AZORult botnet controller @172.67.141.104

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

AZORult botnet controller located at 172.67.141.104 on port 80 (using HTTP POST):
hXXp://nnpcoil.buzz/kendrick/index.php

$ dig +short nnpcoil.buzz
172.67.141.104

Referencing malware binaries (MD5 hash):
3e3151d99d8934059d42a37202e4e443 — AV detection: 20 / 68 (29.41)
8838150097445aea2194ed4c3a5b0caf — AV detection: 26 / 70 (37.14)

Other malicious domain names hosted on this IP address:
brainvectors.net 172.67.141.104
jzl.hostgatoramisulpride.site 172.67.141.104
www.ugpower.top 172.67.141.104
nnpcoil.buzz 172.67.141.104

Добавить комментарий

Ваш адрес email не будет опубликован.