DCRat botnet controller @185.146.157.136

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

DCRat botnet controller located at 185.146.157.136 on port 80 (using HTTP GET):
hXXp://185.146.157.136/providerLinepythonflowercentral.php

$ nslookup 185.146.157.136
d6war2mlcomazix3.fvds.ru

Referencing malware binaries (MD5 hash):
7ec2862219365f2f7401a770e0bfc03a — AV detection: 4 / 65 (6.15)
f67e9c9915e81bd08ebb0e2b57909677 — AV detection: 37 / 66 (56.06)

Добавить комментарий

Ваш адрес email не будет опубликован.