BitRAT botnet controller @51.11.247.87

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 51.11.247.87 on port 2053 TCP:
$ telnet 51.11.247.87 2053
Trying 51.11.247.87…
Connected to 51.11.247.87.
Escape character is ‘^]’

Other malicious domain names hosted on this IP address:
btctopsss.ddnsfree.com 51.11.247.87
dosiokal.kozow.com 51.11.247.87
fousteri.giize.com 51.11.247.87
hindtous.casacam.net 51.11.247.87
hojkstril.loseyourip.com 51.11.247.87
hostrila.accesscam.org 51.11.247.87 (resolved via 8.8.8.8)
houdksps.loseyourip.com 51.11.247.87
houstedm.kozow.com 51.11.247.87
houstrikqs.freeddns.org 51.11.247.87
hsteiqs.mywire.org 51.11.247.87
jadhis.camdvr.org 51.11.247.87
kosueo.theworkpc.com 51.11.247.87
lineservie.freeddns.org 51.11.247.87
packservie.giize.com 51.11.247.87
sakrolod.freeddns.org 51.11.247.87 (resolved via 8.8.8.8)
salksio.mywire.org 51.11.247.87
salyou.theworkpc.com 51.11.247.87 (resolved via 8.8.8.8)
sslnad.ooguy.com 51.11.247.87 (resolved via 8.8.8.8)
uskodd.ddnsfree.com 51.11.247.87

Referencing malware samples (MD5 hash):
0736409f32357031514b90977f73fc47 — AV detection: 41 / 72 (56.94%)
152ed00d3b518d4c76dd0d50a35ef9c2 — AV detection: 53 / 68 (77.94%)
24f550d8eb77515afeca372452a725d3 — AV detection: 27 / 69 (39.13%)
28c97d2bfc51862955bc92115be100d8 — AV detection: 25 / 71 (35.21%)
2b7916af32a5e12574e10bd4376581c7 — AV detection: 29 / 72 (40.28%)
3715ba4fb4dde3e16e6e3d84a533bb46 — AV detection: 21 / 71 (29.58%)
3e951fdf2a78045f8ca7f7be78ec9a91 — AV detection: 32 / 71 (45.07%)
3fe049463605c3077897a5566f03d56b — AV detection: 32 / 72 (44.44%)
4205566b90aca1733a336729ecc06191 — AV detection: 21 / 72 (29.17%)
4cb728bb920bdb5d763ee10b69fb607e — AV detection: 46 / 69 (66.67%)
52b16616d351549ebdc7ef92fb71bc7a — AV detection: 36 / 68 (52.94%)
5c99583030959cc7dfe337dbe4687c99 — AV detection: 46 / 72 (63.89%)
639976eb4a365755af357a93f63defec — AV detection: 30 / 72 (41.67%)
645157c895a0d072668187561c5798be — AV detection: 44 / 71 (61.97%)
650c9883080cddac5f2cee97577a37af — AV detection: 24 / 70 (34.29%)
72c5c04743116e26bd5caae63c339745 — AV detection: 32 / 72 (44.44%)
7b519494a3efb1e831eed67bae374da2 — AV detection: 14 / 71 (19.72%)
8133bf1212e097f9ad3b6ca94854da6c — AV detection: 30 / 72 (41.67%)
84be79bfc74bf932feee4f81f8863af1 — AV detection: 24 / 71 (33.80%)
92c06fa5c3de1859cf0a2cdd79043f29 — AV detection: 52 / 69 (75.36%)
9b27a8a5a7c9b6e2c5a74a01778f8af7 — AV detection: 33 / 71 (46.48%)
b327c9199758bea8a2694b8e7bc78d9f — AV detection: 49 / 71 (69.01%)
be6aa54e468d070aedf5617d58988764 — AV detection: 26 / 72 (36.11%)
c45b0af9af5307fd26f707a9bedda7fe — AV detection: 45 / 72 (62.50%)
cabcb45b791d5caebbfb5bb0839ae8cb — AV detection: 46 / 72 (63.89%)
cad669aa7255fa63bfd2bf061f2677ba — AV detection: 22 / 71 (30.99%)
f417b86a9fb83248495fd94d71e9f22f — AV detection: 39 / 72 (54.17%)
f81175ddbd2e08070cd134e15e68d928 — AV detection: 46 / 70 (65.71%)
fb379e01a106009c32a33c7e1e8d4003 — AV detection: 31 / 72 (43.06%)

Добавить комментарий

Ваш адрес email не будет опубликован.