Hancitor botnet controller @77.222.42.67

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Hancitor botnet controller located at 77.222.42.67 on port 80 (using HTTP POST):
hXXp://sudepallon.com/8/forum.php

$ dig +short sudepallon.com
77.222.42.67

Referencing malware binaries (MD5 hash):
71999a9d2f15e164c9b1fa926aa6444b — AV detection: 2 / 59 (3.39)
87be3d105d5fbedf462b487b7d4befe2 — AV detection: 21 / 62 (33.87)
992338b40b38f1f55bd4a9599f70771c — AV detection: 23 / 62 (37.10)
9a3f74a7a051a03a434247593d8ed747 — AV detection: 21 / 61 (34.43)
9b59d4744ff1de8b338eeb2b85748cf2 — AV detection: 9 / 58 (15.52)
ff8dc103b0786e67e4411028bf242c3c — AV detection: 12 / 68 (17.65)

Other malicious domain names hosted on this IP address:
mancause.ru 77.222.42.67
sudepallon.com 77.222.42.67

Опубликовано
В рубрике nic.ru

Добавить комментарий

Ваш адрес email не будет опубликован.