BitRAT botnet controller @5.189.188.138

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 5.189.188.138 on port 4898 TCP:
$ telnet 5.189.188.138 4898
Trying 5.189.188.138…
Connected to 5.189.188.138.
Escape character is ‘^]’

$ nslookup 5.189.188.138
vmi536257.contaboserver.net

Other malicious domain names hosted on this IP address:
bit.banker-info.org 5.189.188.138
pure.banker-info.org 5.189.188.138

Referencing malware samples (MD5 hash):
0a3e22cb2c403e6d6a66a3b0563be179 — AV detection: 28 / 70 (40.00%)
ad31b1ae880cacf5792155c485a35c84 — AV detection: 49 / 68 (72.06%)

Опубликовано
В рубрике contabo.de

Добавить комментарий

Ваш адрес email не будет опубликован.