AgentTesla botnet controller @

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at on port 587 TCP:


$ telnet 587
Connected to
Escape character is ‘^]’

$ nslookup

$ dig +short

Referencing malware samples:
MD5 21d2b5ac316311408c63dc5f02016946
MD5 7732564e8d30e508118b79277112d302
MD5 7a22fb09fb04817ec5fee3beb3ed43b9
MD5 a4f2226e6508e4313a6423c27feed174
MD5 d20b3883bcd797c7965198a8f3ef3399
MD5 dd0c3c8cfdfb1b8f421d21bf3e964719
MD5 e3e2c50f13fdc70a6533dee6ea1a635d
MD5 e8ca5cab79d6aabe98b6757519d32313
MD5 f3a041bea9312320ae941df96a62f0fe

В рубрике

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *