Loki botnet controller @104.21.67.244

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Loki botnet controller located at 104.21.67.244 on port 80 (using HTTP POST):
hXXp://hdmibonquet.ir/five/fre.php

$ dig +short hdmibonquet.ir
104.21.67.244

Referencing malware binaries (MD5 hash):
47a0e4fec99c3018e70abdf75c4e210f — AV detection: 26 / 68 (38.24)
f1a00a5cee1d447a64a26695ad573243 — AV detection: 25 / 65 (38.46)

Other malicious domain names hosted on this IP address:
www.oglobo-saude.com 104.21.67.244
idoc.pub 104.21.67.244
hdmibonquet.ir 104.21.67.244

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *