DCRat botnet controller @62.109.30.251

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

DCRat botnet controller located at 62.109.30.251 on port 80 (using HTTP GET):
hXXp://62.109.30.251/ImageResoulstion.php

$ nslookup 62.109.30.251
veronika.martinovas.fvds.ru

Referencing malware binaries (MD5 hash):
6762a6d9cc67654ca16ae07b54bd6467 — AV detection: 45 / 67 (67.16)
8dbe84c5fd6d6939e3f79a694ee6e81d — AV detection: 40 / 70 (57.14)
a86c769bf720961f383d3adb134c7365 — AV detection: 29 / 67 (43.28)
b9a42f557b8e8d48bd5b061f8e714af9 — AV detection: 33 / 69 (47.83)
be18e23f2bd6769ea9ecb0db0fd955a7 — AV detection: 33 / 69 (47.83)
c931e97fb8f7bb277e7a7ece50e67e68 — AV detection: 31 / 69 (44.93)

Добавить комментарий

Ваш адрес email не будет опубликован.