Loki botnet controller @104.21.62.32

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Loki botnet controller located at 104.21.62.32 on port 80 (using HTTP POST):
hXXp://74f26d34ffff049368a6cff8812f86ee.gq/BN111/fre.php

$ dig +short 74f26d34ffff049368a6cff8812f86ee.gq
104.21.62.32

Referencing malware binaries (MD5 hash):
5d671adb11b9ba100b3be4ca7c45880f — AV detection: 24 / 68 (35.29)
a4226f393ccf53e3396b85316e682467 — AV detection: 30 / 69 (43.48)
c3e9c249becb24a345309463006d9d72 — AV detection: 25 / 69 (36.23)
cb37241bc90fefcc0d61becffbe4d1ce — AV detection: 20 / 67 (29.85)

Добавить комментарий

Ваш адрес email не будет опубликован.