109.68.191.160(ngrBot hosted in Russian Federation Moscow Jsc Tel Company)

Remote Host Port Number
109.68.191.160 1863 PRIVMSG #IrcPeru :[DNS]: Blocked 0 domain(s) – Redirected 40 domain(s)
NICK n{US|XPa}civmqel
USER civmqel 0 0 :civmqel
JOIN #IrcPeru PeruRulz!!
JOIN #US
PRIVMSG #IrcPeru :[d=”http://magicforkidsparty.com/images/Thumbs.db.exe” s=”159744 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataQcxaxq.exe” – Download retries: 0

174.120.234.158 80

199.15.234.7 80

200.63.96.41 80

PRIVMSG #IrcPeru :[DNS]: Blocked 0 domain(s) – Redirected 40 domain(s)
NICK n{US|XPa}civmqel
USER civmqel 0 0 :civmqel
JOIN #IrcPeru PeruRulz!!
JOIN #US

The data identified by the following URLs was then requested from the remote web server:
http://magicforkidsparty.com/images/Thumbs.db.exe
http://api.wipmania.com/
http://www.kartingchile.cl/doc/thumbs.txt

hosting infos:
http://whois.domaintools.com/109.68.191.160
PRIVMSG #IrcPeru :[d=”http://magicforkidsparty.com/images/Thumbs.db.exe” s=”159744 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataQcxaxq.exe” – Download retries: 0

Categories: Uncategorized