DCRat botnet controller @83.220.170.182

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

DCRat botnet controller located at 83.220.170.182 on port 80 (using HTTP GET):
hXXp://83.220.170.182/poolcore/loggame/record/system/prod/cutlocalframe/systemframegameframe/pluginlog/searchersystemanti/limitWarbin/scriptCambootframe/geoApiLinuxflower.php

$ nslookup 83.220.170.182
detasyt.fvds.ru

Referencing malware binaries (MD5 hash):
094530622888dbbc9f0aa7312af93208 — AV detection: 44 / 64 (68.75)
56452dc78822885d0a2512783227f1dd — AV detection: 42 / 68 (61.76)
a9a0d794210461e5555c097a68bd73ad — AV detection: 30 / 68 (44.12)

Добавить комментарий

Ваш адрес email не будет опубликован.