DCRat botnet controller @188.120.229.5

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

DCRat botnet controller located at 188.120.229.5 on port 80 (using HTTP GET):
hXXp://188.120.229.5/boot/u927/ApiDefaultdownloads.php

$ nslookup 188.120.229.5
vitalynovikov19.fvds.ru

Referencing malware binaries (MD5 hash):
7c6b9d0070775f719e6ec9ffea045175 — AV detection: 20 / 66 (30.30)
a15410a6d2cc6b4484c870f4332658f2 — AV detection: 46 / 69 (66.67)
ad7fb5d7b838109733a71813872913ee — AV detection: 35 / 63 (55.56)

Добавить комментарий

Ваш адрес email не будет опубликован.