BitRAT botnet controller @20.124.111.166

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 20.124.111.166 on port 2223 TCP:
$ telnet 20.124.111.166 2223
Trying 20.124.111.166…
Connected to 20.124.111.166.
Escape character is ‘^]’

$ dig +short oka.nerdpol.ovh
20.124.111.166

Referencing malware samples:
MD5 1faabe7d5bb2211a7e9ec2472842c91f
MD5 2b0eee70b8aa1f50f397502b29921f8e
MD5 57bad9bb5f8dd70fa7c16d69b9fa2dcf
MD5 606091b329f83915d08f341ae647bf53
MD5 763905f1fb54d2e172dbaf8572e88302
MD5 7d6120aee7463620e345a9c5f2704d1e
MD5 8eceed42aad902706b466d07c939e94c
MD5 91ca831465f64bb7595fcb44f44a6069
MD5 ba37b903ef9c5e530622a17d0e88d1bb
MD5 dfceeea42e63fccc77af56cbaabcfa11
MD5 fd70bfd2cc0718007bff4039f1f05d6c

Добавить комментарий

Ваш адрес email не будет опубликован.