Emotet malware distribution @178.210.84.112 [compromise website]

The host at this IP address is hosting a website that have been compromised by threat actors to distribute Emotet (aka Heodo) malware. The following URL is hosting a webshell that is being accessed by the threat actors programmatically to place malware on the website:

URL: http://xn--80adimcjlj5abbup.xn--p1ai/wp-admin/css/colors/blue/JST10x.php
Host: xn--80adimcjlj5abbup.xn--p1ai
IP address: 178.210.84.112
Hostname: h698292.r01host.ru

Опубликовано
В рубрике nic.ru

Добавить комментарий

Ваш адрес email не будет опубликован.