On this page... (hide)
Introduction
This report is a summarization of all the IRC based networks that were seen by the sandbox systems in the last 24-hours.
Fields
| Field | Description |
| md5hash | MD5 has of the binary that was run |
| server_inet | IP address of the C&C the binary contacted |
| server_fqdn | Reverse DNS of the C&C IP |
| port | IRC Port used by the C&C |
| server_pass | IRC server password for the C&C |
| nick | IRC NICK used by the binary |
| user | IRC User string used |
| channel | Channel joined by the binary |
| channel_pass | Channel password used to gain access |
| ctcp_version | IRC VERSION reply for the binary |
| user_mode | IRC User mode used by the binary |
Sample
"md5hash","server_inet","server_fqdn","port","server_pass","nick","user","channel","channel_pass","ctcp_version","user_mode" "005add54f87fb87ea5f668803da1cf67","115.126.2.121","proxim.ircgalaxy.pl",80,"","qvdtrwbl","g020501 . . :\\%4c516f62f Service Pack 2","&virtu","","","" "008cda9bdb7d84f363e3199e92582981","115.126.2.121","proxim.ircgalaxy.pl",80,"","vjigpzqo","q020501 . . :\\%4c516f62f Service Pack 2","&virtu","","","" "00c6be476ad82b45f0da1438ff735655","115.126.2.121","proxim.ircgalaxy.pl",80,"","tutucord","u020501 . . :\\%4c516f62f Service Pack 2","&virtu","","","" "01f5ef1b84bf97af79d010a1032b0d38","115.126.2.121","proxim.ircgalaxy.pl",65520,"","weyoivmj","v020501 . . :-Service Pack 2","&virtu","","","" "02c950fe456da41655dd354f1259c49c","115.126.2.121","proxim.ircgalaxy.pl",80,"","hsvjzgch","b020501 . . :\\%4c516f62f Service Pack 2","&virtu","","","" "04976a86712007dc5b45422d15edfe54","115.126.2.121","proxim.ircgalaxy.pl",80,"","ptalsief","h020501 . . :\\%4c516f62f Service Pack 2","&virtu","","","" "049907386d4a807a4793f0fa4ceef9e4","115.126.2.121","proxim.ircgalaxy.pl",80,"","lmuyfksk","y020501 . . :\\%4c516f62f Service Pack 2","&virtu","","","" "06e477a7323db1b8ce6181caae2930a2","72.10.172.218","",8492,"","cPmkMRxM","zdazfv zdazfv zdazfv :cyonbexvsmutdedj","##russia##","","","" "06e77655c447b097cd9ff31daf90b0c0","115.126.2.121","proxim.ircgalaxy.pl",80,"","zlyfyhed","h020501 . . :\\%4c516f62f Service Pack 2","&virtu","","","" "074ceb7e626a43ab8337ba812173304f","85.197.99.217","",21,"","USA|00|XP|SP2|2640625","jevltop 0 0 :USA|00|XP|SP2|2640625","#coon","","","" "07645465a68e9a95114e132240736a0b","115.126.2.121","proxim.ircgalaxy.pl",65520,"","denfuxkm","w020501 . . :-Service Pack 2","&virtu","","","" "07a57893b13b3392d0c74d42bdf817fd","115.126.2.121","proxim.ircgalaxy.pl",80,"","csbjowlw","p020501 . . :\\%4c516f62f Service Pack 2","&virtu","","",""
<< | Reports | >>
