– DNS Queries:cx10man.weedns.com IRC Data User Name: swdo85rek Host Name: * Server Name: Real Name: USA|XP|931 Password: secretpass Nick Name: P|fk3ebk807 Non RFC Conform: 1 Channel Name: #mm Password: RSA Topic Deleted: :+yOfS7/ZgRdB.6w2GQ0tQkXD1bqhV7/ipBe01hiyOt1tAGoD0bni40/nobx.1kmNSG0Vilef/jw3NQ.1MD7F.zHYt//ZSMTE/IQhIO0/do540d2vZX/C8d1J07gDr61k4Jvn1n9lNv1Sb1Au/ZZkmF.WULzq.0.Nyh1ShH1m/ Plain Communication Data Send Dump Line: Off Set: $0000 Dump: 50 41 53 53 20 73 65 63 72 65 74 70Read more...
izleindir.fileave.com
– DNS Queries:izleindir.fileave.com – HTTP Conversations:64.62.181.43:80 – [izleindir.fileave.com]Request: GET /lasted.exeResponse: 200 “OK”Download File: URL: http://izleindir.fileave.com/lasted.exe Local File: C:Windowswuasgrd.exe Successful: 1 Api-Function: URLDownloadToFileA Download File: URL: http://izleindir.fileave.com/defacer.exe Local File: C:Windowswuagrd.exe Successful: 1 Api-Function: URLDownloadToFileA Transport Protocol: TCP Remote Address: 64.62.181.43 Remote Port: 80 Protocol: HTTP Connection Established Connections Server: shockboy.no-ip.biz Port: 8080 Service: INTERNET_SERVICE_HTTP Successful: 1Read more...
cyber-gods.x0rg.com
– DNS Queries:cyber-gods.x0rg.com– IRC Conversations: 62.118.174.133:6667Nick: [USA|XP|1542375]Username: haumServer Pass: fuckyou
by1msg37791302.geteway.edge.mquickmsn.com
by1msg37791302.geteway.edge.mquickmsn.com:1863NICK [l4M3r]cforzUSER .ttcrh “” “grs” :ttcrh
irc.Wearab.net
– DNS Queries:irc.Wearab.net – IRC Conversations:64.124.159.66:6667Nick: Oz-botUsername: bot
vn3c.drshells.com
Remote Host=vn3c.drshells.comPort Number=5555 NICK [nLh-VNC]zbvlseUSER yosgo “fo4.net” “rage” :yosgoNICK [nLh-VNC]wszqbcUSER vrjqzjiv “fo0.net” “rage” :vrjqzjiv
northside.servebeer.com
* Connects to “northside.servebeer.com” on port 6667 (TCP). * Connects to IRC server. * IRC: Uses nickname USA|5055. * IRC: Uses username wfkop. * IRC: Joins channel #vnc#. * IRC: Sets the usermode for user USA|5055 to +x. [ Process/window information ] * Creates a mutex sucksucksuck. * Creates process “system32dll.exe”. [ Signature Scanning ]Read more...
cod.sohbetodasi.info
[ Changes to filesystem ] * Creates file C:WINDOWSservice.exe. * Creates file C:WINDOWSresimler.zip. * Creates file C:WINDOWSnew.txt. [ Changes to registry ] * Creates value “service”=”service.exe” in key “HKLMSoftwareMicrosoft WindowsCurrentVersionRun”. [ Network services ] * Connects to “cod.sohbetodasi.info” on port 6667 (TCP). * Connects to IRC server. * IRC: Uses nickname [N]izgmiwjh. * IRC: UsesRead more...