vandersand.no-ip.biz (Insomnia ircbot hosted by United States Clarks Summit Volumedrive)

Resolved vandersand.no-ip.biz to 199.115.230.138

Server: vandersand.no-ip.biz
Port:  6654
Channel:
Channel password: frosty
* Topic for is: .up hxxps://dl.dropbox.com/u/21829907/botseller.exe 449C6FB8390C7148B075A52EBEBAB4F5
* Topic for set by lucky at Thu Sep 06 22:08:10 2012
Botnick: {IT|XP-32a}uwryxvf

While I was in the channel he downloaded a bitcoin miner
Dextermania.exe  hxxp://versx.net/x/bcm/bitcoin-miner.exe
http://pool.bitclockers.com:8332 -u Dexter -p 19930924

Hosting infos: http://whois.domaintools.com/199.115.230.138

Thanks to anonymous commentor for the file

Edit:
Good installs would buy again 100%
<Lucky> .ruskill on
<Lucky> .dl hxxps://dl.dropbox.com/u/26953589/HackForums/Servers/paelex/svchost.exe -t 100000

Categories: Uncategorized

5 Comments

Anonymous - September 9, 2012 at 5:56 pm

Here is another one i believe smoke loader http://screen-viewer.com/uploads/629490819.scvhost32.exe

Anonymous - September 9, 2012 at 10:48 pm

thats my botnet LOL

    Anonymous - September 10, 2012 at 3:14 am

    good find tho

Anonymous - September 10, 2012 at 2:56 pm

Pig - September 10, 2012 at 4:49 pm

conects here :gotoel.no-ip.biz

Comments are closed