fasterthanhim.com(ngrBot hosted in Russian Federation Llc Komplit Plyus)

By Pig, February 9, 2012

Domains used for the botnet:
chicken1000.mooo.com 127.0.0.2 not active yet
api.wipmania.com 199.15.234.7
fasterthanhim.com 91.226.78.31 active
sad-stone.com NONE not active yet
sad-stone.com.local NONE not active yet

C&C Server: 91.226.78.31:8765
Server Password:
Username: dxvzrjf
Nickname: n{DE|XPa}dxvzrjf
Channel: #GODS (Password: secret)
Channeltopic: :~up http://www.emprender.edu.co/media/system/js/war.exe 24e3da41454dcbe517037d306c644245 ~mdns http://www.farmaciavirtual.com.co/pruebas/z.txt

sample here
and here

hosting infos:
http://whois.domaintools.com/91.226.78.31

Categories: Uncategorized

Previous post37.59.74.224(irc botnet hosted in OVH ISP Paris, France)

Next post108.163.164.154 (irc botnet hosted in Canada Verdun Iweb Technologies Inc)