Loki botnet controller @172.67.173.58

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Loki botnet controller located at 172.67.173.58 on port 80 (using HTTP POST):
hXXp://arku.xyz/tkrr/T1/w2/fre.php

$ dig +short arku.xyz
172.67.173.58

Referencing malware binaries (MD5 hash):
309f8344bd9cf0ed107c24dacd6e79c9 — AV detection: 24 / 68 (35.29)
8b5a980696f65c6fa9b46905f113a20e — AV detection: 22 / 68 (32.35)
9caec8ab93a2993f446357fb5962ae95 — AV detection: 44 / 68 (64.71)
f2588d2befc06fe6fb8f81025d007835 — AV detection: 30 / 69 (43.48)

Other malicious domain names hosted on this IP address:
hnzwz.net 172.67.173.58
mytracking.pl 172.67.173.58
arku.xyz 172.67.173.58
authenticindiansonline.com 172.67.173.58

Добавить комментарий

Ваш адрес email не будет опубликован.