Emotet malware distribution @5.101.180.182 [compromise website]

The host at this IP address is hosting a website that have been compromised by threat actors to distribute Emotet (aka Heodo) malware. The following URL is hosting a webshell that is being accessed by the threat actors programmatically to place malware on the website:

URL: http://victory-spb.ru/wp-content/plugins/google-sitemap-generator/img/JST10x.php
Host: victory-spb.ru
IP address: 5.101.180.182
Hostname: s7277bff9.fastvps-server.com

Опубликовано
В рубрике fastvps.ee

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *