Loki botnet controller @143.244.186.254

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Loki botnet controller located at 143.244.186.254 on port 80 (using HTTP POST):
hXXp://mail.asadorostiz.cf/sheng/logs/fre.php

$ dig +short mail.asadorostiz.cf
143.244.186.254

$ nslookup 143.244.186.254
mail.asadorostiz.cf

Referencing malware binaries (MD5 hash):
b0b3e12a74c7511cd044f9c2cb76ce52 — AV detection: 21 / 68 (30.88)
fae98ee44573441abd655782510364e7 — AV detection: 21 / 66 (31.82)

Добавить комментарий

Ваш адрес email не будет опубликован.