BitRAT botnet controller @194.163.152.240

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 194.163.152.240 on port 4898 TCP:
$ telnet 194.163.152.240 4898
Trying 194.163.152.240…
Connected to 194.163.152.240.
Escape character is ‘^]’

$ nslookup 194.163.152.240
vmi623612.contaboserver.net

$ dig +short vps.crschool.eu
194.163.152.240

Referencing malware samples (MD5 hash):
ef708b8de852fcb8255e5e8fcdf422b1 — AV detection: 46 / 67 (68.66%)

Опубликовано
В рубрике contabo.de

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *