Emotet malware distribution @34.78.201.129 [compromise website]

The host at this IP address is hosting a website that have been compromised by threat actors to distribute Emotet (aka Heodo) malware. The following URL is hosting a webshell that is being accessed by the threat actors programmatically to place malware on the website:

URL: http://lezz-etci.com/xavqpgdjonsh.php
Host: lezz-etci.com
IP address: 34.78.201.129
Hostname: 129.201.78.34.bc.googleusercontent.com

Опубликовано
В рубрике google.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *