Loki botnet controller @172.67.131.97

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Loki botnet controller located at 172.67.131.97 on port 80 (using HTTP POST):
hXXp://augmentinprod.ir/jin/five/fre.php

$ dig +short augmentinprod.ir
172.67.131.97

Referencing malware binaries (MD5 hash):
56e39caae9b7926e6298ae0625bb9385 — AV detection: 24 / 66 (36.36)
fa7e40a8f98c18f82da0c21b448423c7 — AV detection: 22 / 69 (31.88)

Other malicious domain names hosted on this IP address:
oak.tv 172.67.131.97
www.oak.tv 172.67.131.97
augmentinprod.ir 172.67.131.97

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *