ArkeiStealer botnet controller @95.213.165.249

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

ArkeiStealer botnet controller located at 95.213.165.249 on port 80 (using HTTP GET):
hXXp://file-file-host4.com/tratata.php

$ dig +short file-file-host4.com
95.213.165.249

Referencing malware binaries (MD5 hash):
16a32ce5e3bde626c4fe08878a2c3682 — AV detection: 26 / 68 (38.24)
1a430b2cbf785427c87c48d29a1a8c0f — AV detection: 22 / 67 (32.84)
202bc5b030fc0306cf72d3306f433928 — AV detection: 24 / 65 (36.92)
26165302478a39d7ca70abd8e369bb05 — AV detection: 31 / 66 (46.97)
26d31ce0fc2ba0f3aee8529f67787223 — AV detection: 27 / 64 (42.19)
2b4a85d03c7b1c9ca599019200fa9e5c — AV detection: 27 / 66 (40.91)
2eaa991a2b7b5ea47800ef7e5153acdc — AV detection: 29 / 65 (44.62)
38e0f6c481c79f84af0ebd5027602461 — AV detection: 21 / 66 (31.82)
45d0a6bb2ca00643fb04bf15d4aaa2c9 — AV detection: 25 / 67 (37.31)
4843b0cede3112c04cb502eadbfd80e8 — AV detection: 21 / 65 (32.31)
4a27646088db2ffe181eb8c9721711e8 — AV detection: 34 / 68 (50.00)
514a800cb2fbff3d7ab9797b7af2bc14 — AV detection: 35 / 69 (50.72)
52ec044c9c50debd01e75b103f8199d1 — AV detection: 25 / 60 (41.67)
6d05754d8c2993ed551bfd3370e3ef36 — AV detection: 31 / 66 (46.97)
72f69507299003c9ca9638223bf1ef8f — AV detection: 24 / 67 (35.82)
8f795c01f7687bb7a220d444006b83fd — AV detection: 24 / 67 (35.82)
9864b9fac47e9f7413ad94af41d94d6a — AV detection: 24 / 66 (36.36)
a2c4c8300b203e6a0f5cf77ddb80577b — AV detection: 24 / 67 (35.82)
a94d587fe657b2b71f833c1af0c6ad66 — AV detection: 22 / 67 (32.84)
c6e5298f945f91851744f96ee16412e5 — AV detection: 32 / 68 (47.06)
c76db0c0032f058497d6e55363464cfd — AV detection: 33 / 68 (48.53)
cfccc013dbe859369df6338ac03385bb — AV detection: 24 / 66 (36.36)
d2331edf10b3c0e6a5c8fec0a1a6392e — AV detection: 23 / 67 (34.33)
eba42a51610556af306bba1f5af665dc — AV detection: 22 / 67 (32.84)
ffb7cfdccabbb77ff09bc1e4f03d1e35 — AV detection: 24 / 67 (35.82)
ffc53ea16d7e7d734131aeea8e53ae3c — AV detection: 23 / 66 (34.85)

Other malicious domain names hosted on this IP address:
host-data-coin-11.com 95.213.165.249
host-file-host-3.com 95.213.165.249
privacytoolzforyou-7000.com 95.213.165.249
file-file-host4.com 95.213.165.249

Опубликовано Автор:
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *