DCRat botnet controller @62.109.17.123

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

DCRat botnet controller located at 62.109.17.123 on port 80 (using HTTP GET):
hXXp://62.109.17.123/VideoPhpPacketlongpollCdn.php

$ nslookup 62.109.17.123
d3zzm0ral.fvds.ru

Referencing malware binaries (MD5 hash):
4b47a63fa9c615d107786c8fffe6b4dd — AV detection: 37 / 61 (60.66)
9757b89f024c6524df8d833a675f767d — AV detection: 34 / 63 (53.97)
9d7172029a2e3836e1751a181afdf5b4 — AV detection: 45 / 68 (66.18)
db1c269417ac6c91b7400b30a22d1fa2 — AV detection: 33 / 66 (50.00)

Добавить комментарий

Ваш адрес email не будет опубликован.