fake av

Next post69.147.235.198(irc botnet hosted in United States Dallas Ubiquity Server Solutions Los Angeles)