Loki botnet controller @139.59.179.53

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Loki botnet controller located at 139.59.179.53 on port 80 (using HTTP POST):
hXXp://candinavia.ga/teejay/logs/fre.php

$ dig +short candinavia.ga
139.59.179.53

$ nslookup 139.59.179.53
qontracshipping.ga

Referencing malware binaries (MD5 hash):
7f02008499af4b6e14d9ed7a58d0fbb1 — AV detection: 24 / 69 (34.78)
f20e83d78ce940a7c1d83086afdde43b — AV detection: 26 / 65 (40.00)

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *