BitRAT botnet controller @20.115.149.198

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 20.115.149.198 on port 2222 TCP:
$ telnet 20.115.149.198 2222
Trying 20.115.149.198…
Connected to 20.115.149.198.
Escape character is ‘^]’

$ dig +short sdsd.nerdpol.ovh
20.115.149.198

Referencing malware samples:
MD5 b5637df0b23ce375dd252fa78e186f6f
MD5 f5777784733a17e0b0a517f4d80df42d

Добавить комментарий

Ваш адрес email не будет опубликован.