The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Malware botnet controller located at 135.181.178.93 on port 12952 TCP:
$ telnet 135.181.178.93 12952
Trying 135.181.178.93…
Connected to 135.181.178.93.
Escape character is ‘^]’
$ nslookup 135.181.178.93
135-181-178-93.serverhub.ru
Referencing malware samples (MD5 hash):
09f61b2ba8d637f736eb599816f87b0b — AV detection: 42 / 68 (61.76%)
137d5286d38aaa5cb169e90191a1afb7 — AV detection: 36 / 69 (52.17%)
5525db91a602f578de98eb9af0b767d2 — AV detection: 28 / 68 (41.18%)
5d19bb41c6033f032708488f5cd7a72d — AV detection: 47 / 68 (69.12%)
89611c7a85fb5ccd4dd7edc076bc4ee8 — AV detection: 40 / 66 (60.61%)
8ae78c8e658e64d4f01851fef63b8076 — AV detection: 23 / 61 (37.70%)
8b7b82eb83d4a6760ecf8e9398ffda64 — AV detection: 42 / 68 (61.76%)
8d5617cc370d4b5f5a128b798bd7b184 — AV detection: 45 / 65 (69.23%)
9796a68a4f2c67d5410d5bed82535bfe — AV detection: 27 / 67 (40.30%)
a6669134c388808f100c5a5ea9732e5c — AV detection: 30 / 66 (45.45%)
b7b0dbd3cf6901e59eb8827b14e14312 — AV detection: 29 / 68 (42.65%)