AsyncRAT botnet controller @49.12.0.239

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 49.12.0.239 on port 3760 TCP:
$ telnet 49.12.0.239 3760
Trying 49.12.0.239…
Connected to 49.12.0.239.
Escape character is ‘^]’

$ nslookup 49.12.0.239
static.239.0.12.49.clients.your-server.de

Referencing malware samples (MD5 hash):
a96d3f557a6349100e9b84834012b384 — AV detection: 41 / 71 (57.75%)
e83d86c5a054223284e4de94215afd60 — AV detection: 47 / 70 (67.14%)

Опубликовано
В рубрике hetzner.de

Добавить комментарий

Ваш адрес email не будет опубликован.